diff options
Diffstat (limited to 'test/results/default/skype.pcap.out')
| -rw-r--r-- | test/results/default/skype.pcap.out | 112 |
1 files changed, 56 insertions, 56 deletions
diff --git a/test/results/default/skype.pcap.out b/test/results/default/skype.pcap.out index 30db7fd95..0862e8111 100644 --- a/test/results/default/skype.pcap.out +++ b/test/results/default/skype.pcap.out @@ -1679,7 +1679,7 @@ 00563{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3221,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":291,"flow_packet_id":1,"flow_src_last_pkt_time":1431969791166147,"flow_dst_last_pkt_time":1431969791166147,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":78,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":78,"pkt_l4_len":44,"thread_ts_usec":1431969791166147,"pkt":"0NQSxnP1PBXCt3IOCABFAABA8JJAAEAGte\/AqAEinTg1M8PhMD4fbaHhAAAAALAC\/\/\/hugAAAgQFtAEDAwUBAQgKPiTNeQAAAAAEAgAA"} 00926{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":3224,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":19,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431969643944313,"flow_src_last_pkt_time":1431969668477830,"flow_dst_last_pkt_time":1431969668477732,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":79,"flow_src_tot_l4_payload_len":234,"flow_dst_tot_l4_payload_len":79,"midstream":0,"thread_ts_usec":1431969791465674,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"65.55.223.33","src_port":50030,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}} 00780{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3224,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":19,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431969643944313,"flow_src_last_pkt_time":1431969668477830,"flow_dst_last_pkt_time":1431969668477732,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":79,"flow_src_tot_l4_payload_len":234,"flow_dst_tot_l4_payload_len":79,"midstream":0,"thread_ts_usec":1431969791465674,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"65.55.223.33","src_port":50030,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00870{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3224,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969642336869,"flow_src_last_pkt_time":1431969661480928,"flow_dst_last_pkt_time":1431969661480832,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":57,"flow_dst_max_l4_payload_len":98,"flow_src_tot_l4_payload_len":113,"flow_dst_tot_l4_payload_len":127,"midstream":0,"thread_ts_usec":1431969791465674,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"65.55.223.33","src_port":50026,"dst_port":40002,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00997{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3224,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969642336869,"flow_src_last_pkt_time":1431969661480928,"flow_dst_last_pkt_time":1431969661480832,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":57,"flow_dst_max_l4_payload_len":98,"flow_src_tot_l4_payload_len":113,"flow_dst_tot_l4_payload_len":127,"midstream":0,"thread_ts_usec":1431969791465674,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"65.55.223.33","src_port":50026,"dst_port":40002,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00782{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3224,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969642336869,"flow_src_last_pkt_time":1431969661480928,"flow_dst_last_pkt_time":1431969661480832,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":57,"flow_dst_max_l4_payload_len":98,"flow_src_tot_l4_payload_len":113,"flow_dst_tot_l4_payload_len":127,"midstream":0,"thread_ts_usec":1431969791465674,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"65.55.223.33","src_port":50026,"dst_port":40002,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01103{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3224,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":1431969642087286,"flow_src_last_pkt_time":1431969695591631,"flow_dst_last_pkt_time":1431969642087286,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":39,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":312,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969791465674,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":52850,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 01103{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3224,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431969642247578,"flow_src_last_pkt_time":1431969668794403,"flow_dst_last_pkt_time":1431969642247578,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":31,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":31,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":217,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969791465674,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":65426,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} @@ -1733,9 +1733,9 @@ 00561{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3242,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":292,"flow_packet_id":5,"flow_src_last_pkt_time":1431969796788485,"flow_dst_last_pkt_time":1431969792778032,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":78,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":78,"pkt_l4_len":44,"thread_ts_usec":1431969796788485,"pkt":"0NQSxnP1PBXCt3IOCABFAABAV05AAEAGTzTAqAEinTg1M8PiAbsrN9oxAAAAALAC\/\/+2NQAAAgQFtAEDAwUBAQgKPiTjZgAAAAAEAgAA"} 00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3247,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":293,"flow_packet_id":4,"flow_src_last_pkt_time":1431969799018123,"flow_dst_last_pkt_time":1431969793871150,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":72,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":72,"pkt_l4_len":38,"thread_ts_usec":1431969799018123,"pkt":"0NQSxnP1PBXCt3IOCABFAAA6VP0AAEARokLAqAEiwKgBAdpVADUAJgS+DhkBAAABAAAAAAAAAnVpBXNreXBlA2NvbQAAAQAB"} 00551{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3250,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":293,"flow_packet_id":5,"flow_src_last_pkt_time":1431969802019013,"flow_dst_last_pkt_time":1431969793871150,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":72,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":72,"pkt_l4_len":38,"thread_ts_usec":1431969802019013,"pkt":"0NQSxnP1PBXCt3IOCABFAAA6+ugAAEAR\/FbAqAEiwKgBAdpVADUAJgS+DhkBAAABAAAAAAAAAnVpBXNreXBlA2NvbQAAAQAB"} -00872{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3251,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":50,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969657367596,"flow_src_last_pkt_time":1431969678270658,"flow_dst_last_pkt_time":1431969678270544,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":63,"flow_dst_max_l4_payload_len":59,"flow_src_tot_l4_payload_len":119,"flow_dst_tot_l4_payload_len":112,"midstream":0,"thread_ts_usec":1431969802019013,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.56.170","src_port":50033,"dst_port":40015,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00999{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3251,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":50,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969657367596,"flow_src_last_pkt_time":1431969678270658,"flow_dst_last_pkt_time":1431969678270544,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":63,"flow_dst_max_l4_payload_len":59,"flow_src_tot_l4_payload_len":119,"flow_dst_tot_l4_payload_len":112,"midstream":0,"thread_ts_usec":1431969802019013,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.56.170","src_port":50033,"dst_port":40015,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00784{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3251,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":50,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969657367596,"flow_src_last_pkt_time":1431969678270658,"flow_dst_last_pkt_time":1431969678270544,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":63,"flow_dst_max_l4_payload_len":59,"flow_src_tot_l4_payload_len":119,"flow_dst_tot_l4_payload_len":112,"midstream":0,"thread_ts_usec":1431969802019013,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.56.170","src_port":50033,"dst_port":40015,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3251,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":51,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969657367809,"flow_src_last_pkt_time":1431969676525940,"flow_dst_last_pkt_time":1431969676525836,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":96,"flow_dst_max_l4_payload_len":72,"flow_src_tot_l4_payload_len":152,"flow_dst_tot_l4_payload_len":118,"midstream":0,"thread_ts_usec":1431969802019013,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.140","src_port":50034,"dst_port":40033,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3251,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":51,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969657367809,"flow_src_last_pkt_time":1431969676525940,"flow_dst_last_pkt_time":1431969676525836,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":96,"flow_dst_max_l4_payload_len":72,"flow_src_tot_l4_payload_len":152,"flow_dst_tot_l4_payload_len":118,"midstream":0,"thread_ts_usec":1431969802019013,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.140","src_port":50034,"dst_port":40033,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3251,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":51,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969657367809,"flow_src_last_pkt_time":1431969676525940,"flow_dst_last_pkt_time":1431969676525836,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":96,"flow_dst_max_l4_payload_len":72,"flow_src_tot_l4_payload_len":152,"flow_dst_tot_l4_payload_len":118,"midstream":0,"thread_ts_usec":1431969802019013,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.140","src_port":50034,"dst_port":40033,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00922{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":3251,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":148,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1431969675567066,"flow_src_last_pkt_time":1431969675716487,"flow_dst_last_pkt_time":1431969675716370,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1431969802019013,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"17.172.100.36","src_port":50024,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"TLS","proto_id":"91","proto_by_ip":"Apple","proto_by_ip_id":140,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}} 00776{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3251,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":148,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1431969675567066,"flow_src_last_pkt_time":1431969675716487,"flow_dst_last_pkt_time":1431969675716370,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1431969802019013,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"17.172.100.36","src_port":50024,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} @@ -1757,41 +1757,41 @@ 01119{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3251,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":25,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969653376411,"flow_src_last_pkt_time":1431969653376411,"flow_dst_last_pkt_time":1431969653376411,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969802019013,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.155","src_port":13021,"dst_port":40020,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01119{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3251,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":32,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969654389222,"flow_src_last_pkt_time":1431969654389222,"flow_dst_last_pkt_time":1431969654389222,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":36,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969802019013,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.176","src_port":13021,"dst_port":40022,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 02028{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":3269,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":283,"flow_state":"info","flow_src_packets_processed":19,"flow_dst_packets_processed":13,"flow_first_seen":1431969771806353,"flow_src_last_pkt_time":1431969808100305,"flow_dst_last_pkt_time":1431969777317750,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":776,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":1531,"flow_dst_tot_l4_payload_len":1305,"midstream":0,"thread_ts_usec":1431969808100305,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"71.238.7.203","src_port":50138,"dst_port":18767,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":98,"avg":1348559.6,"max":30125563,"stddev":5301136.0,"var":28102044418048.0,"ent":1.9,"data": [214728,214808,140,223488,223372,360,217535,217176,213636,213655,98,315319,2988490,3022192,145311,494208,215912,215930,3576,275623,272053,209,291401,291140,160,74979,137019,211866,164254,30125563,821148]},"pktlen": {"min":52,"avg":141.4,"max":1076,"stddev":232.5,"var":54056.9,"ent":4.0,"data": [64,64,52,92,87,52,69,66,52,66,52,56,52,828,52,1076,52,142,52,608,87,132,81,97,52,81,52,100,52,52,52,52]},"bins": {"c_to_s": [15,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [7,4,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"directions": [0,1,0,0,1,0,0,1,0,1,0,0,1,0,1,1,0,1,0,0,1,0,0,1,0,0,1,1,0,1,0,0],"entropies": [4.654482365,4.685732365,4.944975376,5.966120720,5.970302582,5.308815479,5.715485096,5.705540657,5.270353794,5.705540657,5.270353794,5.300843716,5.347277164,7.737775803,5.385738850,7.811435223,5.116507530,6.632953644,5.231892586,7.624665260,6.070933819,6.535917759,5.915600300,6.177032948,5.154969215,5.788875103,5.231892586,6.220213890,5.193430901,5.347277164,5.193430901,5.270353794]}} -00872{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":221,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969704664322,"flow_src_last_pkt_time":1431969723753428,"flow_dst_last_pkt_time":1431969723753303,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":87,"flow_src_tot_l4_payload_len":137,"flow_dst_tot_l4_payload_len":114,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"65.55.223.15","src_port":50098,"dst_port":40026,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00999{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":221,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969704664322,"flow_src_last_pkt_time":1431969723753428,"flow_dst_last_pkt_time":1431969723753303,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":87,"flow_src_tot_l4_payload_len":137,"flow_dst_tot_l4_payload_len":114,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"65.55.223.15","src_port":50098,"dst_port":40026,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00784{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":221,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969704664322,"flow_src_last_pkt_time":1431969723753428,"flow_dst_last_pkt_time":1431969723753303,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":87,"flow_src_tot_l4_payload_len":137,"flow_dst_tot_l4_payload_len":114,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"65.55.223.15","src_port":50098,"dst_port":40026,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00875{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":101,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431969665416513,"flow_src_last_pkt_time":1431969685656594,"flow_dst_last_pkt_time":1431969685656480,