summaryrefslogtreecommitdiff
path: root/test/results/hsrp2_ipv6.pcapng.out
diff options
context:
space:
mode:
Diffstat (limited to 'test/results/hsrp2_ipv6.pcapng.out')
-rw-r--r--test/results/hsrp2_ipv6.pcapng.out26
1 files changed, 13 insertions, 13 deletions
diff --git a/test/results/hsrp2_ipv6.pcapng.out b/test/results/hsrp2_ipv6.pcapng.out
index 1e49cf5b6..9f2b1ef64 100644
--- a/test/results/hsrp2_ipv6.pcapng.out
+++ b/test/results/hsrp2_ipv6.pcapng.out
@@ -2,20 +2,20 @@
00555{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"hsrp2_ipv6.pcapng","alias":"nDPId-test","packets-captured":1,"packets-processed":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2,"global_ts_usec":1589369101819741}
00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"hsrp2_ipv6.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1589369101819741,"flow_src_last_pkt_time":1589369101819741,"flow_dst_last_pkt_time":1589369101819741,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":6,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":6,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":6,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1589369101819741,"l3_proto":"ip6","src_ip":"fe80::1","dst_ip":"ff02::66","src_port":2029,"dst_port":2029,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
00538{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"hsrp2_ipv6.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_src_last_pkt_time":1589369101819741,"flow_dst_last_pkt_time":1589369101819741,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":72,"pkt_type":34525,"pkt_l3_offset":18,"pkt_l4_offset":58,"pkt_len":72,"pkt_l4_len":14,"thread_ts_usec":1589369101819741,"pkt":"MzMAAABmqrvMAAEggQAAEIbdbgAAAAAOEf\/+gAAAAAAAAAAAAAAAAAAB\/wIAAAAAAAAAAAAAAAAAZgftB+0ADvAIAgQAAAAB"}
-00985{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1,"source":"hsrp2_ipv6.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1589369101819741,"flow_src_last_pkt_time":1589369101819741,"flow_dst_last_pkt_time":1589369101819741,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":6,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":6,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":6,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1589369101819741,"l3_proto":"ip6","src_ip":"fe80::1","dst_ip":"ff02::66","src_port":2029,"dst_port":2029,"l4_proto":"udp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}}},"confidence": {"6":"DPI"},"proto":"HSRP","proto_id":"282","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
+01028{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1,"source":"hsrp2_ipv6.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1589369101819741,"flow_src_last_pkt_time":1589369101819741,"flow_dst_last_pkt_time":1589369101819741,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":6,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":6,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":6,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1589369101819741,"l3_proto":"ip6","src_ip":"fe80::1","dst_ip":"ff02::66","src_port":2029,"dst_port":2029,"l4_proto":"udp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}}},"confidence": {"6":"DPI"},"proto":"HSRP","proto_id":"282","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2,"source":"hsrp2_ipv6.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1589369104269870,"flow_src_last_pkt_time":1589369104269870,"flow_dst_last_pkt_time":1589369104269870,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":6,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":6,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":6,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1589369104269870,"l3_proto":"ip6","src_ip":"fe80::2","dst_ip":"ff02::66","src_port":2029,"dst_port":2029,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
00538{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"hsrp2_ipv6.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_src_last_pkt_time":1589369104269870,"flow_dst_last_pkt_time":1589369104269870,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":72,"pkt_type":34525,"pkt_l3_offset":18,"pkt_l4_offset":58,"pkt_len":72,"pkt_l4_len":14,"thread_ts_usec":1589369104269870,"pkt":"MzMAAABmqrvMAAIggQAAEIbdbgAAAAAOEf\/+gAAAAAAAAAAAAAAAAAAC\/wIAAAAAAAAAAAAAAAAAZgftB+0ADvAHAgQAAAAB"}
-00985{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2,"source":"hsrp2_ipv6.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1589369104269870,"flow_src_last_pkt_time":1589369104269870,"flow_dst_last_pkt_time":1589369104269870,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":6,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":6,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":6,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1589369104269870,"l3_proto":"ip6","src_ip":"fe80::2","dst_ip":"ff02::66","src_port":2029,"dst_port":2029,"l4_proto":"udp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}}},"confidence": {"6":"DPI"},"proto":"HSRP","proto_id":"282","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
+01028{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2,"source":"hsrp2_ipv6.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1589369104269870,"flow_src_last_pkt_time":1589369104269870,"flow_dst_last_pkt_time":1589369104269870,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":6,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":6,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":6,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1589369104269870,"l3_proto":"ip6","src_ip":"fe80::2","dst_ip":"ff02::66","src_port":2029,"dst_port":2029,"l4_proto":"udp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}}},"confidence": {"6":"DPI"},"proto":"HSRP","proto_id":"282","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
