summaryrefslogtreecommitdiff
path: root/test/results/soap.pcap.out
diff options
context:
space:
mode:
Diffstat (limited to 'test/results/soap.pcap.out')
-rw-r--r--test/results/soap.pcap.out22
1 files changed, 11 insertions, 11 deletions
diff --git a/test/results/soap.pcap.out b/test/results/soap.pcap.out
index edd4524a0..4f6f657f1 100644
--- a/test/results/soap.pcap.out
+++ b/test/results/soap.pcap.out
@@ -1,22 +1,22 @@
00455{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"soap.pcap","alias":"nDPId-test","max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"tick-resolution":1000,"reader-thread-count":1,"flow-scan-interval":10000,"generic-max-idle-time":600000,"icmp-max-idle-time":120000,"udp-max-idle-time":180000,"tcp-max-idle-time":7560000,"max-packets-per-flow-to-send":3,"max-packets-per-flow-to-process":32,"global_ts_msec":0}
00543{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"soap.pcap","alias":"nDPId-test","packets-captured":1,"packets-processed":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2,"global_ts_msec":946731321416}
-00568{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"soap.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":946731321416,"flow_last_seen":946731321416,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":0,"thread_ts_msec":946731321416,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"23.2.213.165","src_port":50100,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
+00575{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"soap.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946731321416,"flow_last_seen":946731321416,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":946731321416,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"23.2.213.165","src_port":50100,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
00459{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"soap.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_last_seen":946731321416,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_msec":946731321416,"pkt":"eJS0JASgYDjgxTWgCABFAAA0Js1AAH8GJUPAqAJkFwLVpcO0AFABqrpoAAAAAIAC+vBEVAAAAgQFtAEDAwgBAQQC"}
00459{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"soap.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_last_seen":946731321441,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_msec":946731321441,"pkt":"YDjgxTWgeJS0JASgCABFAAA0AABAADwGjxAXAtWlwKgCZABQw7Tpz83XAaq6aYAS+vCMpAAAAgQFrAEBBAIBAwMH"}
02386{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"soap.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":3,"flow_last_seen":946731323902,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":1506,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1506,"pkt_l4_len":1472,"thread_ts_msec":946731323902,"pkt":"eJS0JASgYDjgxTWgCABFAAXUJtJAAH8GH57AqAJkFwLVpcO0AFABqsQz6c\/N2FAYAQQJEwAAOAAwADAAMAAtADAAMAA4ADAANQBmADkAYgAzADQAZgBiAH0AXwBWAEkARAAmAGEAbQBwADsAMAAwADAAMQAwADAANQA3AF8AUABJAEQAJgBhAG0AcAA7ADAAMAAyADMAPAAvAGgAdwBpAGQAPgA8AGgAdwBpAGQAPgBEAE8ASQBEADoAQgBUAEgARQBOAFUATQBcAHsAMAAwADAAMAAxADgAMAAxAC0AMAAwADAAMAAtADEAMAAwADAALQA4ADAAMAAwAC0AMAAwADgAMAA1AGYAOQBiADMANABmAGIAfQBfAFYASQBEACYAYQBtAHAAOwAwADAAMAAxADAAMAA1ADcAXwBQAEkARAAmAGEAbQBwADsAMAAwADIAMwA8AC8AaAB3AGkAZAA+ADwAaAB3AGkAZAA+AEQATwBJAEQAOgBCAFQASABFAE4AVQBNAFwAewAwADAAMAAwADEAMQAwAGIALQAwADAAMAAwAC0AMQAwADAAMAAtADgAMAAwADAALQAwADAAOAAwADUAZgA5AGIAMwA0AGYAYgB9AF8ATABPAEMAQQBMAE0ARgBHACYAYQBtAHAAOwAwADAAMAAyADwALwBoAHcAaQBkAD4APABoAHcAaQBkAD4ARABPAEkARAA6AEIAVABIAEUATgBVAE0AXAB7ADAAMAAwADAAMQAxADAAMQAtADAAMAAwADAALQAxADAAMAAwAC0AOAAwADAAMAAtADAAMAA4ADAANQBmADkAYgAzADQAZgBiAH0AXwBMAE8AQwBBAEwATQBGAEcAJgBhAG0AcAA7ADAAMAAwADIAPAAvAGgAdwBpAGQAPgA8AGgAdwBpAGQAPgBEAE8ASQBEADoAQgBUAEgARQBOAFUATQBcAHsAMAAwADAAMAAxADEAMABjAC0AMAAwADAAMAAtADEAMAAwADAALQA4ADAAMAAwAC0AMAAwADgAMAA1AGYAOQBiADMANABmAGIAfQBfAEwATwBDAEEATABNAEYARwAmAGEAbQBwADsAMAAwADAAMgA8AC8AaAB3AGkAZAA+ADwAaAB3AGkAZAA+AEQATwBJAEQAOgBCAFQASABFAE4AVQBNAFwAewAwADAAMAAwADEAMQAwAGUALQAwADAAMAAwAC0AMQAwADAAMAAtADgAMAAwADAALQAwADAAOAAwADUAZgA5AGIAMwA0AGYAYgB9AF8ATABPAEMAQQBMAE0ARgBHACYAYQBtAHAAOwAwADAAMAAyADwALwBoAHcAaQBkAD4APABoAHcAaQBkAD4ARABPAEkARAA6AEIAVABIAEUATgBVAE0AXAB7ADAAMAAwADAAMQAxADEAZQAtADAAMAAwADAALQAxADAAMAAwAC0AOAAwADAAMAAtADAAMAA4ADAANQBmADkAYgAzADQAZgBiAH0AXwBMAE8AQwBBAEwATQBGAEcAJgBhAG0AcAA7ADAAMAAwADIAPAAvAGgAdwBpAGQAPgA8AGgAdwBpAGQAPgBEAE8ASQBEADoAQgBUAEgARQBOAFUATQBcAHsAMAAwADAAMAAxADgAMAAxAC0AMAAwADAAMAAtADEAMAAwADAALQA4ADAAMAAwAC0AMAAwADgAMAA1AGYAOQBiADMANABmAGIAfQBfAEwATwBDAEEATABNAEYARwAmAGEAbQBwADsAMAAwADAAMgA8AC8AaAB3AGkAZAA+ADwALwBoAHcAaQBkAHMAPgA8AC8AZwBkAG0AZABoAHcAaQBkAD4APAAvAEgAVwBJAEQAUgBlAHEAdQBlAHMAdABzAD4APAAvAEQAZQB2AGkAYwBlAE0AZQB0AGEAZABhAHQAYQBCAGEAdABjAGgAUgBlAHEAdQBlAHMAdAA+ADwALwBzADoAQgBvAGQAeQA+ADwALwBzADoARQBuAHYAZQBsAG8AcABlAD4A"}
-00631{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":5,"source":"soap.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_packets_processed":5,"flow_first_seen":946731321416,"flow_last_seen":946731326059,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1452,"flow_tot_l4_payload_len":2904,"flow_avg_l4_payload_len":580,"midstream":0,"thread_ts_msec":946731326059,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"23.2.213.165","src_port":50100,"dst_port":80,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"SOAP","breed":"Acceptable","category":"RPC"}}
-00582{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":6,"source":"soap.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":946731326059,"flow_last_seen":946731326059,"flow_idle_time":7580000,"flow_min_l4_payload_len":1452,"flow_max_l4_payload_len":1452,"flow_tot_l4_payload_len":1452,"flow_avg_l4_payload_len":1452,"midstream":1,"thread_ts_msec":946731326059,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"23.2.213.165","src_port":50100,"dst_port":4176,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
+00636{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":5,"source":"soap.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":2,"flow_first_seen":946731321416,"flow_last_seen":946731326059,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1452,"flow_tot_l4_payload_len":2904,"midstream":0,"thread_ts_msec":946731326059,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"23.2.213.165","src_port":50100,"dst_port":80,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"SOAP","breed":"Acceptable","category":"RPC"}}
+00586{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":6,"source":"soap.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946731326059,"flow_last_seen":946731326059,"flow_idle_time":7580000,"flow_min_l4_payload_len":1452,"flow_max_l4_payload_len":1452,"flow_tot_l4_payload_len":1452,"midstream":1,"thread_ts_msec":946731326059,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"23.2.213.165","src_port":50100,"dst_port":4176,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