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":106,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":114,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.150","src_port":50046,"dst_port":40011,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01002{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":101,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431969665416513,"flow_src_last_pkt_time":1431969685656594,"flow_dst_last_pkt_time":1431969685656480,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":106,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":114,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.150","src_port":50046,"dst_port":40011,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00787{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":101,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431969665416513,"flow_src_last_pkt_time":1431969685656594,"flow_dst_last_pkt_time":1431969685656480,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":106,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":114,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.150","src_port":50046,"dst_port":40011,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00875{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":134,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969673443587,"flow_src_last_pkt_time":1431969692603935,"flow_dst_last_pkt_time":1431969692603839,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":106,"flow_dst_max_l4_payload_len":97,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":149,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.153","src_port":50054,"dst_port":40005,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01002{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":134,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969673443587,"flow_src_last_pkt_time":1431969692603935,"flow_dst_last_pkt_time":1431969692603839,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":106,"flow_dst_max_l4_payload_len":97,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":149,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.153","src_port":50054,"dst_port":40005,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00787{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":134,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969673443587,"flow_src_last_pkt_time":1431969692603935,"flow_dst_last_pkt_time":1431969692603839,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":106,"flow_dst_max_l4_payload_len":97,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":149,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.153","src_port":50054,"dst_port":40005,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01101{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":1431969642087286,"flow_src_last_pkt_time":1431969695591631,"flow_dst_last_pkt_time":1431969642087286,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":39,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":312,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":52850,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00874{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":113,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431969667439791,"flow_src_last_pkt_time":1431969689428787,"flow_dst_last_pkt_time":1431969689428675,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":70,"flow_dst_max_l4_payload_len":96,"flow_src_tot_l4_payload_len":110,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.166","src_port":50049,"dst_port":40021,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01001{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":113,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431969667439791,"flow_src_last_pkt_time":1431969689428787,"flow_dst_last_pkt_time":1431969689428675,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":70,"flow_dst_max_l4_payload_len":96,"flow_src_tot_l4_payload_len":110,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.166","src_port":50049,"dst_port":40021,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00786{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":113,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431969667439791,"flow_src_last_pkt_time":1431969689428787,"flow_dst_last_pkt_time":1431969689428675,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":70,"flow_dst_max_l4_payload_len":96,"flow_src_tot_l4_payload_len":110,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.166","src_port":50049,"dst_port":40021,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00872{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":87,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969663377930,"flow_src_last_pkt_time":1431969687753538,"flow_dst_last_pkt_time":1431969687753423,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":79,"flow_dst_max_l4_payload_len":80,"flow_src_tot_l4_payload_len":135,"flow_dst_tot_l4_payload_len":88,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.167","src_port":50044,"dst_port":40031,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00999{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":87,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969663377930,"flow_src_last_pkt_time":1431969687753538,"flow_dst_last_pkt_time":1431969687753423,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":79,"flow_dst_max_l4_payload_len":80,"flow_src_tot_l4_payload_len":135,"flow_dst_tot_l4_payload_len":88,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.167","src_port":50044,"dst_port":40031,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00784{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":87,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969663377930,"flow_src_last_pkt_time":1431969687753538,"flow_dst_last_pkt_time":1431969687753423,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":79,"flow_dst_max_l4_payload_len":80,"flow_src_tot_l4_payload_len":135,"flow_dst_tot_l4_payload_len":88,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.167","src_port":50044,"dst_port":40031,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":194,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969689470381,"flow_src_last_pkt_time":1431969722393869,"flow_dst_last_pkt_time":1431969722520463,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":76,"flow_dst_max_l4_payload_len":51,"flow_src_tot_l4_payload_len":140,"flow_dst_tot_l4_payload_len":51,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.173","src_port":50074,"dst_port":40003,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":194,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969689470381,"flow_src_last_pkt_time":1431969722393869,"flow_dst_last_pkt_time":1431969722520463,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":76,"flow_dst_max_l4_payload_len":51,"flow_src_tot_l4_payload_len":140,"flow_dst_tot_l4_payload_len":51,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.173","src_port":50074,"dst_port":40003,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":194,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969689470381,"flow_src_last_pkt_time":1431969722393869,"flow_dst_last_pkt_time":1431969722520463,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":76,"flow_dst_max_l4_payload_len":51,"flow_src_tot_l4_payload_len":140,"flow_dst_tot_l4_payload_len":51,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.173","src_port":50074,"dst_port":40003,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":133,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":5,"flow_first_seen":1431969673443345,"flow_src_last_pkt_time":1431969701671718,"flow_dst_last_pkt_time":1431969701671600,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":100,"flow_dst_max_l4_payload_len":69,"flow_src_tot_l4_payload_len":148,"flow_dst_tot_l4_payload_len":77,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.56.146","src_port":50053,"dst_port":40030,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":133,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":5,"flow_first_seen":1431969673443345,"flow_src_last_pkt_time":1431969701671718,"flow_dst_last_pkt_time":1431969701671600,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":100,"flow_dst_max_l4_payload_len":69,"flow_src_tot_l4_payload_len":148,"flow_dst_tot_l4_payload_len":77,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.56.146","src_port":50053,"dst_port":40030,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":133,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":5,"flow_first_seen":1431969673443345,"flow_src_last_pkt_time":1431969701671718,"flow_dst_last_pkt_time":1431969701671600,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":100,"flow_dst_max_l4_payload_len":69,"flow_src_tot_l4_payload_len":148,"flow_dst_tot_l4_payload_len":77,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.56.146","src_port":50053,"dst_port":40030,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01095{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":150,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431969675950344,"flow_src_last_pkt_time":1431969702405683,"flow_dst_last_pkt_time":1431969675950344,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":51,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":51,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":357,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":63108,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Microsoft","proto_id":"5.212","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Safe","category_id":14,"category":"Network"}} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":177,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969683498513,"flow_src_last_pkt_time":1431969716109861,"flow_dst_last_pkt_time":1431969716234710,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":55,"flow_dst_max_l4_payload_len":57,"flow_src_tot_l4_payload_len":119,"flow_dst_tot_l4_payload_len":57,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.170","src_port":50070,"dst_port":40018,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":177,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969683498513,"flow_src_last_pkt_time":1431969716109861,"flow_dst_last_pkt_time":1431969716234710,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":55,"flow_dst_max_l4_payload_len":57,"flow_src_tot_l4_payload_len":119,"flow_dst_tot_l4_payload_len":57,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.170","src_port":50070,"dst_port":40018,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":177,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969683498513,"flow_src_last_pkt_time":1431969716109861,"flow_dst_last_pkt_time":1431969716234710,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":55,"flow_dst_max_l4_payload_len":57,"flow_src_tot_l4_payload_len":119,"flow_dst_tot_l4_payload_len":57,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.170","src_port":50070,"dst_port":40018,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":196,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431969689470785,"flow_src_last_pkt_time":1431969717166772,"flow_dst_last_pkt_time":1431969717232356,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":75,"flow_dst_max_l4_payload_len":93,"flow_src_tot_l4_payload_len":147,"flow_dst_tot_l4_payload_len":93,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.156","src_port":50076,"dst_port":40014,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":196,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431969689470785,"flow_src_last_pkt_time":1431969717166772,"flow_dst_last_pkt_time":1431969717232356,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":75,"flow_dst_max_l4_payload_len":93,"flow_src_tot_l4_payload_len":147,"flow_dst_tot_l4_payload_len":93,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.156","src_port":50076,"dst_port":40014,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":196,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431969689470785,"flow_src_last_pkt_time":1431969717166772,"flow_dst_last_pkt_time":1431969717232356,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":75,"flow_dst_max_l4_payload_len":93,"flow_src_tot_l4_payload_len":147,"flow_dst_tot_l4_payload_len":93,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.156","src_port":50076,"dst_port":40014,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00872{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":168,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":5,"flow_first_seen":1431969681480233,"flow_src_last_pkt_time":1431969709213073,"flow_dst_last_pkt_time":1431969709213005,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":59,"flow_dst_max_l4_payload_len":60,"flow_src_tot_l4_payload_len":107,"flow_dst_tot_l4_payload_len":68,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.56.160","src_port":50067,"dst_port":40027,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00999{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":168,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":5,"flow_first_seen":1431969681480233,"flow_src_last_pkt_time":1431969709213073,"flow_dst_last_pkt_time":1431969709213005,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":59,"flow_dst_max_l4_payload_len":60,"flow_src_tot_l4_payload_len":107,"flow_dst_tot_l4_payload_len":68,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.56.160","src_port":50067,"dst_port":40027,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00784{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":168,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":5,"flow_first_seen":1431969681480233,"flow_src_last_pkt_time":1431969709213073,"flow_dst_last_pkt_time":1431969709213005,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":59,"flow_dst_max_l4_payload_len":60,"flow_src_tot_l4_payload_len":107,"flow_dst_tot_l4_payload_len":68,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.56.160","src_port":50067,"dst_port":40027,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":200,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969690481458,"flow_src_last_pkt_time":1431969722604314,"flow_dst_last_pkt_time":1431969722726989,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":70,"flow_dst_max_l4_payload_len":68,"flow_src_tot_l4_payload_len":134,"flow_dst_tot_l4_payload_len":68,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.176","src_port":50077,"dst_port":40022,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":200,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969690481458,"flow_src_last_pkt_time":1431969722604314,"flow_dst_last_pkt_time":1431969722726989,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":70,"flow_dst_max_l4_payload_len":68,"flow_src_tot_l4_payload_len":134,"flow_dst_tot_l4_payload_len":68,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.176","src_port":50077,"dst_port":40022,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":200,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969690481458,"flow_src_last_pkt_time":1431969722604314,"flow_dst_last_pkt_time":1431969722726989,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":70,"flow_dst_max_l4_payload_len":68,"flow_src_tot_l4_payload_len":134,"flow_dst_tot_l4_payload_len":68,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.176","src_port":50077,"dst_port":40022,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00874{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":217,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969699577033,"flow_src_last_pkt_time":1431969718631176,"