summaryrefslogtreecommitdiff
path: root/test/results/default/skinny.pcap.out
diff options
context:
space:
mode:
Diffstat (limited to 'test/results/default/skinny.pcap.out')
-rw-r--r--test/results/default/skinny.pcap.out16
1 files changed, 8 insertions, 8 deletions
diff --git a/test/results/default/skinny.pcap.out b/test/results/default/skinny.pcap.out
index 418167edb..26a3e0732 100644
--- a/test/results/default/skinny.pcap.out
+++ b/test/results/default/skinny.pcap.out
@@ -14,7 +14,7 @@
00531{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":8,"source":"cfgs\/default\/pcap\/skinny.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":4,"flow_src_last_pkt_time":1317801130506205,"flow_dst_last_pkt_time":1317801130506837,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":20,"thread_ts_usec":1317801130506837,"pkt":"ABTy5fxCAB1FDGVjCABFYAAoE9oAAEAGYQbAqMMywKjBDMlMB9Ah3iXriXIOhVAQH6DZxgAAAAAAAAAA"}
00810{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":9,"source":"cfgs\/default\/pcap\/skinny.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":5,"flow_src_last_pkt_time":1317801130506891,"flow_dst_last_pkt_time":1317801130506837,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":266,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":266,"pkt_l4_len":232,"thread_ts_usec":1317801130506891,"pkt":"AB1FDGVjABTy5fxCCABFYAD85ZdAAD8GT3TAqMEMwKjDMgfQyUyJcg6FId4l61AYLGr3yQAAFAAAABQAAABEAQAACgAAAAUAAACAFzMyMQAAAHwAAAAUAAAASgEAAAEAAABLNi4BAQAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAMzIxADMyMQAzMDcAMzA3ADMwNwAAAAAAUklYIE1lZXRpbmcgUm9vbQBFcnZpbnMgR2FpbGlzcwBFcnZpbnMgR2FpbGlzcwBFcnZpbnMgR2FpbGlzcwAAABAAAAAUAAAAhgAAAAkAAAABAAAABQAAABQAAAAUAAAAhQAAAAIAAAABAAAAAQAAAEs2LgE="}
00532{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":10,"source":"cfgs\/default\/pcap\/skinny.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":5,"flow_src_last_pkt_time":1317801130507261,"flow_dst_last_pkt_time":1317801130503542,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":20,"thread_ts_usec":1317801130507261,"pkt":"ABTy5fxCAB56JnR1CABFYAAoE3cAAEAGYWHAqMM6wKjBDMD3B9A1u8tTp8yxxFAQIABm1AAAAAAAAAAA"}
-02295{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":60,"source":"cfgs\/default\/pcap\/skinny.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":13,"flow_dst_packets_processed":19,"flow_first_seen":1317801130501299,"flow_src_last_pkt_time":1317801134312976,"flow_dst_last_pkt_time":1317801134286303,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":52,"flow_dst_max_l4_payload_len":324,"flow_src_tot_l4_payload_len":248,"flow_dst_tot_l4_payload_len":1620,"midstream":1,"thread_ts_usec":1317801134312976,"l3_proto":"ip4","src_ip":"192.168.195.58","dst_ip":"192.168.193.12","src_port":49399,"dst_port":2000,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":14,"avg":245054.2,"max":3609828,"stddev":877176.1,"var":769437794304.0,"ent":1.5,"data": [2211,18,14,5962,3780,258,15,49,20014,19685,10391,48806,3559643,16,82,3609828,11683,20052,16478,36490,7020,23440,32822,19981,11660,17,20000,11522,27273,50735,26736]},"pktlen": {"min":46,"avg":100.2,"max":364,"stddev":74.3,"var":5521.7,"ent":4.7,"data": [64,68,56,64,46,364,68,76,68,46,200,60,46,64,180,76,46,252,46,88,46,184,46,184,46,184,172,46,92,92,46,92]},"bins": {"c_to_s": [9,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [9,2,0,0,5,1,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"directions": [0,1,1,1,0,1,1,1,1,0,1,0,1,1,1,1,0,1,0,0,1,1,0,1,0,1,1,0,0,0,1,0],"entropies": [3.922401428,4.000817776,4.543873787,4.299025536,4.398030758,3.738415241,4.369860649,4.173765659,4.555430412,4.446094513,4.498068333,4.266249657,4.654558659,4.450102329,2.632452726,4.180215836,4.398030758,4.264904022,4.549461365,3.957430601,4.654558659,2.670037031,4.549461365,2.689654589,4.478915215,2.567897081,4.683412552,4.398031235,4.043387413,3.999909163,4.567602158,4.021648407]},"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"CiscoSkinny","proto_id":"164","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP"}}