00630{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"hsrp2_ipv6.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_src_last_pkt_time":1589369122912148,"flow_dst_last_pkt_time":1589369101819741,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":138,"pkt_type":34525,"pkt_l3_offset":18,"pkt_l4_offset":58,"pkt_len":138,"pkt_l4_len":80,"thread_ts_usec":1589369122912148,"pkt":"MzMAAABmqrvMAAEggQAAEIbdbgAAAABQEf\/+gAAAAAAAAAAAAAAAAAAB\/wIAAAAAAAAAAAAAAAAAZgftB+0AUK+YASgCAAQGABCqu8wAASAAAABpAAAnEAAATiD+gAAAAAAAAAAFc\/\/+oAAQBBwBAAAAAAAAAQAAAABR0exRqzRQmrLjMYjKT+47"}
00630{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4,"source":"hsrp2_ipv6.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":2,"flow_src_last_pkt_time":1589369125824424,"flow_dst_last_pkt_time":1589369104269870,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":138,"pkt_type":34525,"pkt_l3_offset":18,"pkt_l4_offset":58,"pkt_len":138,"pkt_l4_len":80,"thread_ts_usec":1589369125824424,"pkt":"MzMAAABmqrvMAAIggQAAEIbdbgAAAABQEf\/+gAAAAAAAAAAAAAAAAAAC\/wIAAAAAAAAAAAAAAAAAZgftB+0AUAFOASgCAAQGABCqu8wAAiAAAABkAAAnEAAATiD+gAAAAAAAAAAFc\/\/+oAAQBBwBAAAAAAAAAgAAAAA6x1WuKROwiNJvQ30Zxepz"}
00538{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5,"source":"hsrp2_ipv6.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":3,"flow_src_last_pkt_time":1589369130453472,"flow_dst_last_pkt_time":1589369101819741,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":72,"pkt_type":34525,"pkt_l3_offset":18,"pkt_l4_offset":58,"pkt_len":72,"pkt_l4_len":14,"thread_ts_usec":1589369130453472,"pkt":"MzMAAABmqrvMAAEggQAAEIbdbgAAAAAOEf\/+gAAAAAAAAAAAAAAAAAAB\/wIAAAAAAAAAAAAAAAAAZgftB+0ADvAIAgQAAAAB"}
00538{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6,"source":"hsrp2_ipv6.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":3,"flow_src_last_pkt_time":1589369131526853,"flow_dst_last_pkt_time":1589369104269870,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":72,"pkt_type":34525,"pkt_l3_offset":18,"pkt_l4_offset":58,"pkt_len":72,"pkt_l4_len":14,"thread_ts_usec":1589369131526853,"pkt":"MzMAAABmqrvMAAIggQAAEIbdbgAAAAAOEf\/+gAAAAAAAAAAAAAAAAAAC\/wIAAAAAAAAAAAAAAAAAZgftB+0ADvAHAgQAAAAB"}
-01030{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":14,"source":"hsrp2_ipv6.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":1589369101819741,"flow_src_last_pkt_time":1589369147542943,"flow_dst_last_pkt_time":1589369101819741,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":6,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":378,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1589369147544936,"l3_proto":"ip6","src_ip":"fe80::1","dst_ip":"ff02::66","src_port":2029,"dst_port":2029,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}}},"confidence": {"6":"DPI"},"proto":"HSRP","proto_id":"282","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
-01030{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":18,"source":"hsrp2_ipv6.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1589369104269870,"flow_src_last_pkt_time":1589369163970340,"flow_dst_last_pkt_time":1589369104269870,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":6,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":306,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1589369166016322,"l3_proto":"ip6","src_ip":"fe80::2","dst_ip":"ff02::66","src_port":2029,"dst_port":2029,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}}},"confidence": {"6":"DPI"},"proto":"HSRP","proto_id":"282","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
-01031{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":28,"source":"hsrp2_ipv6.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":14,"flow_dst_packets_processed":0,"flow_first_seen":1589369101819741,"flow_src_last_pkt_time":1589369202638286,"flow_dst_last_pkt_time":1589369101819741,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":6,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":810,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1589369202638286,"l3_proto":"ip6","src_ip":"fe80::1","dst_ip":"ff02::66","src_port":2029,"dst_port":2029,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}}},"confidence": {"6":"DPI"},"proto":"HSRP","proto_id":"282","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
-01031{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":31,"source":"hsrp2_ipv6.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":15,"flow_dst_packets_processed":0,"flow_first_seen":1589369104269870,"flow_src_last_pkt_time":1589369219022262,"flow_dst_last_pkt_time":1589369104269870,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":6,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":750,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1589369219022262,"l3_proto":"ip6","src_ip":"fe80::2","dst_ip":"ff02::66","src_port":2029,"dst_port":2029,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}}},"confidence": {"6":"DPI"},"proto":"HSRP","proto_id":"282","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
-01029{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":36,"source":"hsrp2_ipv6.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":18,"flow_dst_packets_processed":0,"flow_first_seen":1589369104269870,"flow_src_last_pkt_time":1589369235852564,"flow_dst_last_pkt_time":1589369104269870,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":6,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":900,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1589369240383629,"l3_proto":"ip6","src_ip":"fe80::2","dst_ip":"ff02::66","src_port":2029,"dst_port":2029,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}}},"confidence": {"6":"DPI"},"proto":"HSRP","proto_id":"282","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
