aboutsummaryrefslogtreecommitdiff
path: root/test/results/http_connect.pcap.out
diff options
context:
space:
mode:
Diffstat (limited to 'test/results/http_connect.pcap.out')
-rw-r--r--test/results/http_connect.pcap.out8
1 files changed, 4 insertions, 4 deletions
diff --git a/test/results/http_connect.pcap.out b/test/results/http_connect.pcap.out
index 559652641..12f746df6 100644
--- a/test/results/http_connect.pcap.out
+++ b/test/results/http_connect.pcap.out
@@ -16,8 +16,8 @@
00529{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":10,"source":"http_connect.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":3,"flow_src_last_pkt_time":1631454722876748,"flow_dst_last_pkt_time":1631454722876712,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1631454722876748,"pkt":"ACWQX+cTAAwpTU5kCABFAAA0Fy5AAEAGx3LAqAGSl2UChIyAAbsTD57breozroAQAfZcSgAAAQEICgoEV40sPaiU"}
01079{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":14,"source":"http_connect.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1631454722867862,"flow_src_last_pkt_time":1631454722879577,"flow_dst_last_pkt_time":1631454722876712,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1631454722879577,"l3_proto":"ip4","src_ip":"192.168.1.146","dst_ip":"151.101.2.132","src_port":35968,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"apache.org","tls": {"version":"TLSv1.2","ja3":"c834494f5948ae026d160656c93c8871","ja3s":"","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","alpn":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2"}}}
01124{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":16,"source":"http_connect.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1631454722867862,"flow_src_last_pkt_time":1631454722879577,"flow_dst_last_pkt_time":1631454722895566,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1384,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1384,"midstream":0,"thread_ts_usec":1631454722895566,"l3_proto":"ip4","src_ip":"192.168.1.146","dst_ip":"151.101.2.132","src_port":35968,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"apache.org","tls": {"version":"TLSv1.3","ja3":"c834494f5948ae026d160656c93c8871","ja3s":"f4febc55ea12b31ae17cfb7e614afda8","unsafe_cipher":0,"cipher":"TLS_AES_128_GCM_SHA256","alpn":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2"}}}
-01324{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":53,"source":"http_connect.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":16,"flow_dst_packets_processed":16,"flow_first_seen":1631454722867862,"flow_src_last_pkt_time":1631454722915624,"flow_dst_last_pkt_time":1631454722915766,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1384,"flow_src_tot_l4_payload_len":1070,"flow_dst_tot_l4_payload_len":14818,"midstream":0,"thread_ts_usec":1631454722915766,"l3_proto":"ip4","src_ip":"192.168.1.146","dst_ip":"151.101.2.132","src_port":35968,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"data_analysis": {"iat": {"flow_min":14,"flow_avg":3004.0,"flow_max":16011,"flow_stddev":4812.4,"c_to_s_min":19,"c_to_s_avg":3014.0,"c_to_s_max":16011,"c_to_s_stddev":4868.5,"s_to_c_min":14,"s_to_c_avg":2994.0,"s_to_c_max":15010,"s_to_c_stddev":4755.5},"pktlen": {"c_to_s_min":66,"c_to_s_avg":133.4,"c_to_s_max":583,"c_to_s_stddev":165.4,"s_to_c_min":66,"s_to_c_avg":992.6,"s_to_c_max":1450,"s_to_c_stddev":625.7}},"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}}
-01370{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":79,"source":"http_connect.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":14,"flow_dst_packets_processed":18,"flow_first_seen":1631454722864133,"flow_src_last_pkt_time":1631454722971434,"flow_dst_last_pkt_time":1631454722971505,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":5536,"flow_src_tot_l4_payload_len":1512,"flow_dst_tot_l4_payload_len":22723,"midstream":0,"thread_ts_usec":1631454722971505,"l3_proto":"ip4","src_ip":"192.168.1.103","dst_ip":"192.168.1.146","src_port":1714,"dst_port":8080,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"data_analysis": {"iat": {"flow_min":4,"flow_avg":87679952.0,"flow_max":2805543669,"flow_stddev":488142752.0,"c_to_s_min":4,"c_to_s_avg":200403632.0,"c_to_s_max":2805543669,"c_to_s_stddev":722535872.0,"s_to_c_min":22,"s_to_c_avg":5965.1,"s_to_c_max":53379,"s_to_c_stddev":12391.3},"pktlen": {"c_to_s_min":60,"c_to_s_avg":165.0,"c_to_s_max":571,"c_to_s_stddev":145.2,"s_to_c_min":54,"s_to_c_avg":1317.1,"s_to_c_max":5590,"s_to_c_stddev":1980.8}},"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP_Connect","proto_id":"130","encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web"}}
