summaryrefslogtreecommitdiff
path: root/test/results/dropbox.pcap.out
diff options
context:
space:
mode:
Diffstat (limited to 'test/results/dropbox.pcap.out')
-rw-r--r--test/results/dropbox.pcap.out12
1 files changed, 6 insertions, 6 deletions
diff --git a/test/results/dropbox.pcap.out b/test/results/dropbox.pcap.out
index 909e7f75c..758f01aa0 100644
--- a/test/results/dropbox.pcap.out
+++ b/test/results/dropbox.pcap.out
@@ -10,20 +10,20 @@
00866{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":27,"source":"dropbox.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1455907272856457,"flow_src_last_pkt_time":1455907272856457,"flow_dst_last_pkt_time":1455907272856457,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":95,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":95,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":95,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1455907272856457,"l3_proto":"ip4","src_ip":"192.168.56.1","dst_ip":"192.168.56.101","src_port":50318,"dst_port":17500,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Dropbox","proto_id":"121","encrypted":0,"breed":"Acceptable","category_id":13,"category":"Cloud"}}
00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":28,"source":"dropbox.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":2,"flow_src_last_pkt_time":1455907272856457,"flow_dst_last_pkt_time":1455907272858898,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":26,"thread_ts_usec":1455907272858898,"pkt":"CAAnAERyCAAnmO\/hCABFAAAuXhFAAEAR6vbAqDhlwKg4AURcxI4AGvHiYkQdqQeYiy9yL0J1czE3Q21k"}
00629{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":31,"source":"dropbox.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":3,"flow_src_last_pkt_time":1455907272969405,"flow_dst_last_pkt_time":1455907272858898,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":141,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":141,"pkt_l4_len":107,"thread_ts_usec":1455907272969405,"pkt":"CAAnmO\/hCAAnAERyCABFAAB\/EYMAAIARNzTAqDgBwKg4ZcSORFwAa8WlRgMdqhF5z0YYRXJEXEFyCEJ1czE3Q21kETL\/eyJtZXNzYWdlVHlwZSI6IlVQREFURSIsIm1lc3NhZ2VDb250ZW50IjoiRnJpIEZlYiAxOSAyMDo0MToxMyBFRVQgMjAxNiJ9"}
-01367{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":38,"source":"dropbox.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":16,"flow_dst_packets_processed":16,"flow_first_seen":1455907271481938,"flow_src_last_pkt_time":1455907273126173,"flow_dst_last_pkt_time":1455907273127913,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":94,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":101,"flow_dst_max_l4_payload_len":24,"flow_src_tot_l4_payload_len":1538,"flow_dst_tot_l4_payload_len":306,"midstream":0,"thread_ts_usec":1455907273127913,"l3_proto":"ip4","src_ip":"192.168.56.1","dst_ip":"192.168.56.101","src_port":50311,"dst_port":17500,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"data_analysis": {"iat": {"flow_min":1824,"flow_avg":111116912.0,"flow_max":3552450882,"flow_stddev":618081856.0,"c_to_s_min":103882,"c_to_s_avg":222130944.0,"c_to_s_max":3552450882,"c_to_s_stddev":859884928.0,"s_to_c_min":1824,"s_to_c_avg":102873.4,"s_to_c_max":115953,"s_to_c_stddev":26289.5},"pktlen": {"c_to_s_min":136,"c_to_s_avg":138.1,"c_to_s_max":143,"c_to_s_stddev":2.1,"s_to_c_min":59,"s_to_c_avg":61.1,"s_to_c_max":66,"s_to_c_stddev":2.1}},"ndpi": {"confidence": {"6":"DPI"},"proto":"Dropbox","proto_id":"121","encrypted":0,"breed":"Acceptable","category_id":13,"category":"Cloud"}}