flow_dst_last_pkt_time":1431969718631081,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":61,"flow_dst_max_l4_payload_len":80,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":140,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.155","src_port":50092,"dst_port":40020,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01001{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":217,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969699577033,"flow_src_last_pkt_time":1431969718631176,"flow_dst_last_pkt_time":1431969718631081,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":61,"flow_dst_max_l4_payload_len":80,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":140,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.155","src_port":50092,"dst_port":40020,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00786{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":217,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969699577033,"flow_src_last_pkt_time":1431969718631176,"flow_dst_last_pkt_time":1431969718631081,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":61,"flow_dst_max_l4_payload_len":80,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":140,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.155","src_port":50092,"dst_port":40020,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":57,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969658376019,"flow_src_last_pkt_time":1431969684505385,"flow_dst_last_pkt_time":1431969684569058,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":48,"flow_dst_max_l4_payload_len":56,"flow_src_tot_l4_payload_len":112,"flow_dst_tot_l4_payload_len":56,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"213.199.179.175","src_port":50035,"dst_port":40021,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":57,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969658376019,"flow_src_last_pkt_time":1431969684505385,"flow_dst_last_pkt_time":1431969684569058,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":48,"flow_dst_max_l4_payload_len":56,"flow_src_tot_l4_payload_len":112,"flow_dst_tot_l4_payload_len":56,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"213.199.179.175","src_port":50035,"dst_port":40021,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":57,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969658376019,"flow_src_last_pkt_time":1431969684505385,"flow_dst_last_pkt_time":1431969684569058,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":48,"flow_dst_max_l4_payload_len":56,"flow_src_tot_l4_payload_len":112,"flow_dst_tot_l4_payload_len":56,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"213.199.179.175","src_port":50035,"dst_port":40021,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":220,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969704664195,"flow_src_last_pkt_time":1431969722362143,"flow_dst_last_pkt_time":1431969722362075,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":91,"flow_src_tot_l4_payload_len":142,"flow_dst_tot_l4_payload_len":99,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.176","src_port":50097,"dst_port":40022,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":220,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969704664195,"flow_src_last_pkt_time":1431969722362143,"flow_dst_last_pkt_time":1431969722362075,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":91,"flow_src_tot_l4_payload_len":142,"flow_dst_tot_l4_payload_len":99,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.176","src_port":50097,"dst_port":40022,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":220,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969704664195,"flow_src_last_pkt_time":1431969722362143,"flow_dst_last_pkt_time":1431969722362075,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":91,"flow_src_tot_l4_payload_len":142,"flow_dst_tot_l4_payload_len":99,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.176","src_port":50097,"dst_port":40022,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":288,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":2,"flow_first_seen":1431969788719766,"flow_src_last_pkt_time":1431969803191195,"flow_dst_last_pkt_time":1431969788891675,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":75,"flow_dst_max_l4_payload_len":57,"flow_src_tot_l4_payload_len":131,"flow_dst_tot_l4_payload_len":57,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"78.202.226.115","src_port":50143,"dst_port":29059,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":288,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":2,"flow_first_seen":1431969788719766,"flow_src_last_pkt_time":1431969803191195,"flow_dst_last_pkt_time":1431969788891675,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":75,"flow_dst_max_l4_payload_len":57,"flow_src_tot_l4_payload_len":131,"flow_dst_tot_l4_payload_len":57,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"78.202.226.115","src_port":50143,"dst_port":29059,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":288,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":2,"flow_first_seen":1431969788719766,"flow_src_last_pkt_time":1431969803191195,"flow_dst_last_pkt_time":1431969788891675,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":75,"flow_dst_max_l4_payload_len":57,"flow_src_tot_l4_payload_len":131,"flow_dst_tot_l4_payload_len":57,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"78.202.226.115","src_port":50143,"dst_port":29059,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":289,"flow_state":"info","flow_src_packets_processed":10,"flow_dst_packets_processed":4,"flow_first_seen":1431969789832358,"flow_src_last_pkt_time":1431969808350555,"flow_dst_last_pkt_time":1431969790244352,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":52,"flow_src_tot_l4_payload_len":125,"flow_dst_tot_l4_payload_len":70,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"78.202.226.115","src_port":50144,"dst_port":29059,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":289,"flow_state":"info","flow_src_packets_processed":10,"flow_dst_packets_processed":4,"flow_first_seen":1431969789832358,"flow_src_last_pkt_time":1431969808350555,"flow_dst_last_pkt_time":1431969790244352,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":52,"flow_src_tot_l4_payload_len":125,"flow_dst_tot_l4_payload_len":70,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"78.202.226.115","src_port":50144,"dst_port":29059,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":289,"flow_state":"info","flow_src_packets_processed":10,"flow_dst_packets_processed":4,"flow_first_seen":1431969789832358,"flow_src_last_pkt_time":1431969808350555,"flow_dst_last_pkt_time":1431969790244352,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":52,"flow_src_tot_l4_payload_len":125,"flow_dst_tot_l4_payload_len":70,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"78.202.226.115","src_port":50144,"dst_port":29059,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00874{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":195,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":5,"flow_first_seen":1431969689470548,"flow_src_last_pkt_time":1431969716531646,"flow_dst_last_pkt_time":1431969716588503,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":92,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":164,"flow_dst_tot_l4_payload_len":63,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"213.199.179.142","src_port":50075,"dst_port":40003,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01001{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":195,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":5,"flow_first_seen":1431969689470548,"flow_src_last_pkt_time":1431969716531646,"flow_dst_last_pkt_time":1431969716588503,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":92,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":164,"flow_dst_tot_l4_payload_len":63,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"213.199.179.142","src_port":50075,"dst_port":40003,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00786{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":195,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":5,"flow_first_seen":1431969689470548,"flow_src_last_pkt_time":1431969716531646,"flow_dst_last_pkt_time":1431969716588503,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":92,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":164,"flow_dst_tot_l4_payload_len":63,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"213.199.179.142","src_port":50075,"dst_port":40003,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01115{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":69,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969659392325,"flow_src_last_pkt_time":1431969659392325,"flow_dst_last_pkt_time":1431969659392325,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":22,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":22,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":22,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.52.24","src_port":13021,"dst_port":40001,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01115{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":76,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969660403962,"flow_src_last_pkt_time":1431969660403962,"flow_dst_last_pkt_time":1431969660403962,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":22,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":22,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":22,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.52.21","src_port":13021,"dst_port":40004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} @@ -1806,11 +1806,11 @@ 01116{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":179,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969683498651,"flow_src_last_pkt_time":1431969683498651,"flow_dst_last_pkt_time":1431969683498651,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":27,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":27,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":27,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.52.37","src_port":13021,"dst_port":40032,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01115{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":104,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969665416767,"flow_src_last_pkt_time":1431969665416767,"flow_dst_last_pkt_time":1431969665416767,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"64.4.23.146","src_port":13021,"dst_port":33033,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 00979{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":214,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1431969698743022,"flow_src_last_pkt_time":1431969698743022,"flow_dst_last_pkt_time":1431969698797139,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":40,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":40,"flow_dst_max_l4_payload_len":56,"flow_src_tot_l4_payload_len":40,"flow_dst_tot_l4_payload_len":56,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":63321,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00871{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":49,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":4,"flow_first_seen":1431969657367363,"flow_src_last_pkt_time":1431969688011370,"flow_dst_last_pkt_time":1431969688218075,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":109,"flow_dst_max_l4_payload_len":71,"flow_src_tot_l4_payload_len":165,"flow_dst_tot_l4_payload_len":71,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.52.44","src_port":50032,"dst_port":40032,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00998{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":49,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":4,"flow_first_seen":1431969657367363,"flow_src_last_pkt_time":1431969688011370,"flow_dst_last_pkt_time":1431969688218075,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":109,"flow_dst_max_l4_payload_len":71,"flow_src_tot_l4_payload_len":165,"flow_dst_tot_l4_payload_len":71,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.52.44","src_port":50032,"dst_port":40032,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00783{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":49,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":4,"flow_first_seen":1431969657367363,"flow_src_last_pkt_time":1431969688011370,"flow_dst_last_pkt_time":1431969688218075,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":109,"flow_dst_max_l4_payload_len":71,"flow_src_tot_l4_payload_len":165,"flow_dst_tot_l4_payload_len":71,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.52.44","src_port":50032,"dst_port":40032,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01095{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":149,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431969675950087,"flow_src_last_pkt_time":1431969702405684,"flow_dst_last_pkt_time":1431969675950087,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":51,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":51,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":357,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":55159,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Microsoft","proto_id":"5.212","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Safe","category_id":14,"category":"Network"}} 01101{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431969642247578,"flow_src_last_pkt_time":1431969668794403,"flow_dst_last_pkt_time":1431969642247578,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":31,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":31,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":217,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":65426,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00883{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":227,"flow_state":"info","flow_src_packets_processed":231,"flow_dst_packets_processed":241,"flow_first_seen":1431969710853799,"flow_src_last_pkt_time":1431969807279227,"flow_dst_last_pkt_time":1431969791042699,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1440,"flow_dst_max_l4_payload_len":1440,"flow_src_tot_l4_payload_len":44974,"flow_dst_tot_l4_payload_len":88481,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.52.28","src_port":50108,"dst_port":40009,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01010{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":227,"flow_state":"info","flow_src_packets_processed":231,"flow_dst_packets_processed":241,"flow_first_seen":1431969710853799,"flow_src_last_pkt_time":1431969807279227,"flow_dst_last_pkt_time":1431969791042699,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1440,"flow_dst_max_l4_payload_len":1440,"flow_src_tot_l4_payload_len":44974,"flow_dst_tot_l4_payload_len":88481,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.52.28","src_port":50108,"dst_port":40009,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00795{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":227,"flow_state":"info","flow_src_packets_processed":231,"flow_dst_packets_processed":241,"flow_first_seen":1431969710853799,"flow_src_last_pkt_time":1431969807279227,"flow_dst_last_pkt_time":1431969791042699,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1440,"flow_dst_max_l4_payload_len":1440,"flow_src_tot_l4_payload_len":44974,"flow_dst_tot_l4_payload_len":88481,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.52.28","src_port":50108,"dst_port":40009,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00971{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":228,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1431969712913771,"flow_src_last_pkt_time":1431969712913828,"flow_dst_last_pkt_time":1431969712913771,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":132,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":133,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":265,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"239.255.255.250","src_port":49485,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} 