02389{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6,"source":"soap.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_last_seen":946731326059,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":1506,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1506,"pkt_l4_len":1472,"thread_ts_msec":946731326059,"pkt":"eJS0JASgYDjgxTWgCABFAAXUJtNAAH8GH53AqAJkFwLVpcO0EFABqrpp6c\/N2FAQAQTI+AAAUE9TVCAvZndsaW5rLz9MaW5rSUQ9MjUyNjY5JmNsY2lkPTB4NDA5IEhUVFAvMS4xDQpDb25uZWN0aW9uOiBLZWVwLUFsaXZlDQpDb250ZW50LVR5cGU6IHRleHQveG1sOyBjaGFyc2V0PSJVVEYtMTZMRSINClVzZXItQWdlbnQ6IE1JQ1JPU09GVF9ERVZJQ0VfTUVUQURBVEFfUkVUUklFVkFMX0NMSUVOVA0KU09BUEFjdGlvbjogImh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vd2luZG93c21ldGFkYXRhL3NlcnZpY2VzLzIwMDcvMDkvMTgvZG1zL0RldmljZU1ldGFkYXRhU2VydmljZS9HZXREZXZpY2VNZXRhZGF0YSINCkNvbnRlbnQtTGVuZ3RoOiAzNjEyDQpIb3N0OiBnby5taWNyb3NvZnQuY29tDQoNCv\/+PAA\/AHgAbQBsACAAdgBlAHIAcwBpAG8AbgA9ACIAMQAuADAAIgAgAGUAbgBjAG8AZABpAG4AZwA9ACIAVQBUAEYALQAxADYAIgA\/AD4APABzADoARQBuAHYAZQBsAG8AcABlACAAeABtAGwAbgBzADoAcwA9ACIAaAB0AHQAcAA6AC8ALwBzAGMAaABlAG0AYQBzAC4AeABtAGwAcwBvAGEAcAAuAG8AcgBnAC8AcwBvAGEAcAAvAGUAbgB2AGUAbABvAHAAZQAvACIAPgA8AHMAOgBIAGUAYQBkAGUAcgA+ADwAaAA6AGMAZAAgAHgAbQBsAG4AcwA6AGgAPQAiAGgAdAB0AHAAOgAvAC8AcwBjAGgAZQBtAGEAcwAuAG0AaQBjAHIAbwBzAG8AZgB0AC4AYwBvAG0ALwB3AGkAbgBkAG8AdwBzAG0AZQB0AGEAZABhAHQAYQAvAHMAZQByAHYAaQBjAGUAcwAvADIAMAAwADcALwAwADkALwAxADgALwBkAG0AcwAiAD4APABoADoAYwB2AD4AMQAwAC4AMAAuADEAOQAwADQAMwA8AC8AaAA6AGMAdgA+ADwAaAA6AGMAYwA+AEQARQBVADwALwBoADoAYwBjAD4APAAvAGgAOgBjAGQAPgA8AC8AcwA6AEgAZQBhAGQAZQByAD4APABzADoAQgBvAGQAeQA+ADwARABlAHYAaQBjAGUATQBlAHQAYQBkAGEAdABhAEIAYQB0AGMAaABSAGUAcQB1AGUAcwB0ACAAeABtAGwAbgBzAD0AIgBoAHQAdABwADoALwAvAHMAYwBoAGUAbQBhAHMALgBtAGkAYwByAG8AcwBvAGYAdAAuAGMAbwBtAC8AdwBpAG4AZABvAHcAcwBtAGUAdABhAGQAYQB0AGEALwBzAGUAcgB2AGkAYwBlAHMALwAyADAAMAA3AC8AMAA5AC8AMQA4AC8AZABtAHMAIgA+ADwATABvAGMATABpAHMAdAA+ADwAbABvAGMAPgBNAHUAbAB0AGkATABvAGMAPAAvAGwAbwBjAD4APABsAG8AYwA+AGQAZQAtAEQARQA8AC8AbABvAGMAPgA8AGwAbwBjAD4AZABlADwALwBsAG8AYwA+ADwALwBMAG8AYwBMAGkAcwB0AD4APABNAEkARABSAGUAcQB1AGUAcwB0AHMAPgA8AGcAZABtAGQAbQBpAGQAPgA8AHIAaQBkAD4ANwA8AC8AcgBpAGQAPgA8AG0AaQBkAD4AQQBGAEYANABCAEQAMgAxAC0ARgBGADIANgAtADUAMQBGADYALQA4ADMANgA1AC0AMQA3ADgAOAA1AEYAMwA4ADYAQwA3AEQAPAAvAG0AaQBkAD4APAAvAGcAZABtAGQAbQBpAGQAPgA8AC8ATQBJAEQAUgBlAHEAdQBlAHMAdABzAD4APABIAFcASQBEAFIAZQBxAHUAZQBzAHQA"}
-00643{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":6,"source":"soap.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":946731326059,"flow_last_seen":946731326059,"flow_idle_time":7580000,"flow_min_l4_payload_len":1452,"flow_max_l4_payload_len":1452,"flow_tot_l4_payload_len":1452,"flow_avg_l4_payload_len":1452,"midstream":1,"thread_ts_msec":946731326059,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"23.2.213.165","src_port":50100,"dst_port":4176,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"SOAP.Microsoft","breed":"Safe","category":"Cloud"}}