+02170{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":60,"source":"cfgs\/default\/pcap\/skinny.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":13,"flow_dst_packets_processed":19,"flow_first_seen":1317801130501299,"flow_src_last_pkt_time":1317801134312976,"flow_dst_last_pkt_time":1317801134286303,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":52,"flow_dst_max_l4_payload_len":324,"flow_src_tot_l4_payload_len":248,"flow_dst_tot_l4_payload_len":1620,"midstream":1,"thread_ts_usec":1317801134312976,"l3_proto":"ip4","src_ip":"192.168.195.58","dst_ip":"192.168.193.12","src_port":49399,"dst_port":2000,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":14,"avg":245054.2,"max":3609828,"stddev":877176.1,"var":769437794304.0,"ent":1.5,"data": [2211,18,14,5962,3780,258,15,49,20014,19685,10391,48806,3559643,16,82,3609828,11683,20052,16478,36490,7020,23440,32822,19981,11660,17,20000,11522,27273,50735,26736]},"pktlen": {"min":46,"avg":100.2,"max":364,"stddev":74.3,"var":5521.7,"ent":4.7,"data": [64,68,56,64,46,364,68,76,68,46,200,60,46,64,180,76,46,252,46,88,46,184,46,184,46,184,172,46,92,92,46,92]},"bins": {"c_to_s": [9,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [9,2,0,0,5,1,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"directions": [0,1,1,1,0,1,1,1,1,0,1,0,1,1,1,1,0,1,0,0,1,1,0,1,0,1,1,0,0,0,1,0],"entropies": [3.922401428,4.000817776,4.543873787,4.299025536,4.398030758,3.738415241,4.369860649,4.173765659,4.555430412,4.446094513,4.498068333,4.266249657,4.654558659,4.450102329,2.632452726,4.180215836,4.398030758,4.264904022,4.549461365,3.957430601,4.654558659,2.670037031,4.549461365,2.689654589,4.478915215,2.567897081,4.683412552,4.398031235,4.043387413,3.999909163,4.567602158,4.021648407]},"ndpi": {"confidence": {"6":"DPI"},"proto":"CiscoSkinny","proto_id":"164","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP"}}
00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":61,"source":"cfgs\/default\/pcap\/skinny.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1317801134322539,"flow_src_last_pkt_time":1317801134322539,"flow_dst_last_pkt_time":1317801134322539,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":172,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":172,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":172,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1317801134322539,"l3_proto":"ip4","src_ip":"192.168.195.58","dst_ip":"192.168.193.24","src_port":32150,"dst_port":9395,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
00813{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":61,"source":"cfgs\/default\/pcap\/skinny.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":1,"flow_src_last_pkt_time":1317801134322539,"flow_dst_last_pkt_time":1317801134322539,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":214,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":214,"pkt_l4_len":180,"thread_ts_usec":1317801134322539,"pkt":"ABTy5fxCAB56JnR1CABFuADIE4MAAEARYEbAqMM6wKjBGH2WJLMAtK8pgIAFmwAC4MD2v1fi\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/39+\/v18ffz+\/f9+\/n17eXh6e357fv1+\/v59\/fx9fX16e379+vv7+359fnv\/\/X3+\/35\/e3v+\/H7\/fnv+fXz9\/v7+fX18fHx7fHt+f3\/\/fv3+f\/7+\/v79\/\/5\/eXt8fX9+f\/\/\/\/39+f3x5e3x6eX1+fv5+f\/78\/P78\/nz+fn5+fA=="}
00783{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":62,"source":"cfgs\/default\/pcap\/skinny.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1317801134322976,"flow_src_last_pkt_time":1317801134322976,"flow_dst_last_pkt_time":1317801134322976,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":172,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":172,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":172,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1317801134322976,"l3_proto":"ip4","src_ip":"192.168.195.58","dst_ip":"192.168.195.50","src_port":32144,"dst_port":17718,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
@@ -59,20 +59,20 @@
00542{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2643,"source":"cfgs\/default\/pcap\/skinny.pcap","alias":"nDPId-test","flow_id":8,"flow_packet_id":1,"flow_src_last_pkt_time":1317801140764515,"flow_dst_last_pkt_time":1317801140764515,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1317801140764515,"pkt":"ABTy5fxCAB56JnR1CABFYAA0F0wAAEAG0wzAqMM6ChACGcblB9CCZg4uo3beQVAYIAAasgAABAAAAAAAAAAAAAAA"}