+01324{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":53,"source":"http_connect.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":16,"flow_dst_packets_processed":16,"flow_first_seen":1631454722867862,"flow_src_last_pkt_time":1631454722915624,"flow_dst_last_pkt_time":1631454722915766,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1384,"flow_src_tot_l4_payload_len":1070,"flow_dst_tot_l4_payload_len":14818,"midstream":0,"thread_ts_usec":1631454722915766,"l3_proto":"ip4","src_ip":"192.168.1.146","dst_ip":"151.101.2.132","src_port":35968,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"data_analysis": {"iat": {"flow_min":14,"flow_avg":3086.0,"flow_max":16011,"flow_stddev":4867.3,"c_to_s_min":19,"c_to_s_avg":3184.1,"c_to_s_max":16011,"c_to_s_stddev":4981.9,"s_to_c_min":14,"s_to_c_avg":2994.0,"s_to_c_max":15010,"s_to_c_stddev":4755.5},"pktlen": {"c_to_s_min":66,"c_to_s_avg":133.4,"c_to_s_max":583,"c_to_s_stddev":165.4,"s_to_c_min":66,"s_to_c_avg":992.6,"s_to_c_max":1450,"s_to_c_stddev":625.7}},"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}}
+01343{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":79,"source":"http_connect.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":14,"flow_dst_packets_processed":18,"flow_first_seen":1631454722864133,"flow_src_last_pkt_time":1631454722971434,"flow_dst_last_pkt_time":1631454722971505,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":5536,"flow_src_tot_l4_payload_len":1512,"flow_dst_tot_l4_payload_len":22723,"midstream":0,"thread_ts_usec":1631454722971505,"l3_proto":"ip4","src_ip":"192.168.1.103","dst_ip":"192.168.1.146","src_port":1714,"dst_port":8080,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"data_analysis": {"iat": {"flow_min":4,"flow_avg":6924.9,"flow_max":53379,"flow_stddev":12836.3,"c_to_s_min":4,"c_to_s_avg":8253.9,"c_to_s_max":50186,"c_to_s_stddev":13314.4,"s_to_c_min":22,"s_to_c_avg":5965.1,"s_to_c_max":53379,"s_to_c_stddev":12391.3},"pktlen": {"c_to_s_min":60,"c_to_s_avg":165.0,"c_to_s_max":571,"c_to_s_stddev":145.2,"s_to_c_min":54,"s_to_c_avg":1317.1,"s_to_c_max":5590,"s_to_c_stddev":1980.8}},"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP_Connect","proto_id":"130","encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web"}}
00904{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":100,"source":"http_connect.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1631454722867400,"flow_src_last_pkt_time":1631454722867400,"flow_dst_last_pkt_time":1631454722867500,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":39,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":55,"flow_src_tot_l4_payload_len":39,"flow_dst_tot_l4_payload_len":55,"midstream":0,"thread_ts_usec":1631454722977251,"l3_proto":"ip4","src_ip":"192.168.1.146","dst_ip":"192.168.1.2","src_port":47767,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"DNS","proto_id":"5","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
00907{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":100,"source":"http_connect.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":28,"flow_dst_packets_processed":30,"flow_first_seen":1631454722867862,"flow_src_last_pkt_time":1631454722977215,"flow_dst_last_pkt_time":1631454722977251,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1384,"flow_src_tot_l4_payload_len":1701,"flow_dst_tot_l4_payload_len":30951,"midstream":0,"thread_ts_usec":1631454722977251,"l3_proto":"ip4","src_ip":"192.168.1.146","dst_ip":"151.101.2.132","src_port":35968,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}}
00923{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":100,"source":"http_connect.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":18,"flow_dst_packets_processed":22,"flow_first_seen":1631454722864133,"flow_src_last_pkt_time":1631454722976969,"flow_dst_last_pkt_time":1631454722977036,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":5536,"flow_src_tot_l4_payload_len":1904,"flow_dst_tot_l4_payload_len":22723,"midstream":0,"thread_ts_usec":1631454722977251,"l3_proto":"ip4","src_ip":"192.168.1.103","dst_ip":"192.168.1.146","src_port":1714,"dst_port":8080,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP_Connect","proto_id":"130","encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web"}}
@@ -35,5 +35,5 @@
~~ total allocations/frees...: 121564/121564
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ json string min len.......: 483 chars
-~~ json string max len.......: 1375 chars
-~~ json string avg len.......: 926 chars
+~~ json string max len.......: 1348 chars
+~~ json string avg len.......: 912 chars
Powered by cgit, Themed by Ted Yin.