+00647{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":6,"source":"soap.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946731326059,"flow_last_seen":946731326059,"flow_idle_time":7580000,"flow_min_l4_payload_len":1452,"flow_max_l4_payload_len":1452,"flow_tot_l4_payload_len":1452,"midstream":1,"thread_ts_msec":946731326059,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"23.2.213.165","src_port":50100,"dst_port":4176,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"SOAP.Microsoft","breed":"Safe","category":"Cloud"}}
00551{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":16,"source":"soap.pcap","alias":"nDPId-test","packets-captured":16,"packets-processed":15,"total-skipped-flows":0,"total-l4-payload-len":6104,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":2,"total-detection-updates":0,"total-updates":0,"current-active-flows":2,"total-active-flows":2,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":11,"global_ts_msec":1639054092487}
-00574{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":16,"source":"soap.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":1639054092487,"flow_last_seen":1639054092487,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":0,"thread_ts_msec":1639054092487,"l3_proto":"ip4","src_ip":"185.32.192.30","dst_ip":"85.154.114.113","src_port":80,"dst_port":56028,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
+00581{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":16,"source":"soap.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1639054092487,"flow_last_seen":1639054092487,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1639054092487,"l3_proto":"ip4","src_ip":"185.32.192.30","dst_ip":"85.154.114.113","src_port":80,"dst_port":56028,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
00470{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":16,"source":"soap.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":1,"flow_last_seen":1639054092487,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":18,"pkt_l4_offset":38,"pkt_len":70,"pkt_l4_len":32,"thread_ts_msec":1639054092487,"pkt":"AAAAAAAAAAgAAAAIgQADKAgARQAANKG0QADxBqbEuSDAHlWacnEAUNrcPMefU5W6cMWAEjhAOLcAAAIEBbQBAwMABAIAAA=="}
02098{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":17,"source":"soap.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":2,"flow_last_seen":1639054092538,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":1285,"pkt_type":2048,"pkt_l3_offset":18,"pkt_l4_offset":38,"pkt_len":1285,"pkt_l4_len":1247,"thread_ts_msec":1639054092538,"pkt":"AAAAAAAAAAgAAAAIgQADKAgARQAE88IlQAB\/BvOUVZpycbkgwB7a3ABQlbpwxTzHn1RQGAIF1wgAADw\/eG1sIHZlcnNpb249IjEuMCIgZW5jb2Rpbmc9IlVURi04Ij8+DQo8Wk1lc3NhZ2UgdGFyZ2V0PSJaQkJQLjEuUmVzb2x2ZUtJRCIgbWlub3I9IjM1IiBwYXJhbWhlYWRlcmxlbmd0aD0iMTE0IiBzaWduYXR1cmU9IkxXa1YzenFpNWFtVUUxUlVvTmtRT3cwdVhZNHczc0dXQncyMkdxYnRqZkFyS0VjanVjS2Z6ZUcydkNybjluZUIzNXlzc2xFZytJcUlDZkRHdk9qRkxJcDlBcHB2ZXJZNTBNS09WZHM4L1BGU2dwRG5oNE91UTg3Q3pKRXZUUkJZMldGakpOaS85NmY1ZktmSklqczQ5bElzcFpyZVRGWVNxYWZ4VDRPNCszbnd2MFpQYUtJNzI4akE3RWNUTUxwelZtc0RJaTBJU2srR21nOW85d3V0UXg2NEprdjdGdlFkQU1nYlVnWDhVaU1MTnRHQWVqSHBLTG1rdWo3TSsxSTNib0IraVg3MTAxaytIZGpaVmQrSjhaS0VNSkJnYTBJNjRLdmZPK2tNb1UzRVNSSm5wbWdVVmZVblVZckl4dDFHZFFMckhsa2hhZVZicUdaMzB2V2E4Zz09IiBzaWduZXI9InlNMmYzbGMzSjZSbTR3ODlmRGhlYm5RMXNxY3NBV2N0eFJiM3BDSFloTktUTnZiazlNM1pLRk9xYjIveE5hN3NaR1I4bm10c0U4T2lnaStLR2xrbndSNWx0SW9CODc1Tk8rRitWTCszYVdySlN2Zm5MQ2dCSlRMV1BwKyt1SUlqZUlCanYrTXB1S0xRM2NTMDMwQlRnUEk1dWlrS0l6Q1A0eEZucUFVampoWE9RVTR3WDMrRG1PczdEbm5QczhhZTk2UkNzWmVmZ0xpMzAyL281ZDVMRDJ1SnBEMUlmSnQ1Y1U1Y3V5UW5jYTRhd2M4bGhTcmFQbDlNNEpja29sQWt5cVlCNzg0UitKVVhYTExpKytjbHEzR1l4U2NJNjRyZHRKZWNWVENZRVcvUTJGU2VXV1c2UE9RdlBRNGZ3aFVPZEM0L05MSVJKdU9lTVAyVG9Ed3NNUT09IiBrZXk9ImduR1dLWGJFVzQwbHZHV1FxbkVKZWdtcXJCSXdBRVZtUmQwRzlJaDMzVCsycnBtRTY5WUQybHhNNHpzNy9weDVFOFRaSjdvYnV5ZVNpNTIvazZMeGp2ZWtkNTdVeTR5QSttaEZ5c1o5UGFXdHVobzRac2oyQ0NaenBjcXhRSW5pL1E4UDY4QkJSeWhKd0hVZHNmMjUxS3RLdmwzdWZFN0VpK254Rnk2bUlVZUptckpjT3U5L1dsNndUTkwxRUVrQmJzL0NIT2pQSlFpUi84UlFOdVN4aDRWYVRnNlFKM0VhVUFhYzFkV2REQmx5dmpUYzZHTnczbFUrdUtDQitpR05xeFNwSlIxMHlQS3VRR1h4S1N3ZTVOVGNuQnFmQncwZC9FMVZ6dWdmVEtqUXFDbmt4TjVEUnlWWEJwTkFyVnNjek4xMlZwdkJpdENUa25ObEhWOHMzdz09IiBpbml0dmVjdG9yPSJkWWhYYVRRWmVUaGZsTUc2VGJCdzN3PT0iPg0KPC9aTWVzc2FnZT4NCg=="}
00611{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":18,"source":"soap.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":3,"flow_last_seen":1639054092687,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":172,"pkt_type":2048,"pkt_l3_offset":18,"pkt_l4_offset":38,"pkt_len":172,"pkt_l4_len":134,"thread_ts_msec":1639054092687,"pkt":"AAAAAAAAAAgAAAAIgQADKAgARQAAmsImQAB\/BvfsVZpycbkgwB7a3ABQlbp1kDzHn1RQGAIFKTIAABWnhAex4GkI+Emzf4RIldOZwd02PnXrmBnBHRrx+ET677ALMou1pxMGL4bsefKLEZJCsMhBQeRMREPGyDS\/Ls5rva5OrXg9O7PulAGNv3b+vbLJAQh1CgtCNjRdd437DmknBotv3IGznWL+EIv99mMNCg=="}
-00637{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":20,"source":"soap.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_packets_processed":5,"flow_first_seen":1639054092487,"flow_last_seen":1639054092826,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1227,"flow_tot_l4_payload_len":3642,"flow_avg_l4_payload_len":728,"midstream":0,"thread_ts_msec":1639054092826,"l3_proto":"ip4","src_ip":"185.32.192.30","dst_ip":"85.154.114.113","src_port":80,"dst_port":56028,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"SOAP","breed":"Acceptable","category":"RPC"}}
-00676{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":20,"source":"soap.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_packets_processed":5,"flow_first_seen":1639054092487,"flow_last_seen":1639054092826,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1227,"flow_tot_l4_payload_len":3642,"flow_avg_l4_payload_len":728,"midstream":0,"thread_ts_msec":1639054092826,"l3_proto":"ip4","src_ip":"185.32.192.30","dst_ip":"85.154.114.113","src_port":80,"dst_port":56028,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SOAP","breed":"Acceptable","category":"RPC"}}
-00684{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":20,"source":"soap.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_packets_processed":1,"flow_first_seen":946731326059,"flow_last_seen":946731326059,"flow_idle_time":7580000,"flow_min_l4_payload_len":1452,"flow_max_l4_payload_len":1452,"flow_tot_l4_payload_len":1452,"flow_avg_l4_payload_len":1452,"midstream":1,"thread_ts_msec":1639054092826,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"23.2.213.165","src_port":50100,"dst_port":4176,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SOAP.Microsoft","breed":"Safe","category":"Cloud"}}
-00672{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":20,"source":"soap.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_packets_processed":14,"flow_first_seen":946731321416,"flow_last_seen":946731326431,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1452,"flow_tot_l4_payload_len":4652,"flow_avg_l4_payload_len":332,"midstream":0,"thread_ts_msec":1639054092826,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"23.2.213.165","src_port":50100,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SOAP","breed":"Acceptable","category":"RPC"}}