01059{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":231,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":1431969712918145,"flow_src_last_pkt_time":1431969747557913,"flow_dst_last_pkt_time":1431969712918145,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":48,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":48,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":384,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.1","dst_ip":"192.168.1.34","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} @@ -1834,23 +1834,23 @@ 00779{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":226,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":3,"flow_first_seen":1431969707326642,"flow_src_last_pkt_time":1431969717500150,"flow_dst_last_pkt_time":1431969717500055,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":79,"flow_src_tot_l4_payload_len":268,"flow_dst_tot_l4_payload_len":79,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"64.4.23.166","src_port":50103,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01103{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":158,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431969677975770,"flow_src_last_pkt_time":1431969704363418,"flow_dst_last_pkt_time":1431969677975770,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":49360,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00789{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":239,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":1431969713815539,"flow_src_last_pkt_time":1431969726847355,"flow_dst_last_pkt_time":1431969713815539,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":165,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":165,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":660,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip6","src_ip":"fe80::c62c:3ff:fe06:49fe","dst_ip":"ff02::fb","src_port":5353,"dst_port":5353,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":266,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969722958172,"flow_src_last_pkt_time":1431969740384752,"flow_dst_last_pkt_time":1431969740384686,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":100,"flow_src_tot_l4_payload_len":142,"flow_dst_tot_l4_payload_len":108,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"212.161.8.36","src_port":50130,"dst_port":13392,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":266,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969722958172,"flow_src_last_pkt_time":1431969740384752,"flow_dst_last_pkt_time":1431969740384686,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":100,"flow_src_tot_l4_payload_len":142,"flow_dst_tot_l4_payload_len":108,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"212.161.8.36","src_port":50130,"dst_port":13392,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":266,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969722958172,"flow_src_last_pkt_time":1431969740384752,"flow_dst_last_pkt_time":1431969740384686,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":100,"flow_src_tot_l4_payload_len":142,"flow_dst_tot_l4_payload_len":108,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"212.161.8.36","src_port":50130,"dst_port":13392,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01095{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":269,"flow_state":"finished","flow_src_packets_processed":11,"flow_dst_packets_processed":8,"flow_first_seen":1431969724570574,"flow_src_last_pkt_time":1431969725161861,"flow_dst_last_pkt_time":1431969725166046,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1440,"flow_dst_max_l4_payload_len":171,"flow_src_tot_l4_payload_len":3668,"flow_dst_tot_l4_payload_len":181,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"212.161.8.36","src_port":50131,"dst_port":13392,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}}},"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":243,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431969714398039,"flow_src_last_pkt_time":1431969727593030,"flow_dst_last_pkt_time":1431969727592938,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":101,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":139,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"76.167.161.6","src_port":50112,"dst_port":20274,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":243,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431969714398039,"flow_src_last_pkt_time":1431969727593030,"flow_dst_last_pkt_time":1431969727592938,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":101,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":139,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"76.167.161.6","src_port":50112,"dst_port":20274,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":243,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431969714398039,"flow_src_last_pkt_time":1431969727593030,"flow_dst_last_pkt_time":1431969727592938,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":101,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":139,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"76.167.161.6","src_port":50112,"dst_port":20274,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00871{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":280,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":3,"flow_first_seen":1431969770694149,"flow_src_last_pkt_time":1431969794907548,"flow_dst_last_pkt_time":1431969771261146,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":52,"flow_dst_max_l4_payload_len":64,"flow_src_tot_l4_payload_len":100,"flow_dst_tot_l4_payload_len":64,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"76.167.161.6","src_port":50135,"dst_port":20274,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00998{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":280,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":3,"flow_first_seen":1431969770694149,"flow_src_last_pkt_time":1431969794907548,"flow_dst_last_pkt_time":1431969771261146,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":52,"flow_dst_max_l4_payload_len":64,"flow_src_tot_l4_payload_len":100,"flow_dst_tot_l4_payload_len":64,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"76.167.161.6","src_port":50135,"dst_port":20274,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00783{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":280,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":3,"flow_first_seen":1431969770694149,"flow_src_last_pkt_time":1431969794907548,"flow_dst_last_pkt_time":1431969771261146,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":52,"flow_dst_max_l4_payload_len":64,"flow_src_tot_l4_payload_len":100,"flow_dst_tot_l4_payload_len":64,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"76.167.161.6","src_port":50135,"dst_port":20274,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00871{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":232,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1431969712931653,"flow_src_last_pkt_time":1431969712981449,"flow_dst_last_pkt_time":1431969713736415,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":111,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":111,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.216.125","src_port":50109,"dst_port":12350,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00998{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":232,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1431969712931653,"flow_src_last_pkt_time":1431969712981449,"flow_dst_last_pkt_time":1431969713736415,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":111,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":111,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.216.125","src_port":50109,"dst_port":12350,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00783{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":232,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1431969712931653,"flow_src_last_pkt_time":1431969712981449,"flow_dst_last_pkt_time":1431969713736415,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":111,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":111,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.216.125","src_port":50109,"dst_port":12350,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00867{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":233,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1431969713736740,"flow_src_last_pkt_time":1431969713779738,"flow_dst_last_pkt_time":1431969714165130,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":5,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":5,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.216.125","src_port":50110,"dst_port":12350,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00779{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":233,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1431969713736740,"flow_src_last_pkt_time":1431969713779738,"flow_dst_last_pkt_time":1431969714165130,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":5,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":5,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.216.125","src_port":50110,"dst_port":12350,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00993{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":285,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1431969774806959,"flow_src_last_pkt_time":1431969776480751,"flow_dst_last_pkt_time":1431969776480651,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"76.167.161.6","src_port":50140,"dst_port":20274,"l4_proto":"tcp","ndpi": {"flow_risk": {"50": {"risk":"TCP Connection Issues","severity":"Medium","risk_score": {"total":350,"client":235,"server":115}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00777{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":285,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1431969774806959,"flow_src_last_pkt_time":1431969776480751,"flow_dst_last_pkt_time":1431969776480651,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"76.167.161.6","src_port":50140,"dst_port":20274,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01119{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":273,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969735255261,"flow_src_last_pkt_time":1431969735255261,"flow_dst_last_pkt_time":1431969735255261,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":18,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":18,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":18,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"106.188.249.186","src_port":13021,"dst_port":15120,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":256,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":4,"flow_first_seen":1431969717949030,"flow_src_last_pkt_time":1431969723488428,"flow_dst_last_pkt_time":1431969723488361,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":69,"flow_dst_max_l4_payload_len":112,"flow_src_tot_l4_payload_len":69,"flow_dst_tot_l4_payload_len":112,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.218.125","src_port":50125,"dst_port":12350,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":256,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":4,"flow_first_seen":1431969717949030,"flow_src_last_pkt_time":1431969723488428,"flow_dst_last_pkt_time":1431969723488361,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":69,"flow_dst_max_l4_payload_len":112,"flow_src_tot_l4_payload_len":69,"flow_dst_tot_l4_payload_len":112,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.218.125","src_port":50125,"dst_port":12350,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":256,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":4,"flow_first_seen":1431969717949030,"flow_src_last_pkt_time":1431969723488428,"flow_dst_last_pkt_time":1431969723488361,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":69,"flow_dst_max_l4_payload_len":112,"flow_src_tot_l4_payload_len":69,"flow_dst_tot_l4_payload_len":112,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.218.125","src_port":50125,"dst_port":12350,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00876{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"info","flow_src_packets_processed":16,"flow_dst_packets_processed":4,"flow_first_seen":1431969717949481,"flow_src_last_pkt_time":1431969750864541,"flow_dst_last_pkt_time":1431969750910332,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":332,"flow_dst_max_l4_payload_len":106,"flow_src_tot_l4_payload_len":3720,"flow_dst_tot_l4_payload_len":106,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.216.23","src_port":50126,"dst_port":12350,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01003{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"info","flow_src_packets_processed":16,"flow_dst_packets_processed":4,"flow_first_seen":1431969717949481,"flow_src_last_pkt_time":1431969750864541,"flow_dst_last_pkt_time":1431969750910332,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":332,"flow_dst_max_l4_payload_len":106,"flow_src_tot_l4_payload_len":3720,"flow_dst_tot_l4_payload_len":106,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.216.23","src_port":50126,"dst_port":12350,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00788{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"info","flow_src_packets_processed":16,"flow_dst_packets_processed":4,"flow_first_seen":1431969717949481,"flow_src_last_pkt_time":1431969750864541,"flow_dst_last_pkt_time":1431969750910332,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":332,"flow_dst_max_l4_payload_len":106,"flow_src_tot_l4_payload_len":3720,"flow_dst_tot_l4_payload_len":106,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.216.23","src_port":50126,"dst_port":12350,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00867{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":4,"flow_first_seen":1431969719561453,"flow_src_last_pkt_time":1431969727878680,"flow_dst_last_pkt_time":1431969727878606,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":5,"flow_dst_max_l4_payload_len":5,"flow_src_tot_l4_payload_len":5,"flow_dst_tot_l4_payload_len":5,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.218.125","src_port":50129,"dst_port":12350,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00779{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":4,"flow_first_seen":1431969719561453,"flow_src_last_pkt_time":1431969727878680,"flow_dst_last_pkt_time":1431969727878606,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":5,"flow_dst_max_l4_payload_len":5,"flow_src_tot_l4_payload_len":5,"flow_dst_tot_l4_payload_len":5,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.218.125","src_port":50129,"dst_port":12350,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} @@ -1872,27 +1872,27 @@ 