01057{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2643,"source":"cfgs\/default\/pcap\/skinny.pcap","alias":"nDPId-test","flow_id":8,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1317801140764515,"flow_src_last_pkt_time":1317801140764515,"flow_dst_last_pkt_time":1317801140764515,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":12,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":12,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":12,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1317801140764515,"l3_proto":"ip4","src_ip":"192.168.195.58","dst_ip":"10.16.2.25","src_port":50917,"dst_port":2000,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"CiscoSkinny","proto_id":"164","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP"}}
00534{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2664,"source":"cfgs\/default\/pcap\/skinny.pcap","alias":"nDPId-test","flow_id":8,"flow_packet_id":2,"flow_src_last_pkt_time":1317801140764515,"flow_dst_last_pkt_time":1317801140821803,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":20,"thread_ts_usec":1317801140821803,"pkt":"AB56JnR1ABTy5fxCCABFYAAod8dAADwGNp0KEAIZwKjDOgfQxuWjdt5BgmYOOlAQFtAn6gAAAAAAAAAA"}
-02307{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":2918,"source":"cfgs\/default\/pcap\/skinny.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":18,"flow_dst_packets_processed":14,"flow_first_seen":1317801130506133,"flow_src_last_pkt_time":1317801141425306,"flow_dst_last_pkt_time":1317801141427620,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":492,"flow_dst_max_l4_payload_len":52,"flow_src_tot_l4_payload_len":1512,"flow_dst_tot_l4_payload_len":244,"midstream":1,"thread_ts_usec":1317801141427620,"l3_proto":"ip4","src_ip":"192.168.193.12","dst_ip":"192.168.195.50","src_port":2000,"dst_port":51532,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":15,"avg":704537.4,"max":7045910,"stddev":1877203.8,"var":3523893788672.0,"ent":2.2,"data": [15,57,704,686,19914,3582983,19282,3622236,2065,19,22,17967,15924,20052,36329,2146,19966,30884,40036,6899,19067,13061,64116,28324,103909,42273,80357,6999604,16,5837,7045910]},"pktlen": {"min":46,"avg":96.9,"max":532,"stddev":93.8,"var":8793.0,"ent":4.6,"data": [76,68,72,46,252,46,60,60,46,68,56,64,46,532,46,184,184,46,184,46,88,172,46,92,92,46,92,46,68,68,64,46]},"bins": {"c_to_s": [10,2,0,0,4,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [10,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"directions": [0,0,0,1,0,1,1,1,0,0,0,0,1,0,1,0,0,1,0,1,1,0,1,1,1,0,1,0,0,0,0,1],"entropies": [4.173766136,4.678438187,4.574613094,4.565872192,4.279353142,4.501398087,4.236247540,4.455914497,4.565872669,4.052432537,4.485925674,4.342070580,4.370963097,3.259213448,4.414441586,2.680906296,2.637759447,4.414441109,2.672017574,4.419027328,3.803910494,4.757339001,4.522394180,3.983498335,3.940019846,4.627491474,4.013442516,4.584012985,4.549689770,4.584219933,4.418852329,4.565872192]},"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"CiscoSkinny","proto_id":"164","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP"}}
+02182{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":2918,"source":"cfgs\/default\/pcap\/skinny.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":18,"flow_dst_packets_processed":14,"flow_first_seen":1317801130506133,"flow_src_last_pkt_time":1317801141425306,"flow_dst_last_pkt_time":1317801141427620,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":492,"flow_dst_max_l4_payload_len":52,"flow_src_tot_l4_payload_len":1512,"flow_dst_tot_l4_payload_len":244,"midstream":1,"thread_ts_usec":1317801141427620,"l3_proto":"ip4","src_ip":"192.168.193.12","dst_ip":"192.168.195.50","src_port":2000,"dst_port":51532,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":15,"avg":704537.4,"max":7045910,"stddev":1877203.8,"var":3523893788672.0,"ent":2.2,"data": [15,57,704,686,19914,3582983,19282,3622236,2065,19,22,17967,15924,20052,36329,2146,19966,30884,40036,6899,19067,13061,64116,28324,103909,42273,80357,6999604,16,5837,7045910]},"pktlen": {"min":46,"avg":96.9,"max":532,"stddev":93.8,"var":8793.0,"ent":4.6,"data": [76,68,72,46,252,46,60,60,46,68,56,64,46,532,46,184,184,46,184,46,88,172,46,92,92,46,92,46,68,68,64,46]},"bins": {"c_to_s": [10,2,0,0,4,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [10,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"directions": [0,0,0,1,0,1,1,1,0,0,0,0,1,0,1,0,0,1,0,1,1,0,1,1,1,0,1,0,0,0,0,1],"entropies": [4.173766136,4.678438187,4.574613094,4.565872192,4.279353142,4.501398087,4.236247540,4.455914497,4.565872669,4.052432537,4.485925674,4.342070580,4.370963097,3.259213448,4.414441586,2.680906296,2.637759447,4.414441109,2.672017574,4.419027328,3.803910494,4.757339001,4.522394180,3.983498335,3.940019846,4.627491474,4.013442516,4.584012985,4.549689770,4.584219933,4.418852329,4.565872192]},"ndpi": {"confidence": {"6":"DPI"},"proto":"CiscoSkinny","proto_id":"164","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP"}}