+00642{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":20,"source":"soap.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":2,"flow_first_seen":1639054092487,"flow_last_seen":1639054092826,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1227,"flow_tot_l4_payload_len":3642,"midstream":0,"thread_ts_msec":1639054092826,"l3_proto":"ip4","src_ip":"185.32.192.30","dst_ip":"85.154.114.113","src_port":80,"dst_port":56028,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"SOAP","breed":"Acceptable","category":"RPC"}}
+00681{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":20,"source":"soap.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":2,"flow_first_seen":1639054092487,"flow_last_seen":1639054092826,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1227,"flow_tot_l4_payload_len":3642,"midstream":0,"thread_ts_msec":1639054092826,"l3_proto":"ip4","src_ip":"185.32.192.30","dst_ip":"85.154.114.113","src_port":80,"dst_port":56028,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SOAP","breed":"Acceptable","category":"RPC"}}
+00688{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":20,"source":"soap.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946731326059,"flow_last_seen":946731326059,"flow_idle_time":7580000,"flow_min_l4_payload_len":1452,"flow_max_l4_payload_len":1452,"flow_tot_l4_payload_len":1452,"midstream":1,"thread_ts_msec":1639054092826,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"23.2.213.165","src_port":50100,"dst_port":4176,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SOAP.Microsoft","breed":"Safe","category":"Cloud"}}
+00676{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":20,"source":"soap.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":946731321416,"flow_last_seen":946731326431,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1452,"flow_tot_l4_payload_len":4652,"midstream":0,"thread_ts_msec":1639054092826,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"23.2.213.165","src_port":50100,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SOAP","breed":"Acceptable","category":"RPC"}}
00553{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":20,"source":"soap.pcap","alias":"nDPId-test","packets-captured":20,"packets-processed":20,"total-skipped-flows":0,"total-l4-payload-len":9746,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":3,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":3,"total-idle-flows":3,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":20,"global_ts_msec":1639054092826}
~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~
~~ packets captured/processed: 20/20
@@ -26,8 +26,8 @@
~~ total active/idle flows...: 3/3
~~ total timeout flows.......: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-~~ total memory allocated....: 6009976 bytes
-~~ total memory freed........: 6009976 bytes
+~~ total memory allocated....: 6010000 bytes
+~~ total memory freed........: 6010000 bytes
~~ total allocations/frees...: 120909/120909
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ json string min len.......: 460 chars
Powered by cgit, Themed by Ted Yin.