00964{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":23,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":8,"flow_first_seen":1431969649862353,"flow_src_last_pkt_time":1431969790906536,"flow_dst_last_pkt_time":1431969790768307,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":277,"flow_dst_max_l4_payload_len":954,"flow_src_tot_l4_payload_len":1108,"flow_dst_tot_l4_payload_len":3816,"midstream":1,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"108.160.170.46","dst_ip":"192.168.1.34","src_port":443,"dst_port":49445,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Dropbox","proto_by_ip_id":121,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}} 00777{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":293,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":1431969793871150,"flow_src_last_pkt_time":1431969802019013,"flow_dst_last_pkt_time":1431969793871150,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":30,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":30,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":150,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":55893,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00977{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1431969642318375,"flow_src_last_pkt_time":1431969642318375,"flow_dst_last_pkt_time":1431969642376469,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":40,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":40,"flow_dst_max_l4_payload_len":56,"flow_src_tot_l4_payload_len":40,"flow_dst_tot_l4_payload_len":56,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":64085,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":244,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":3,"flow_first_seen":1431969714398234,"flow_src_last_pkt_time":1431969733216347,"flow_dst_last_pkt_time":1431969733216278,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":61,"flow_dst_max_l4_payload_len":107,"flow_src_tot_l4_payload_len":101,"flow_dst_tot_l4_payload_len":115,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"71.238.7.203","src_port":50113,"dst_port":18767,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":244,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":3,"flow_first_seen":1431969714398234,"flow_src_last_pkt_time":1431969733216347,"flow_dst_last_pkt_time":1431969733216278,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":61,"flow_dst_max_l4_payload_len":107,"flow_src_tot_l4_payload_len":101,"flow_dst_tot_l4_payload_len":115,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"71.238.7.203","src_port":50113,"dst_port":18767,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":244,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":3,"flow_first_seen":1431969714398234,"flow_src_last_pkt_time":1431969733216347,"flow_dst_last_pkt_time":1431969733216278,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":61,"flow_dst_max_l4_payload_len":107,"flow_src_tot_l4_payload_len":101,"flow_dst_tot_l4_payload_len":115,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"71.238.7.203","src_port":50113,"dst_port":18767,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01103{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":265,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431969721954245,"flow_src_last_pkt_time":1431969748263105,"flow_dst_last_pkt_time":1431969721954245,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":252,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":51802,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00871{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431969717177542,"flow_src_last_pkt_time":1431969730486492,"flow_dst_last_pkt_time":1431969730486426,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":95,"flow_dst_max_l4_payload_len":89,"flow_src_tot_l4_payload_len":151,"flow_dst_tot_l4_payload_len":155,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"80.14.46.121","src_port":50123,"dst_port":4415,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00998{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431969717177542,"flow_src_last_pkt_time":1431969730486492,"flow_dst_last_pkt_time":1431969730486426,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":95,"flow_dst_max_l4_payload_len":89,"flow_src_tot_l4_payload_len":151,"flow_dst_tot_l4_payload_len":155,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"80.14.46.121","src_port":50123,"dst_port":4415,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00783{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431969717177542,"flow_src_last_pkt_time":1431969730486492,"flow_dst_last_pkt_time":1431969730486426,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":95,"flow_dst_max_l4_payload_len":89,"flow_src_tot_l4_payload_len":151,"flow_dst_tot_l4_payload_len":155,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"80.14.46.121","src_port":50123,"dst_port":4415,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00878{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"info","flow_src_packets_processed":24,"flow_dst_packets_processed":19,"flow_first_seen":1431969715510906,"flow_src_last_pkt_time":1431969755601085,"flow_dst_last_pkt_time":1431969755612967,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":777,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":1540,"flow_dst_tot_l4_payload_len":1358,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"71.238.7.203","src_port":50117,"dst_port":18767,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01005{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"info","flow_src_packets_processed":24,"flow_dst_packets_processed":19,"flow_first_seen":1431969715510906,"flow_src_last_pkt_time":1431969755601085,"flow_dst_last_pkt_time":1431969755612967,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":777,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":1540,"flow_dst_tot_l4_payload_len":1358,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"71.238.7.203","src_port":50117,"dst_port":18767,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00790{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"info","flow_src_packets_processed":24,"flow_dst_packets_processed":19,"flow_first_seen":1431969715510906,"flow_src_last_pkt_time":1431969755601085,"flow_dst_last_pkt_time":1431969755612967,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":777,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":1540,"flow_dst_tot_l4_payload_len":1358,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"71.238.7.203","src_port":50117,"dst_port":18767,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00872{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":258,"flow_state":"info","flow_src_packets_processed":16,"flow_dst_packets_processed":11,"flow_first_seen":1431969718289986,"flow_src_last_pkt_time":1431969752365543,"flow_dst_last_pkt_time":1431969752365461,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":42,"flow_dst_max_l4_payload_len":67,"flow_src_tot_l4_payload_len":101,"flow_dst_tot_l4_payload_len":191,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"80.14.46.121","src_port":50127,"dst_port":4415,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00999{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":258,"flow_state":"info","flow_src_packets_processed":16,"flow_dst_packets_processed":11,"flow_first_seen":1431969718289986,"flow_src_last_pkt_time":1431969752365543,"flow_dst_last_pkt_time":1431969752365461,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":42,"flow_dst_max_l4_payload_len":67,"flow_src_tot_l4_payload_len":101,"flow_dst_tot_l4_payload_len":191,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"80.14.46.121","src_port":50127,"dst_port":4415,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00784{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":258,"flow_state":"info","flow_src_packets_processed":16,"flow_dst_packets_processed":11,"flow_first_seen":1431969718289986,"flow_src_last_pkt_time":1431969752365543,"flow_dst_last_pkt_time":1431969752365461,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":42,"flow_dst_max_l4_payload_len":67,"flow_src_tot_l4_payload_len":101,"flow_dst_tot_l4_payload_len":191,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"80.14.46.121","src_port":50127,"dst_port":4415,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00973{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":22,"flow_state":"finished","flow_src_packets_processed":79,"flow_dst_packets_processed":0,"flow_first_seen":1431969648258514,"flow_src_last_pkt_time":1431969808391728,"flow_dst_last_pkt_time":1431969648258514,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":285,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":363,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":26161,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.0.254","dst_ip":"239.255.255.250","src_port":1025,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} 01115{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":109,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969666429312,"flow_src_last_pkt_time":1431969666429312,"flow_dst_last_pkt_time":1431969666429312,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":35,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":35,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":35,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"64.4.23.155","src_port":13021,"dst_port":40004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} -00870{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":286,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":2,"flow_first_seen":1431969783628523,"flow_src_last_pkt_time":1431969808684170,"flow_dst_last_pkt_time":1431969783821347,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":99,"flow_src_tot_l4_payload_len":124,"flow_dst_tot_l4_payload_len":99,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"80.14.46.121","src_port":50141,"dst_port":4415,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00997{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":286,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":2,"flow_first_seen":1431969783628523,"flow_src_last_pkt_time":1431969808684170,"flow_dst_last_pkt_time":1431969783821347,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":99,"flow_src_tot_l4_payload_len":124,"flow_dst_tot_l4_payload_len":99,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"80.14.46.121","src_port":50141,"dst_port":4415,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00782{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":286,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":2,"flow_first_seen":1431969783628523,"flow_src_last_pkt_time":1431969808684170,"flow_dst_last_pkt_time":1431969783821347,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":99,"flow_src_tot_l4_payload_len":124,"flow_dst_tot_l4_payload_len":99,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"80.14.46.121","src_port":50141,"dst_port":4415,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01115{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":128,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969671427254,"flow_src_last_pkt_time":1431969671427254,"flow_dst_last_pkt_time":1431969671427254,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":31,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":31,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":31,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"64.4.23.141","src_port":13021,"dst_port":40004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01114{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":54,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969657367982,"flow_src_last_pkt_time":1431969657367982,"flow_dst_last_pkt_time":1431969657367982,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"64.4.23.150","src_port":13021,"dst_port":40004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} -00870{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":287,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":6,"flow_first_seen":1431969784741030,"flow_src_last_pkt_time":1431969808951480,"flow_dst_last_pkt_time":1431969790337451,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":68,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":181,"flow_dst_tot_l4_payload_len":81,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"80.14.46.121","src_port":50142,"dst_port":4415,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00997{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":287,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":6,"flow_first_seen":1431969784741030,"flow_src_last_pkt_time":1431969808951480,"flow_dst_last_pkt_time":1431969790337451,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":68,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":181,"flow_dst_tot_l4_payload_len":81,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"80.14.46.121","src_port":50142,"dst_port":4415,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00782{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":287,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":6,"flow_first_seen":1431969784741030,"flow_src_last_pkt_time":1431969808951480,"flow_dst_last_pkt_time":1431969790337451,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":68,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":181,"flow_dst_tot_l4_payload_len":81,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"80.14.46.121","src_port":50142,"dst_port":4415,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00870{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":281,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":3,"flow_first_seen":1431969770694385,"flow_src_last_pkt_time":1431969789490350,"flow_dst_last_pkt_time":1431969789490238,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":48,"flow_dst_max_l4_payload_len":69,"flow_src_tot_l4_payload_len":88,"flow_dst_tot_l4_payload_len":77,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"71.238.7.203","src_port":50136,"dst_port":18767,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00997{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":281,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":3,"flow_first_seen":1431969770694385,"flow_src_last_pkt_time":1431969789490350,"flow_dst_last_pkt_time":1431969789490238,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":48,"flow_dst_max_l4_payload_len":69,"flow_src_tot_l4_payload_len":88,"flow_dst_tot_l4_payload_len":77,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"71.238.7.203","src_port":50136,"dst_port":18767,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00782{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":281,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":3,"flow_first_seen":1431969770694385,"flow_src_last_pkt_time":1431969789490350,"flow_dst_last_pkt_time":1431969789490238,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":48,"flow_dst_max_l4_payload_len":69,"flow_src_tot_l4_payload_len":88,"flow_dst_tot_l4_payload_len":77,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"71.238.7.203","src_port":50136,"dst_port":18767,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01115{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":115,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969667439986,"flow_src_last_pkt_time":1431969667439986,"flow_dst_last_pkt_time":1431969667439986,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"64.4.23.168","src_port":13021,"dst_port":40006,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} -00878{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":283,"flow_state":"info","flow_src_packets_processed":19,"flow_dst_packets_processed":13,"flow_first_seen":1431969771806353,"flow_src