+01344{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":38,"source":"dropbox.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":16,"flow_dst_packets_processed":16,"flow_first_seen":1455907271481938,"flow_src_last_pkt_time":1455907273126173,"flow_dst_last_pkt_time":1455907273127913,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":94,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":101,"flow_dst_max_l4_payload_len":24,"flow_src_tot_l4_payload_len":1538,"flow_dst_tot_l4_payload_len":306,"midstream":0,"thread_ts_usec":1455907273127913,"l3_proto":"ip4","src_ip":"192.168.56.1","dst_ip":"192.168.56.101","src_port":50311,"dst_port":17500,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"data_analysis": {"iat": {"flow_min":1824,"flow_avg":106135.8,"flow_max":117757,"flow_stddev":19323.7,"c_to_s_min":103882,"c_to_s_avg":109615.7,"c_to_s_max":117757,"c_to_s_stddev":3320.9,"s_to_c_min":1824,"s_to_c_avg":102873.4,"s_to_c_max":115953,"s_to_c_stddev":26289.5},"pktlen": {"c_to_s_min":136,"c_to_s_avg":138.1,"c_to_s_max":143,"c_to_s_stddev":2.1,"s_to_c_min":59,"s_to_c_avg":61.1,"s_to_c_max":66,"s_to_c_stddev":2.1}},"ndpi": {"confidence": {"6":"DPI"},"proto":"Dropbox","proto_id":"121","encrypted":0,"breed":"Acceptable","category_id":13,"category":"Cloud"}}
00758{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":71,"source":"dropbox.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1455907274088318,"flow_src_last_pkt_time":1455907274088318,"flow_dst_last_pkt_time":1455907274088318,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":97,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":97,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":97,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1455907274088318,"l3_proto":"ip4","src_ip":"192.168.56.1","dst_ip":"192.168.56.101","src_port":50312,"dst_port":17500,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
00628{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":71,"source":"dropbox.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":1,"flow_src_last_pkt_time":1455907274088318,"flow_dst_last_pkt_time":1455907274088318,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":139,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":139,"pkt_l4_len":105,"thread_ts_usec":1455907274088318,"pkt":"CAAnmO\/hCAAnAERyCABFAAB9EncAAIARNkLAqDgBwKg4ZcSIRFwAaR7GRANSj9XGl0FyRFxBcghCdXMxN0NtZBEy\/3sibWVzc2FnZVR5cGUiOiJVUERBVEUiLCJtZXNzYWdlQ29udGVudCI6IkZyaSBGZWIgMTkgMjA6NDE6MTQgRUVUIDIwMTYifQ=="}
00866{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":71,"source":"dropbox.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1455907274088318,"flow_src_last_pkt_time":1455907274088318,"flow_dst_last_pkt_time":1455907274088318,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":97,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":97,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":97,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1455907274088318,"l3_proto":"ip4","src_ip":"192.168.56.1","dst_ip":"192.168.56.101","src_port":50312,"dst_port":17500,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Dropbox","proto_id":"121","encrypted":0,"breed":"Acceptable","category_id":13,"category":"Cloud"}}
00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":72,"source":"dropbox.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":2,"flow_src_last_pkt_time":1455907274088318,"flow_dst_last_pkt_time":1455907274089637,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":62,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":62,"pkt_l4_len":28,"thread_ts_usec":1455907274089637,"pkt":"CAAnAERyCAAnmO\/hCABFAAAwXqNAAEAR6mLAqDhlwKg4AURcxIgAHPHkZERSj9XGl0GLL3IvQnVzMTdDbWQ="}
00631{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":77,"source":"dropbox.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":3,"flow_src_last_pkt_time":1455907274193327,"flow_dst_last_pkt_time":1455907274089637,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":143,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":143,"pkt_l4_len":109,"thread_ts_usec":1455907274193327,"pkt":"CAAnmO\/hCAAnAERyCABFAACBEpIAAIARNiPAqDgBwKg4ZcSIRFwAbeMnSANSkLugNTWCkTE2ckRcQXIIQnVzMTdDbWQRMv97Im1lc3NhZ2VUeXBlIjoiVVBEQVRFIiwibWVzc2FnZUNvbnRlbnQiOiJGcmkgRmViIDE5IDIwOjQxOjE0IEVFVCAyMDE2In0="}