-01030{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":36,"source":"hsrp2_ipv6.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":18,"flow_dst_packets_processed":0,"flow_first_seen":1589369101819741,"flow_src_last_pkt_time":1589369240383629,"flow_dst_last_pkt_time":1589369101819741,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":6,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1098,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1589369240383629,"l3_proto":"ip6","src_ip":"fe80::1","dst_ip":"ff02::66","src_port":2029,"dst_port":2029,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}}},"confidence": {"6":"DPI"},"proto":"HSRP","proto_id":"282","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
+01073{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":14,"source":"hsrp2_ipv6.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":1589369101819741,"flow_src_last_pkt_time":1589369147542943,"flow_dst_last_pkt_time":1589369101819741,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":6,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":378,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1589369147544936,"l3_proto":"ip6","src_ip":"fe80::1","dst_ip":"ff02::66","src_port":2029,"dst_port":2029,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}}},"confidence": {"6":"DPI"},"proto":"HSRP","proto_id":"282","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
+01073{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":18,"source":"hsrp2_ipv6.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1589369104269870,"flow_src_last_pkt_time":1589369163970340,"flow_dst_last_pkt_time":1589369104269870,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":6,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":306,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1589369166016322,"l3_proto":"ip6","src_ip":"fe80::2","dst_ip":"ff02::66","src_port":2029,"dst_port":2029,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}}},"confidence": {"6":"DPI"},"proto":"HSRP","proto_id":"282","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
+01074{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":28,"source":"hsrp2_ipv6.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":14,"flow_dst_packets_processed":0,"flow_first_seen":1589369101819741,"flow_src_last_pkt_time":1589369202638286,"flow_dst_last_pkt_time":1589369101819741,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":6,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":810,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1589369202638286,"l3_proto":"ip6","src_ip":"fe80::1","dst_ip":"ff02::66","src_port":2029,"dst_port":2029,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}}},"confidence": {"6":"DPI"},"proto":"HSRP","proto_id":"282","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
+01074{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":31,"source":"hsrp2_ipv6.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":15,"flow_dst_packets_processed":0,"flow_first_seen":1589369104269870,"flow_src_last_pkt_time":1589369219022262,"flow_dst_last_pkt_time":1589369104269870,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":6,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":750,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1589369219022262,"l3_proto":"ip6","src_ip":"fe80::2","dst_ip":"ff02::66","src_port":2029,"dst_port":2029,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}}},"confidence": {"6":"DPI"},"proto":"HSRP","proto_id":"282","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
+01072{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":36,"source":"hsrp2_ipv6.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":18,"flow_dst_packets_processed":0,"flow_first_seen":1589369104269870,"flow_src_last_pkt_time":1589369235852564,"flow_dst_last_pkt_time":1589369104269870,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":6,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":900,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1589369240383629,"l3_proto":"ip6","src_ip":"fe80::2","dst_ip":"ff02::66","src_port":2029,"dst_port":2029,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}}},"confidence": {"6":"DPI"},"proto":"HSRP","proto_id":"282","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
+01073{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":36,"source":"hsrp2_ipv6.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":18,"flow_dst_packets_processed":0,"flow_first_seen":1589369101819741,"flow_src_last_pkt_time":1589369240383629,"flow_dst_last_pkt_time":1589369101819741,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":6,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1098,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1589369240383629,"l3_proto":"ip6","src_ip":"fe80::1","dst_ip":"ff02::66","src_port":2029,"dst_port":2029,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}}},"confidence": {"6":"DPI"},"proto":"HSRP","proto_id":"282","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
00564{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":36,"source":"hsrp2_ipv6.pcapng","alias":"nDPId-test","packets-captured":36,"packets-processed":36,"total-skipped-flows":0,"total-l4-payload-len":1998,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":2,"total-detection-updates":0,"total-updates":4,"current-active-flows":0,"total-active-flows":2,"total-idle-flows":2,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":19,"global_ts_usec":1589369240383629}
~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~
~~ packets captured/processed: 36/36
@@ -25,10 +25,10 @@
~~ total active/idle flows...: 2/2
~~ total timeout flows.......: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-~~ total memory allocated....: 6038525 bytes
-~~ total memory freed........: 6038525 bytes
-~~ total allocations/frees...: 121533/121533
+~~ total memory allocated....: 6414534 bytes
+~~ total memory freed........: 6414534 bytes
+~~ total allocations/frees...: 122481/122481
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ json string min len.......: 497 chars
-~~ json string max len.......: 1036 chars
-~~ json string avg len.......: 765 chars
+~~ json string max len.......: 1079 chars
+~~ json string avg len.......: 787 chars
Powered by cgit, Themed by Ted Yin.