_last_pkt_time":1431969808100305,"flow_dst_last_pkt_time":1431969777317750,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":776,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":1531,"flow_dst_tot_l4_payload_len":1305,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"71.238.7.203","src_port":50138,"dst_port":18767,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01005{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":283,"flow_state":"info","flow_src_packets_processed":19,"flow_dst_packets_processed":13,"flow_first_seen":1431969771806353,"flow_src_last_pkt_time":1431969808100305,"flow_dst_last_pkt_time":1431969777317750,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":776,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":1531,"flow_dst_tot_l4_payload_len":1305,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"71.238.7.203","src_port":50138,"dst_port":18767,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00790{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":283,"flow_state":"info","flow_src_packets_processed":19,"flow_dst_packets_processed":13,"flow_first_seen":1431969771806353,"flow_src_last_pkt_time":1431969808100305,"flow_dst_last_pkt_time":1431969777317750,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":776,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":1531,"flow_dst_tot_l4_payload_len":1305,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"71.238.7.203","src_port":50138,"dst_port":18767,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01114{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":73,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969660403888,"flow_src_last_pkt_time":1431969660403888,"flow_dst_last_pkt_time":1431969660403888,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"64.4.23.159","src_port":13021,"dst_port":40009,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01114{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":96,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969664405843,"flow_src_last_pkt_time":1431969664405843,"flow_dst_last_pkt_time":1431969664405843,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":27,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":27,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":27,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"64.4.23.148","src_port":13021,"dst_port":40010,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} @@ -1915,20 +1915,20 @@ 00784{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":242,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":9,"flow_first_seen":1431969714165437,"flow_src_last_pkt_time":1431969745160671,"flow_dst_last_pkt_time":1431969745160588,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":327,"flow_dst_max_l4_payload_len":21,"flow_src_tot_l4_payload_len":337,"flow_dst_tot_l4_payload_len":31,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.216.125","src_port":50111,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01114{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":241,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969713965185,"flow_src_last_pkt_time":1431969713965185,"flow_dst_last_pkt_time":1431969713965185,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":18,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":18,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":18,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"65.55.223.39","src_port":13021,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01102{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":16,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":1431969642969264,"flow_src_last_pkt_time":1431969723490924,"flow_dst_last_pkt_time":1431969642969264,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":30,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":30,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":270,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":49903,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00872{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"info","flow_src_packets_processed":15,"flow_dst_packets_processed":4,"flow_first_seen":1431969714902925,"flow_src_last_pkt_time":1431969731550410,"flow_dst_last_pkt_time":1431969731550308,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":96,"flow_dst_max_l4_payload_len":67,"flow_src_tot_l4_payload_len":160,"flow_dst_tot_l4_payload_len":100,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"81.83.77.141","src_port":50116,"dst_port":17639,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00999{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"info","flow_src_packets_processed":15,"flow_dst_packets_processed":4,"flow_first_seen":1431969714902925,"flow_src_last_pkt_time":1431969731550410,"flow_dst_last_pkt_time":1431969731550308,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":96,"flow_dst_max_l4_payload_len":67,"flow_src_tot_l4_payload_len":160,"flow_dst_tot_l4_payload_len":100,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"81.83.77.141","src_port":50116,"dst_port":17639,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00784{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"info","flow_src_packets_processed":15,"flow_dst_packets_processed":4,"flow_first_seen":1431969714902925,"flow_src_last_pkt_time":1431969731550410,"flow_dst_last_pkt_time":1431969731550308,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":96,"flow_dst_max_l4_payload_len":67,"flow_src_tot_l4_payload_len":160,"flow_dst_tot_l4_payload_len":100,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"81.83.77.141","src_port":50116,"dst_port":17639,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00871{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969714399341,"flow_src_last_pkt_time":1431969726002878,"flow_dst_last_pkt_time":1431969726002836,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":89,"flow_dst_max_l4_payload_len":79,"flow_src_tot_l4_payload_len":137,"flow_dst_tot_l4_payload_len":119,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"86.31.35.30","src_port":50115,"dst_port":59621,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00998{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969714399341,"flow_src_last_pkt_time":1431969726002878,"flow_dst_last_pkt_time":1431969726002836,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":89,"flow_dst_max_l4_payload_len":79,"flow_src_tot_l4_payload_len":137,"flow_dst_tot_l4_payload_len":119,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"86.31.35.30","src_port":50115,"dst_port":59621,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00783{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969714399341,"flow_src_last_pkt_time":1431969726002878,"flow_dst_last_pkt_time":1431969726002836,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":89,"flow_dst_max_l4_payload_len":79,"flow_src_tot_l4_payload_len":137,"flow_dst_tot_l4_payload_len":119,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"86.31.35.30","src_port":50115,"dst_port":59621,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00878{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":251,"flow_state":"info","flow_src_packets_processed":24,"flow_dst_packets_processed":16,"flow_first_seen":1431969716015431,"flow_src_last_pkt_time":1431969752089466,"flow_dst_last_pkt_time":1431969752089367,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":753,"flow_dst_max_l4_payload_len":1124,"flow_src_tot_l4_payload_len":1517,"flow_dst_tot_l4_payload_len":1444,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"81.83.77.141","src_port":50121,"dst_port":17639,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01005{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":251,"flow_state":"info","flow_src_packets_processed":24,"flow_dst_packets_processed":16,"flow_first_seen":1431969716015431,"flow_src_last_pkt_time":1431969752089466,"flow_dst_last_pkt_time":1431969752089367,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":753,"flow_dst_max_l4_payload_len":1124,"flow_src_tot_l4_payload_len":1517,"flow_dst_tot_l4_payload_len":1444,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"81.83.77.141","src_port":50121,"dst_port":17639,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00790{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":251,"flow_state":"info","flow_src_packets_processed":24,"flow_dst_packets_processed":16,"flow_first_seen":1431969716015431,"flow_src_last_pkt_time":1431969752089466,"flow_dst_last_pkt_time":1431969752089367,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":753,"flow_dst_max_l4_payload_len":1124,"flow_src_tot_l4_payload_len":1517,"flow_dst_tot_l4_payload_len":1444,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"81.83.77.141","src_port":50121,"dst_port":17639,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00877{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"info","flow_src_packets_processed":62,"flow_dst_packets_processed":38,"flow_first_seen":1431969715511238,"flow_src_last_pkt_time":1431969808618709,"flow_dst_last_pkt_time":1431969790381231,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":754,"flow_dst_max_l4_payload_len":1183,"flow_src_tot_l4_payload_len":2837,"flow_dst_tot_l4_payload_len":2809,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"86.31.35.30","src_port":50119,"dst_port":59621,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01004{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"info","flow_src_packets_processed":62,"flow_dst_packets_processed":38,"flow_first_seen":1431969715511238,"flow_src_last_pkt_time":1431969808618709,"flow_dst_last_pkt_time":1431969790381231,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":754,"flow_dst_max_l4_payload_len":1183,"flow_src_tot_l4_payload_len":2837,"flow_dst_tot_l4_payload_len":2809,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"86.31.35.30","src_port":50119,"dst_port":59621,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00789{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"info","flow_src_packets_processed":62,"flow_dst_packets_processed":38,"flow_first_seen":1431969715511238,"flow_src_last_pkt_time":1431969808618709,"flow_dst_last_pkt_time":1431969790381231,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":754,"flow_dst_max_l4_payload_len":1183,"flow_src_tot_l4_payload_len":2837,"flow_dst_tot_l4_payload_len":2809,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"86.31.35.30","src_port":50119,"dst_port":59621,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00780{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":12,"flow_state":"info","flow_src_packets_processed":17,"flow_dst_packets_processed":1,"flow_first_seen":1431969642376823,"flow_src_last_pkt_time":1431969712120603,"flow_dst_last_pkt_time":1431969642433995,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":191,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2483,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"23.223.73.34","src_port":50027,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01116{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":240,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969713965184,"flow_src_last_pkt_time":1431969713965184,"flow_dst_last_pkt_time":1431969713965184,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":18,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":18,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":18,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.145","src_port":13021,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01102{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":13,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431969642398350,"flow_src_last_pkt_time":1431969668794885,"flow_dst_last_pkt_time":1431969642398350,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":46,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":46,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":322,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":49990,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00872{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":222,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":4,"flow_first_seen":1431969705713833,"flow_src_last_pkt_time":1431969723790653,"flow_dst_last_pkt_time":1431969723790537,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":108,"flow_dst_max_l4_payload_len":71,"flow_src_tot_l4_payload_len":156,"flow_dst_tot_l4_payload_len":135,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"64.4.23.166","src_port":50099,"dst_port":40022,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00999{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":222,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":4,"flow_first_seen":1431969705713833,"flow_src_last_pkt_time":1431969723790653,"flow_dst_last_pkt_time":1431969723790537,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":108,"flow_dst_max_l4_payload_len":71,"flow_src_tot_l4_payload_len":156,"flow_dst_tot_l4_payload_len":135,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"64.4.23.166","src_port":50099,"dst_port":40022,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00784{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":222,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":4,"flow_first_seen":1431969705713833,"flow_src_last_pkt_time":1431969723790653,"flow_dst_last_pkt_time":1431969723790537,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":108,"flow_dst_max_l4_payload_len":71,"flow_src_tot_l4_payload_len":156,"flow_dst_tot_l4_payload_len":135,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"64.4.23.166","src_port":50099,"dst_port":40022,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":213,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431969697530346,"flow_src_last_pkt_time":1431969725708440,"flow_dst_last_pkt_time":1431969725781654,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":49,"flow_src_tot_l4_payload_len":149,"flow_dst_tot_l4_payload_len":49,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.146","src_port":50088,"dst_port":33033,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":213,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431969697530346,"flow_src_last_pkt_time":1431969725708440,"flow_dst_last_pkt_time":1431969725781654,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":49,"flow_src_tot_l4_payload_len":149,"flow_dst_tot_l4_payload_len":49,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.146","src_port":50088,"dst_port":33033,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":213,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431969697530346,"flow_src_last_pkt_time":1431969725708440,"flow_dst_last_pkt_time":1431969725781654,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":49,"flow_src_tot_l4_payload_len":149,"flow_dst_tot_l4_payload_len":49,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.146","src_port":50088,"dst_port":33033,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01102{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":20,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431969643971809,"flow_src_last_pkt_time":1431969670410701,"flow_dst_last_pkt_time":1431969643971809,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":60288,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00927{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":167,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":3,"flow_first_seen":1431969681060077,"flow_src_last_pkt_time":1431969700978211,"flow_dst_last_pkt_time":1431969700978115,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":25,"flow_src_tot_l4_payload_len":429,"flow_dst_tot_l4_payload_len":25,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"65.55.223.12","src_port":50066,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}} @@ -1962,7 +1962,7 @@ 01117{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":187,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969686494151,"flow_src_last_pkt_time":1431969686494151,"flow_dst_last_pkt_time":1431969686494151,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":31,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":31,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":31,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.29","src_port":13021,"dst_port":40024,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01116{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":38,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969655400081,"flow_src_last_pkt_time":1431969655400081,"flow_dst_last_pkt_time":1431969655400081,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.42","src_port":13021,"dst_port":40024,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01116{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":27,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969653376578,"flow_src_last_pkt_time":1431969653376578,"flow_dst_last_pkt_time":1431969653376578,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":35,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":35,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":35,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.15","src_port":13021,"dst_port":40024,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} -00872{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":277,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431969750597501,"flow_src_last_pkt_time":1431969790934910,"flow_dst_last_pkt_time":1431969791165736,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":124,"flow_dst_max_l4_payload_len":76,"flow_src_tot_l4_payload_len":840,"flow_dst_tot_l4_payload_len":76,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.53.47","src_port":50134,"dst_port":12350,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00999{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":277,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431969750597501,"flow_src_last_pkt_time":1431969790934910,"flow_dst_last_pkt_time":1431969791165736,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":124,"flow_dst_max_l4_payload_len":76,"flow_src_tot_l4_payload_len":840,"flow_dst_tot_l4_payload_len":76,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.53.47","src_port":50134,"dst_port":12350,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00784{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":277,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431969750597501,"flow_src_last_pkt_time":1431969790934910,"flow_dst_last_pkt_time":1431969791165736,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":124,"flow_dst_max_l4_payload_len":76,"flow_src_tot_l4_payload_len":840,"flow_dst_tot_l4_payload_len":76,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.53.47","src_port":50134,"dst_port":12350,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01117{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":77,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969661414015,"flow_src_last_pkt_time":1431969661414015,"flow_dst_last_pkt_time":1431969661414015,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.77.151","src_port":13021,"dst_port":40027,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01117{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":52,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969657367969,"flow_src_last_pkt_time":1431969657367969,"flow_dst_last_pkt_time":1431969657367969,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":35,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":35,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":35,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.77.145","src_port":13021,"dst_port":40027,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} @@ -1990,7 +1990,7 @@ 00780{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":141,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431969675055729,"flow_src_last_pkt_time":1431969695880291,"flow_dst_last_pkt_time":1431969696024889,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":261,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.56.146","src_port":50056,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00929{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":142,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":3,"flow_first_seen":1431969675055919,"flow_src_last_pkt_time":1431969694153200,"flow_dst_last_pkt_time":1431969694153109,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":41,"flow_src_tot_l4_payload_len":310,"flow_dst_tot_l4_payload_len":41,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.153","src_port":50057,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}} 00783{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":142,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":3,"flow_first_seen":1431969675055919,"flow_src_last_pkt_time":1431969694153200,"flow_dst_last_pkt_time":1431969694153109,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":41,"flow_src_tot_l4_payload_len":310,"flow_dst_tot_l4_payload_len":41,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.153","src_port":50057,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00872{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":245,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431969714398565,"flow_src_last_pkt_time":1431969731992203,"flow_dst_last_pkt_time":1431969731992117,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":49,"flow_src_tot_l4_payload_len":116,"flow_dst_tot_l4_payload_len":86,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"5.248.186.221","src_port":50114,"dst_port":31010,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00999{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":245,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431969714398565,"flow_src_last_pkt_time":1431969731992203,"flow_dst_last_pkt_time":1431969731992117,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":49,"flow_src_tot_l4_payload_len":116,"flow_dst_tot_l4_payload_len":86,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"5.248.186.221","src_port":50114,"dst_port":31010,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00784{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":245,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431969714398565,"flow_src_last_pkt_time":1431969731992203,"flow_dst_last_pkt_time":1431969731992117,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":49,"flow_src_tot_l4_payload_len":116,"flow_dst_tot_l4_payload_len":86,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"5.248.186.221","src_port":50114,"dst_port":31010,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00879{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":249,"flow_state":"info","flow_src_packets_processed":18,"flow_dst_packets_processed":13,"flow_first_seen":1431969715511090,"flow_src_last_pkt_time":1431969755484111,"flow_dst_last_pkt_time":1431969755483930,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":777,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":1388,"flow_dst_tot_l4_payload_len":1230,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"5.248.186.221","src_port":50118,"dst_port":31010,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00791{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":249,"flow_state":"info","flow_src_packets_processed":18,"flow_dst_packets_processed":13,"flow_first_seen":1431969715511090,"flow_src_last_pkt_time":1431969755484111,"flow_dst_last_pkt_time":1431969755483930,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":777,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":1388,"flow_dst_tot_l4_payload_len":1230,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"5.248.186.221","src_port":50118,"dst_port":31010,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} @@ -2005,10 +2005,10 @@ 00783{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":205,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":3,"flow_first_seen":1431969691076385,"flow_src_last_pkt_time":1431969708230648,"flow_dst_last_pkt_time":1431969708230581,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":79,"flow_src_tot_l4_payload_len":457,"flow_dst_tot_l4_payload_len":79,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.156","src_port":50080,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00929{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":209,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":3,"flow_first_seen":1431969692087049,"flow_src_last_pkt_time":1431969710209449,"flow_dst_last_pkt_time":1431969710209338,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":37,"flow_src_tot_l4_payload_len":478,"flow_dst_tot_l4_payload_len":37,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.176","src_port":50081,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}} 00783{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":209,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":3,"flow_first_seen":1431969692087049,"flow_src_last_pkt_time":1431969710209449,"flow_dst_last_pkt_time":1431969710209338,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":37,"flow_src_tot_l4_payload_len":478,"flow_dst_tot_l4_payload_len":37,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.176","src_port":50081,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":282,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431969770694633,"flow_src_last_pkt_time":1431969788429727,"flow_dst_last_pkt_time":1431969788429522,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":82,"flow_dst_max_l4_payload_len":55,"flow_src_tot_l4_payload_len":138,"flow_dst_tot_l4_payload_len":107,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"5.248.186.221","src_port":50137,"dst_port":31010,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":282,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431969770694633,"flow_src_last_pkt_time":1431969788429727,"flow_dst_last_pkt_time":1431969788429522,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":82,"flow_dst_max_l4_payload_len":55,"flow_src_tot_l4_payload_len":138,"flow_dst_tot_l4_payload_len":107,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"5.248.186.221","src_port":50137,"dst_port":31010,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":282,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431969770694633,"flow_src_last_pkt_time":1431969788429727,"flow_dst_last_pkt_time":1431969788429522,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":82,"flow_dst_max_l4_payload_len":55,"flow_src_tot_l4_payload_len":138,"flow_dst_tot_l4_payload_len":107,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"5.248.186.221","src_port":50137,"dst_port":31010,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01103{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":176,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431969683445606,"flow_src_last_pkt_time":1431969709776102,"flow_dst_last_pkt_time":1431969683445606,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":58368,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00878{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":284,"flow_state":"info","flow_src_packets_processed":15,"flow_dst_packets_processed":8,"flow_first_seen":1431969771806544,"flow_src_last_pkt_time":1431969808841301,"flow_dst_last_pkt_time":1431969776500630,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":776,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":1393,"flow_dst_tot_l4_payload_len":1184,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"5.248.186.221","src_port":50139,"dst_port":31010,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01005{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":284,"flow_state":"info","flow_src_packets_processed":15,"flow_dst_packets_processed":8,"flow_first_seen":1431969771806544,"flow_src_last_pkt_time":1431969808841301,"flow_dst_last_pkt_time":1431969776500630,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":776,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":1393,"flow_dst_tot_l4_payload_len":1184,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"5.248.186.221","src_port":50139,"dst_port":31010,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00790{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":284,"flow_state":"info","flow_src_packets_processed":15,"flow_dst_packets_processed":8,"flow_first_seen":1431969771806544,"flow_src_last_pkt_time":1431969808841301,"flow_dst_last_pkt_time":1431969776500630,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":776,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":1393,"flow_dst_tot_l4_payload_len":1184,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"5.248.186.221","src_port":50139,"dst_port":31010,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00927{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":216,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":3,"flow_first_seen":1431969699142169,"flow_src_last_pkt_time":1431969728344489,"flow_dst_last_pkt_time":1431969728419711,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":684,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.146","src_port":50091,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}} 00781{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":216,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":3,"flow_first_seen":1431969699142169,"flow_src_last_pkt_time":1431969728344489,"flow_dst_last_pkt_time":1431969728419711,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":684,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.146","src_port":50091,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} @@ -2022,18 +2022,18 @@ 00782{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":204,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":3,"flow_first_seen":1431969691076248,"flow_src_last_pkt_time":1431969717938891,"flow_dst_last_pkt_time":1431969717999294,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":306,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"213.199.179.142","src_port":50079,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01103{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":263,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431969720556330,"flow_src_last_pkt_time":1431969746803369,"flow_dst_last_pkt_time":1431969720556330,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":46,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":46,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":322,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":56387,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 