-01345{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":98,"source":"dropbox.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":16,"flow_dst_packets_processed":16,"flow_first_seen":1455907272856457,"flow_src_last_pkt_time":1455907274582746,"flow_dst_last_pkt_time":1455907274587363,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":95,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":100,"flow_dst_max_l4_payload_len":23,"flow_src_tot_l4_payload_len":1552,"flow_dst_tot_l4_payload_len":320,"midstream":0,"thread_ts_usec":1455907274587363,"l3_proto":"ip4","src_ip":"192.168.56.1","dst_ip":"192.168.56.101","src_port":50318,"dst_port":17500,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"data_analysis": {"iat": {"flow_min":2441,"flow_avg":113329.8,"flow_max":169358,"flow_stddev":22849.5,"c_to_s_min":105608,"c_to_s_avg":118477.9,"c_to_s_max":169358,"c_to_s_stddev":14454.9,"s_to_c_min":2441,"s_to_c_avg":108181.6,"s_to_c_max":125708,"s_to_c_stddev":27968.8},"pktlen": {"c_to_s_min":137,"c_to_s_avg":139.0,"c_to_s_max":142,"c_to_s_stddev":1.8,"s_to_c_min":60,"s_to_c_avg":62.0,"s_to_c_max":65,"s_to_c_stddev":1.8}},"ndpi": {"confidence": {"6":"DPI"},"proto":"Dropbox","proto_id":"121","encrypted":0,"breed":"Acceptable","category_id":13,"category":"Cloud"}}
+01344{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":98,"source":"dropbox.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":16,"flow_dst_packets_processed":16,"flow_first_seen":1455907272856457,"flow_src_last_pkt_time":1455907274582746,"flow_dst_last_pkt_time":1455907274587363,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":95,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":100,"flow_dst_max_l4_payload_len":23,"flow_src_tot_l4_payload_len":1552,"flow_dst_tot_l4_payload_len":320,"midstream":0,"thread_ts_usec":1455907274587363,"l3_proto":"ip4","src_ip":"192.168.56.1","dst_ip":"192.168.56.101","src_port":50318,"dst_port":17500,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"data_analysis": {"iat": {"flow_min":2441,"flow_avg":111522.4,"flow_max":127663,"flow_stddev":20842.5,"c_to_s_min":105608,"c_to_s_avg":115085.9,"c_to_s_max":127663,"c_to_s_stddev":6227.5,"s_to_c_min":2441,"s_to_c_avg":108181.6,"s_to_c_max":125708,"s_to_c_stddev":27968.8},"pktlen": {"c_to_s_min":137,"c_to_s_avg":139.0,"c_to_s_max":142,"c_to_s_stddev":1.8,"s_to_c_min":60,"s_to_c_avg":62.0,"s_to_c_max":65,"s_to_c_stddev":1.8}},"ndpi": {"confidence": {"6":"DPI"},"proto":"Dropbox","proto_id":"121","encrypted":0,"breed":"Acceptable","category_id":13,"category":"Cloud"}}
00759{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":153,"source":"dropbox.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1455907275690777,"flow_src_last_pkt_time":1455907275690777,"flow_dst_last_pkt_time":1455907275690777,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":99,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":99,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":99,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1455907275690777,"l3_proto":"ip4","src_ip":"192.168.56.1","dst_ip":"192.168.56.101","src_port":50319,"dst_port":17500,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
00631{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":153,"source":"dropbox.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":1,"flow_src_last_pkt_time":1455907275690777,"flow_dst_last_pkt_time":1455907275690777,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":141,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":141,"pkt_l4_len":107,"thread_ts_usec":1455907275690777,"pkt":"CAAnmO\/hCAAnAERyCABFAAB\/FCAAAIARNJfAqDgBwKg4ZcSPRFwAa2JLRgOAZtDWwMpn\/nJEXEFyCEJ1czE3Q21kETL\/eyJtZXNzYWdlVHlwZSI6IlVQREFURSIsIm1lc3NhZ2VDb250ZW50IjoiRnJpIEZlYiAxOSAyMDo0MToxNSBFRVQgMjAxNiJ9"}
00867{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":153,"source":"dropbox.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1455907275690777,"flow_src_last_pkt_time":1455907275690777,"flow_dst_last_pkt_time":1455907275690777,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":99,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":99,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":99,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1455907275690777,"l3_proto":"ip4","src_ip":"192.168.56.1","dst_ip":"192.168.56.101","src_port":50319,"dst_port":17500,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Dropbox","proto_id":"121","encrypted":0,"breed":"Acceptable","category_id":13,"category":"Cloud"}}