00749{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2941,"source":"cfgs\/default\/pcap\/skinny.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1317801141463821,"flow_src_last_pkt_time":1317801141463821,"flow_dst_last_pkt_time":1317801141463821,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":36,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1317801141463821,"l3_proto":"ip4","src_ip":"192.168.195.50","dst_ip":"192.168.195.58","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":5}
00549{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2941,"source":"cfgs\/default\/pcap\/skinny.pcap","alias":"nDPId-test","flow_id":9,"flow_packet_id":1,"flow_src_last_pkt_time":1317801141463821,"flow_dst_last_pkt_time":1317801141463821,"flow_idle_time":140000000,"pkt_datalink":1,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":1317801141463821,"pkt":"AB56JnR1AB1FDGVjCABFAAA4GBEAAEABWvbAqMMywKjDOgMDmwIAAAAARbgAyBe5AABAEVn2wKjDOsCowzJ9kEU2ALSefw=="}
01042{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2941,"source":"cfgs\/default\/pcap\/skinny.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1317801141463821,"flow_src_last_pkt_time":1317801141463821,"flow_dst_last_pkt_time":1317801141463821,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":36,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1317801141463821,"l3_proto":"ip4","src_ip":"192.168.195.50","dst_ip":"192.168.195.58","l4_proto":"icmp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","entropy":4.235927}}
00549{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2942,"source":"cfgs\/default\/pcap\/skinny.pcap","alias":"nDPId-test","flow_id":9,"flow_packet_id":2,"flow_src_last_pkt_time":1317801141463831,"flow_dst_last_pkt_time":1317801141463821,"flow_idle_time":140000000,"pkt_datalink":1,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":1317801141463831,"pkt":"AB56JnR1AB1FDGVjCABFAAA4GBEAAEABWvbAqMMywKjDOgMDmwIAAAAARbgAyBe5AABAEVn2wKjDOsCowzJ9kEU2ALSefw=="}
-01062{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2975,"source":"cfgs\/default\/pcap\/skinny.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1317801141463821,"flow_src_last_pkt_time":1317801141463831,"flow_dst_last_pkt_time":1317801141463821,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1317801153428371,"l3_proto":"ip4","src_ip":"192.168.195.50","dst_ip":"192.168.195.58","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
-01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2975,"source":"cfgs\/default\/pcap\/skinny.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":20,"flow_dst_packets_processed":28,"flow_first_seen":1317801130501299,"flow_src_last_pkt_time":1317801141586923,"flow_dst_last_pkt_time":1317801141627270,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":188,"flow_dst_max_l4_payload_len":324,"flow_src_tot_l4_payload_len":488,"flow_dst_tot_l4_payload_len":2016,"midstream":1,"thread_ts_usec":1317801153428371,"l3_proto":"ip4","src_ip":"192.168.195.58","dst_ip":"192.168.193.12","src_port":49399,"dst_port":2000,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"CiscoSkinny","proto_id":"164","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP"}}
-01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2975,"source":"cfgs\/default\/pcap\/skinny.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":24,"flow_dst_packets_processed":20,"flow_first_seen":1317801130506133,"flow_src_last_pkt_time":1317801153423288,"flow_dst_last_pkt_time":1317801153428371,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":492,"flow_dst_max_l4_payload_len":188,"flow_src_tot_l4_payload_len":1828,"flow_dst_tot_l4_payload_len":484,"midstream":1,"thread_ts_usec":1317801153428371,"l3_proto":"ip4","src_ip":"192.168.193.12","dst_ip":"192.168.195.50","src_port":2000,"dst_port":51532,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"CiscoSkinny","proto_id":"164","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP"}}