01103{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":175,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431969683445395,"flow_src_last_pkt_time":1431969709776353,"flow_dst_last_pkt_time":1431969683445395,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":54343,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00871{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":144,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431969675413612,"flow_src_last_pkt_time":1431969703766187,"flow_dst_last_pkt_time":1431969703766087,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":70,"flow_src_tot_l4_payload_len":94,"flow_dst_tot_l4_payload_len":78,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.38","src_port":50059,"dst_port":40015,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00998{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":144,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431969675413612,"flow_src_last_pkt_time":1431969703766187,"flow_dst_last_pkt_time":1431969703766087,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":70,"flow_src_tot_l4_payload_len":94,"flow_dst_tot_l4_payload_len":78,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.38","src_port":50059,"dst_port":40015,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00783{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":144,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431969675413612,"flow_src_last_pkt_time":1431969703766187,"flow_dst_last_pkt_time":1431969703766087,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":70,"flow_src_tot_l4_payload_len":94,"flow_dst_tot_l4_payload_len":78,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.38","src_port":50059,"dst_port":40015,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":135,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431969673443716,"flow_src_last_pkt_time":1431969701528785,"flow_dst_last_pkt_time":1431969701528688,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":100,"flow_dst_max_l4_payload_len":50,"flow_src_tot_l4_payload_len":140,"flow_dst_tot_l4_payload_len":58,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.47","src_port":50055,"dst_port":40030,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":135,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431969673443716,"flow_src_last_pkt_time":1431969701528785,"flow_dst_last_pkt_time":1431969701528688,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":100,"flow_dst_max_l4_payload_len":50,"flow_src_tot_l4_payload_len":140,"flow_dst_tot_l4_payload_len":58,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.47","src_port":50055,"dst_port":40030,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":135,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431969673443716,"flow_src_last_pkt_time":1431969701528785,"flow_dst_last_pkt_time":1431969701528688,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":100,"flow_dst_max_l4_payload_len":50,"flow_src_tot_l4_payload_len":140,"flow_dst_tot_l4_payload_len":58,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.47","src_port":50055,"dst_port":40030,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01103{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":157,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431969677975446,"flow_src_last_pkt_time":1431969704363268,"flow_dst_last_pkt_time":1431969677975446,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":58458,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":211,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431969695483561,"flow_src_last_pkt_time":1431969723584637,"flow_dst_last_pkt_time":1431969723584541,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":75,"flow_dst_max_l4_payload_len":83,"flow_src_tot_l4_payload_len":115,"flow_dst_tot_l4_payload_len":91,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.77.142","src_port":50086,"dst_port":40023,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":211,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431969695483561,"flow_src_last_pkt_time":1431969723584637,"flow_dst_last_pkt_time":1431969723584541,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":75,"flow_dst_max_l4_payload_len":83,"flow_src_tot_l4_payload_len":115,"flow_dst_tot_l4_payload_len":91,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.77.142","src_port":50086,"dst_port":40023,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":211,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431969695483561,"flow_src_last_pkt_time":1431969723584637,"flow_dst_last_pkt_time":1431969723584541,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":75,"flow_dst_max_l4_payload_len":83,"flow_src_tot_l4_payload_len":115,"flow_dst_tot_l4_payload_len":91,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.77.142","src_port":50086,"dst_port":40023,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00872{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":219,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431969704663999,"flow_src_last_pkt_time":1431969718237861,"flow_dst_last_pkt_time":1431969718237742,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":62,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":118,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.46","src_port":50096,"dst_port":40027,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00999{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":219,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431969704663999,"flow_src_last_pkt_time":1431969718237861,"flow_dst_last_pkt_time":1431969718237742,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":62,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":118,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.46","src_port":50096,"dst_port":40027,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00784{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":219,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431969704663999,"flow_src_last_pkt_time":1431969718237861,"flow_dst_last_pkt_time":1431969718237742,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":62,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":118,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.46","src_port":50096,"dst_port":40027,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01101{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431969642244935,"flow_src_last_pkt_time":1431969668794481,"flow_dst_last_pkt_time":1431969642244935,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":31,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":31,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":217,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":54396,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00971{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":274,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1431969745776534,"flow_src_last_pkt_time":1431969745776598,"flow_dst_last_pkt_time":1431969745776534,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":132,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":133,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":265,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"239.255.255.250","src_port":56886,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} -00871{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":270,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":5,"flow_first_seen":1431969725833987,"flow_src_last_pkt_time":1431969741920429,"flow_dst_last_pkt_time":1431969741920359,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":96,"flow_dst_max_l4_payload_len":56,"flow_src_tot_l4_payload_len":152,"flow_dst_tot_l4_payload_len":64,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"149.13.32.15","src_port":50132,"dst_port":13392,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00998{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":270,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":5,"flow_first_seen":1431969725833987,"flow_src_last_pkt_time":1431969741920429,"flow_dst_last_pkt_time":1431969741920359,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":96,"flow_dst_max_l4_payload_len":56,"flow_src_tot_l4_payload_len":152,"flow_dst_tot_l4_payload_len":64,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"149.13.32.15","src_port":50132,"dst_port":13392,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00783{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":270,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":5,"flow_first_seen":1431969725833987,"flow_src_last_pkt_time":1431969741920429,"flow_dst_last_pkt_time":1431969741920359,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":96,"flow_dst_max_l4_payload_len":56,"flow_src_tot_l4_payload_len":152,"flow_dst_tot_l4_payload_len":64,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"149.13.32.15","src_port":50132,"dst_port":13392,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00787{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":271,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":7,"flow_first_seen":1431969727446487,"flow_src_last_pkt_time":1431969727685310,"flow_dst_last_pkt_time":1431969727738197,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1352,"flow_dst_max_l4_payload_len":133,"flow_src_tot_l4_payload_len":1362,"flow_dst_tot_l4_payload_len":162,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"149.13.32.15","src_port":50133,"dst_port":13392,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01125{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":15,"flow_state":"finished","flow_src_packets_processed":187,"flow_dst_packets_processed":200,"flow_first_seen":1431969642444382,"flow_src_last_pkt_time":1431969808620001,"flow_dst_last_pkt_time":1431969778682206,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1440,"flow_dst_max_l4_payload_len":1440,"flow_src_tot_l4_payload_len":30185,"flow_dst_tot_l4_payload_len":142347,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.126.211","src_port":50028,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"7": {"risk":"Obsolete TLS (v1.1 or older)","severity":"High","risk_score": {"total":310,"client":275,"server":35}}},"confidence": {"6":"DPI"},"proto":"TLS.Skype_Teams","proto_id":"91.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} @@ -2057,9 +2057,9 @@ 01115{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":85,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969662422217,"flow_src_last_pkt_time":1431969662422217,"flow_dst_last_pkt_time":1431969662422217,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"65.55.223.25","src_port":13021,"dst_port":40028,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01116{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":102,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969665416714,"flow_src_last_pkt_time":1431969665416714,"flow_dst_last_pkt_time":1431969665416714,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"65.55.223.24","src_port":13021,"dst_port":40032,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01115{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":95,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969664405665,"flow_src_last_pkt_time":1431969664405665,"flow_dst_last_pkt_time":1431969664405665,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":22,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":22,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":22,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"65.55.223.20","src_port":13021,"dst_port":40033,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} -00874{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":252,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":6,"flow_first_seen":1431969716182666,"flow_src_last_pkt_time":1431969728657604,"flow_dst_last_pkt_time":1431969728657420,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":110,"flow_dst_max_l4_payload_len":88,"flow_src_tot_l4_payload_len":166,"flow_dst_tot_l4_payload_len":126,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"81.133.19.185","src_port":50122,"dst_port":44431,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01001{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":252,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":6,"flow_first_seen":1431969716182666,"flow_src_last_pkt_time":1431969728657604,"flow_dst_last_pkt_time":1431969728657420,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":110,"flow_dst_max_l4_payload_len":88,"flow_src_tot_l4_payload_len":166,"flow_dst_tot_l4_payload_len":126,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"81.133.19.185","src_port":50122,"dst_port":44431,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00786{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":252,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":6,"flow_first_seen":1431969716182666,"flow_src_last_pkt_time":1431969728657604,"flow_dst_last_pkt_time":1431969728657420,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":110,"flow_dst_max_l4_payload_len":88,"flow_src_tot_l4_payload_len":166,"flow_dst_tot_l4_payload_len":126,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"81.133.19.185","src_port":50122,"dst_port":44431,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":254,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":11,"flow_first_seen":1431969717295253,"flow_src_last_pkt_time":1431969788791433,"flow_dst_last_pkt_time":1431969788791276,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":26,"flow_src_tot_l4_payload_len":128,"flow_dst_tot_l4_payload_len":44,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"81.133.19.185","src_port":50124,"dst_port":44431,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":254,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":11,"flow_first_seen":1431969717295253,"flow_src_last_pkt_time":1431969788791433,"flow_dst_last_pkt_time":1431969788791276,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":26,"flow_src_tot_l4_payload_len":128,"flow_dst_tot_l4_payload_len":44,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"81.133.19.185","src_port":50124,"dst_port":44431,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":254,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":11,"flow_first_seen":1431969717295253,"flow_src_last_pkt_time":1431969788791433,"flow_dst_last_pkt_time":1431969788791276,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":26,"flow_src_tot_l4_payload_len":128,"flow_dst_tot_l4_payload_len":44,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"81.133.19.185","src_port":50124,"dst_port":44431,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01117{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":234,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":1431969713813443,"flow_src_last_pkt_time":1431969733946836,"flow_dst_last_pkt_time":1431969713813443,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":18,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":18,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":90,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"176.26.55.167","src_port":13021,"dst_port":63773,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01117{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":82,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969662422043,"flow_src_last_pkt_time":1431969662422043,"flow_dst_last_pkt_time":1431969662422043,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":37,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":37,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":37,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.152","src_port":13021,"dst_port":40001,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} @@ -2132,9 +2132,9 @@ ~~ total active/idle flows...: 293/293 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 8520971 bytes -~~ total memory freed........: 8520971 bytes -~~ total allocations/frees...: 149085/149085 +~~ total memory allocated....: 8700972 bytes +~~ total memory freed........: 8700972 bytes +~~ total allocations/frees...: 152766/152766 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 2483 chars |