00526{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":154,"source":"dropbox.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":2,"flow_src_last_pkt_time":1455907275690777,"flow_dst_last_pkt_time":1455907275695868,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":64,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":64,"pkt_l4_len":30,"thread_ts_usec":1455907275695868,"pkt":"CAAnAERyCAAnmO\/hCABFAAAyX35AAEAR6YXAqDhlwKg4AURcxI8AHvHmZkSAZtDWwMpn\/osvci9CdXMxN0NtZA=="}
00633{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":161,"source":"dropbox.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":3,"flow_src_last_pkt_time":1455907275831283,"flow_dst_last_pkt_time":1455907275695868,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":142,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":142,"pkt_l4_len":108,"thread_ts_usec":1455907275831283,"pkt":"CAAnmO\/hCAAnAERyCABFAACAFEwAAIARNGrAqDgBwKg4ZcSPRFwAbLkURwOAZ6ExGoh1VzNyRFxBcghCdXMxN0NtZBEy\/3sibWVzc2FnZVR5cGUiOiJVUERBVEUiLCJtZXNzYWdlQ29udGVudCI6IkZyaSBGZWIgMTkgMjA6NDE6MTUgRUVUIDIwMTYifQ=="}
-01346{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":166,"source":"dropbox.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":16,"flow_dst_packets_processed":16,"flow_first_seen":1455907274088318,"flow_src_last_pkt_time":1455907275896569,"flow_dst_last_pkt_time":1455907275902611,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":95,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":101,"flow_dst_max_l4_payload_len":24,"flow_src_tot_l4_payload_len":1564,"flow_dst_tot_l4_payload_len":332,"midstream":0,"thread_ts_usec":1455907275902611,"l3_proto":"ip4","src_ip":"192.168.56.1","dst_ip":"192.168.56.101","src_port":50312,"dst_port":17500,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"data_analysis": {"iat": {"flow_min":1319,"flow_avg":118267.2,"flow_max":162007,"flow_stddev":23372.8,"c_to_s_min":105009,"c_to_s_avg":123141.1,"c_to_s_max":162007,"c_to_s_stddev":12659.5,"s_to_c_min":1319,"s_to_c_avg":113393.3,"s_to_c_max":131359,"s_to_c_stddev":29745.6},"pktlen": {"c_to_s_min":137,"c_to_s_avg":139.8,"c_to_s_max":143,"c_to_s_stddev":1.8,"s_to_c_min":60,"s_to_c_avg":62.8,"s_to_c_max":66,"s_to_c_stddev":1.8}},"ndpi": {"confidence": {"6":"DPI"},"proto":"Dropbox","proto_id":"121","encrypted":0,"breed":"Acceptable","category_id":13,"category":"Cloud"}}
-01346{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":276,"source":"dropbox.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":16,"flow_dst_packets_processed":16,"flow_first_seen":1455907275690777,"flow_src_last_pkt_time":1455907277661201,"flow_dst_last_pkt_time":1455907277663998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":94,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":101,"flow_dst_max_l4_payload_len":24,"flow_src_tot_l4_payload_len":1561,"flow_dst_tot_l4_payload_len":329,"midstream":0,"thread_ts_usec":1455907277663998,"l3_proto":"ip4","src_ip":"192.168.56.1","dst_ip":"192.168.56.101","src_port":50319,"dst_port":17500,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"data_analysis": {"iat": {"flow_min":5091,"flow_avg":127472.9,"flow_max":172321,"flow_stddev":25890.7,"c_to_s_min":106749,"c_to_s_avg":131619.4,"c_to_s_max":172321,"c_to_s_stddev":14080.1,"s_to_c_min":5091,"s_to_c_avg":123326.3,"s_to_c_max":164608,"s_to_c_stddev":33286.9},"pktlen": {"c_to_s_min":136,"c_to_s_avg":139.6,"c_to_s_max":143,"c_to_s_stddev":2.2,"s_to_c_min":59,"s_to_c_avg":62.6,"s_to_c_max":66,"s_to_c_stddev":2.2}},"ndpi": {"confidence": {"6":"DPI"},"proto":"Dropbox","proto_id":"121","encrypted":0,"breed":"Acceptable","category_id":13,"category":"Cloud"}}