+00937{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2975,"source":"cfgs\/default\/pcap\/skinny.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1317801141463821,"flow_src_last_pkt_time":1317801141463831,"flow_dst_last_pkt_time":1317801141463821,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1317801153428371,"l3_proto":"ip4","src_ip":"192.168.195.50","dst_ip":"192.168.195.58","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
+00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2975,"source":"cfgs\/default\/pcap\/skinny.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":20,"flow_dst_packets_processed":28,"flow_first_seen":1317801130501299,"flow_src_last_pkt_time":1317801141586923,"flow_dst_last_pkt_time":1317801141627270,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":188,"flow_dst_max_l4_payload_len":324,"flow_src_tot_l4_payload_len":488,"flow_dst_tot_l4_payload_len":2016,"midstream":1,"thread_ts_usec":1317801153428371,"l3_proto":"ip4","src_ip":"192.168.195.58","dst_ip":"192.168.193.12","src_port":49399,"dst_port":2000,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"CiscoSkinny","proto_id":"164","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP"}}
+00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2975,"source":"cfgs\/default\/pcap\/skinny.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":24,"flow_dst_packets_processed":20,"flow_first_seen":1317801130506133,"flow_src_last_pkt_time":1317801153423288,"flow_dst_last_pkt_time":1317801153428371,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":492,"flow_dst_max_l4_payload_len":188,"flow_src_tot_l4_payload_len":1828,"flow_dst_tot_l4_payload_len":484,"midstream":1,"thread_ts_usec":1317801153428371,"l3_proto":"ip4","src_ip":"192.168.193.12","dst_ip":"192.168.195.50","src_port":2000,"dst_port":51532,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"CiscoSkinny","proto_id":"164","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP"}}
00972{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2975,"source":"cfgs\/default\/pcap\/skinny.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"finished","flow_src_packets_processed":355,"flow_dst_packets_processed":0,"flow_first_seen":1317801134348136,"flow_src_last_pkt_time":1317801141428577,"flow_dst_last_pkt_time":1317801134348136,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":172,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":172,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":61060,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1317801153428371,"l3_proto":"ip4","src_ip":"192.168.195.50","dst_ip":"192.168.193.24","src_port":17726,"dst_port":9399,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"RTP","proto_id":"87","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":1,"category":"Media"}}
00972{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2975,"source":"cfgs\/default\/pcap\/skinny.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"finished","flow_src_packets_processed":353,"flow_dst_packets_processed":0,"flow_first_seen":1317801134383882,"flow_src_last_pkt_time":1317801141423870,"flow_dst_last_pkt_time":1317801134383882,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":172,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":172,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":60716,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1317801153428371,"l3_proto":"ip4","src_ip":"192.168.195.50","dst_ip":"192.168.193.24","src_port":17732,"dst_port":9400,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"RTP","proto_id":"87","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":1,"category":"Media"}}
00972{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2975,"source":"cfgs\/default\/pcap\/skinny.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":365,"flow_dst_packets_processed":0,"flow_first_seen":1317801134322539,"flow_src_last_pkt_time":1317801141602420,"flow_dst_last_pkt_time":1317801134322539,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":172,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":172,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":62780,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1317801153428371,"l3_proto":"ip4","src_ip":"192.168.195.58","dst_ip":"192.168.193.24","src_port":32150,"dst_port":9395,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"RTP","proto_id":"87","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":1,"category":"Media"}}