+01345{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":166,"source":"dropbox.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":16,"flow_dst_packets_processed":16,"flow_first_seen":1455907274088318,"flow_src_last_pkt_time":1455907275896569,"flow_dst_last_pkt_time":1455907275902611,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":95,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":101,"flow_dst_max_l4_payload_len":24,"flow_src_tot_l4_payload_len":1564,"flow_dst_tot_l4_payload_len":332,"midstream":0,"thread_ts_usec":1455907275902611,"l3_proto":"ip4","src_ip":"192.168.56.1","dst_ip":"192.168.56.101","src_port":50312,"dst_port":17500,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"data_analysis": {"iat": {"flow_min":1319,"flow_avg":116856.3,"flow_max":131359,"flow_stddev":22365.2,"c_to_s_min":105009,"c_to_s_avg":120550.1,"c_to_s_max":131277,"c_to_s_stddev":7970.6,"s_to_c_min":1319,"s_to_c_avg":113393.3,"s_to_c_max":131359,"s_to_c_stddev":29745.6},"pktlen": {"c_to_s_min":137,"c_to_s_avg":139.8,"c_to_s_max":143,"c_to_s_stddev":1.8,"s_to_c_min":60,"s_to_c_avg":62.8,"s_to_c_max":66,"s_to_c_stddev":1.8}},"ndpi": {"confidence": {"6":"DPI"},"proto":"Dropbox","proto_id":"121","encrypted":0,"breed":"Acceptable","category_id":13,"category":"Cloud"}}
+01346{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":276,"source":"dropbox.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":16,"flow_dst_packets_processed":16,"flow_first_seen":1455907275690777,"flow_src_last_pkt_time":1455907277661201,"flow_dst_last_pkt_time":1455907277663998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":94,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":101,"flow_dst_max_l4_payload_len":24,"flow_src_tot_l4_payload_len":1561,"flow_dst_tot_l4_payload_len":329,"midstream":0,"thread_ts_usec":1455907277663998,"l3_proto":"ip4","src_ip":"192.168.56.1","dst_ip":"192.168.56.101","src_port":50319,"dst_port":17500,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"data_analysis": {"iat": {"flow_min":5091,"flow_avg":127214.4,"flow_max":172321,"flow_stddev":26264.3,"c_to_s_min":106749,"c_to_s_avg":131361.6,"c_to_s_max":172321,"c_to_s_stddev":14505.2,"s_to_c_min":5091,"s_to_c_avg":123326.3,"s_to_c_max":164608,"s_to_c_stddev":33286.9},"pktlen": {"c_to_s_min":136,"c_to_s_avg":139.6,"c_to_s_max":143,"c_to_s_stddev":2.2,"s_to_c_min":59,"s_to_c_avg":62.6,"s_to_c_max":66,"s_to_c_stddev":2.2}},"ndpi": {"confidence": {"6":"DPI"},"proto":"Dropbox","proto_id":"121","encrypted":0,"breed":"Acceptable","category_id":13,"category":"Cloud"}}
00561{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":801,"source":"dropbox.pcap","alias":"nDPId-test","packets-captured":801,"packets-processed":800,"total-skipped-flows":0,"total-l4-payload-len":47076,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":4,"total-detection-updates":0,"total-updates":0,"current-active-flows":4,"total-active-flows":4,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":27,"global_ts_usec":1459182796665502}
00756{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":801,"source":"dropbox.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1459182796665502,"flow_src_last_pkt_time":1459182796665502,"flow_dst_last_pkt_time":1459182796665502,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":36,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1459182796665502,"l3_proto":"ip4","src_ip":"192.168.1.105","dst_ip":"192.168.1.254","src_port":55407,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
00541{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":801,"source":"dropbox.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":1,"flow_src_last_pkt_time":1459182796665502,"flow_dst_last_pkt_time":1459182796665502,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":78,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":78,"pkt_l4_len":44,"thread_ts_usec":1459182796665502,"pkt":"8IQvSpdgeJKcD6iOCABFAABAOLtAAEARfTrAqAFpwKgB\/thvADUALFKSg5wBAAABAAAAAAAABmNsaWVudAdkcm9wYm94A2NvbQAAAQAB"}
@@ -118,5 +118,5 @@
~~ total allocations/frees...: 122416/122416
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ json string min len.......: 478 chars
-~~ json string max len.......: 1372 chars
-~~ json string avg len.......: 925 chars
+~~ json string max len.......: 1351 chars
+~~ json string avg len.......: 914 chars
Powered by cgit, Themed by Ted Yin.