00972{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2975,"source":"cfgs\/default\/pcap\/skinny.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"finished","flow_src_packets_processed":356,"flow_dst_packets_processed":0,"flow_first_seen":1317801134349579,"flow_src_last_pkt_time":1317801141449056,"flow_dst_last_pkt_time":1317801134349579,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":172,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":172,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":61232,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1317801153428371,"l3_proto":"ip4","src_ip":"192.168.195.58","dst_ip":"192.168.193.24","src_port":32152,"dst_port":9396,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"RTP","proto_id":"87","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":1,"category":"Media"}}
00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2975,"source":"cfgs\/default\/pcap\/skinny.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":730,"flow_dst_packets_processed":712,"flow_first_seen":1317801134322976,"flow_src_last_pkt_time":1317801141602841,"flow_dst_last_pkt_time":1317801141448192,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":172,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":172,"flow_dst_max_l4_payload_len":172,"flow_src_tot_l4_payload_len":125560,"flow_dst_tot_l4_payload_len":122464,"midstream":0,"thread_ts_usec":1317801153428371,"l3_proto":"ip4","src_ip":"192.168.195.58","dst_ip":"192.168.195.50","src_port":32144,"dst_port":17718,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"RTP","proto_id":"87","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":1,"category":"Media"}}
-01096{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2975,"source":"cfgs\/default\/pcap\/skinny.pcap","alias":"nDPId-test","flow_id":8,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1317801140764515,"flow_src_last_pkt_time":1317801140764515,"flow_dst_last_pkt_time":1317801140821803,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":12,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":12,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":12,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1317801153428371,"l3_proto":"ip4","src_ip":"192.168.195.58","dst_ip":"10.16.2.25","src_port":50917,"dst_port":2000,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"CiscoSkinny","proto_id":"164","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP"}}
+00971{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2975,"source":"cfgs\/default\/pcap\/skinny.pcap","alias":"nDPId-test","flow_id":8,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1317801140764515,"flow_src_last_pkt_time":1317801140764515,"flow_dst_last_pkt_time":1317801140821803,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":12,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":12,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":12,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1317801153428371,"l3_proto":"ip4","src_ip":"192.168.195.58","dst_ip":"10.16.2.25","src_port":50917,"dst_port":2000,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"CiscoSkinny","proto_id":"164","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP"}}
00642{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":2975,"source":"cfgs\/default\/pcap\/skinny.pcap","alias":"nDPId-test","version":"1.5.0","ndpi_version":"4.9.0-4361-0db12b13","packets-captured":2975,"packets-processed":2967,"total-skipped-flows":0,"total-l4-payload-len":498712,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":9,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":9,"total-idle-flows":9,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":76,"global_ts_usec":1317801153428371}
~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~
~~ packets captured/processed: 2975/2967
@@ -87,5 +87,5 @@
~~ total allocations/frees...: 219680/219680
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ json string min len.......: 536 chars
-~~ json string max len.......: 2312 chars
-~~ json string avg len.......: 1423 chars
+~~ json string max len.......: 2199 chars
+~~ json string avg len.......: 1366 chars
Powered by cgit, Themed by Ted Yin.