summaryrefslogtreecommitdiff
path: root/test/results/tftp.pcap.out
diff options
context:
space:
mode:
Diffstat (limited to 'test/results/tftp.pcap.out')
-rw-r--r--test/results/tftp.pcap.out46
1 files changed, 23 insertions, 23 deletions
diff --git a/test/results/tftp.pcap.out b/test/results/tftp.pcap.out
index d1d136708..c3cc1f676 100644
--- a/test/results/tftp.pcap.out
+++ b/test/results/tftp.pcap.out
@@ -1,39 +1,39 @@
00455{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"tftp.pcap","alias":"nDPId-test","max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"tick-resolution":1000,"reader-thread-count":1,"flow-scan-interval":10000,"generic-max-idle-time":600000,"icmp-max-idle-time":120000,"udp-max-idle-time":180000,"tcp-max-idle-time":7560000,"max-packets-per-flow-to-send":3,"max-packets-per-flow-to-process":32,"global_ts_msec":0}
00543{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"tftp.pcap","alias":"nDPId-test","packets-captured":1,"packets-processed":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2,"global_ts_msec":946730124846}
-00569{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"tftp.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":946730124846,"flow_last_seen":946730124846,"flow_idle_time":200000,"flow_min_l4_payload_len":19,"flow_max_l4_payload_len":19,"flow_tot_l4_payload_len":19,"flow_avg_l4_payload_len":19,"midstream":0,"thread_ts_msec":946730124846,"l3_proto":"ip4","src_ip":"172.28.4.53","dst_ip":"172.16.5.170","src_port":54626,"dst_port":69,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
+00575{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"tftp.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946730124846,"flow_last_seen":946730124846,"flow_idle_time":200000,"flow_min_l4_payload_len":19,"flow_max_l4_payload_len":19,"flow_tot_l4_payload_len":19,"midstream":0,"thread_ts_msec":946730124846,"l3_proto":"ip4","src_ip":"172.28.4.53","dst_ip":"172.16.5.170","src_port":54626,"dst_port":69,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
00454{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"tftp.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_last_seen":946730124846,"flow_idle_time":200000,"pkt_oversize":false,"pkt_caplen":61,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":61,"pkt_l4_len":27,"thread_ts_msec":946730124846,"pkt":"9Opn97JCCAAnntJbCABFAAAv+hlAAEAR3pisHAQ1rBAFqtViAEUAGx52AAEAAAAAAAAAAAAAAG9jdGV0AA=="}
-00753{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":1,"source":"tftp.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":946730124846,"flow_last_seen":946730124846,"flow_idle_time":200000,"flow_min_l4_payload_len":19,"flow_max_l4_payload_len":19,"flow_tot_l4_payload_len":19,"flow_avg_l4_payload_len":19,"midstream":0,"thread_ts_msec":946730124846,"l3_proto":"ip4","src_ip":"172.28.4.53","dst_ip":"172.16.5.170","src_port":54626,"dst_port":69,"l4_proto":"udp","ndpi": {"flow_risk": {"17": {"risk":"Malformed Packet","severity":"Low","risk_score": {"total":260,"client":130,"server":130}}},"confidence": {"6":"DPI"},"proto":"TFTP","breed":"Acceptable","category":"DataTransfer"}}
-00565{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2,"source":"tftp.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":946730124846,"flow_last_seen":946730124846,"flow_idle_time":200000,"flow_min_l4_payload_len":9,"flow_max_l4_payload_len":9,"flow_tot_l4_payload_len":9,"flow_avg_l4_payload_len":9,"midstream":0,"thread_ts_msec":946730124846,"l3_proto":"ip4","src_ip":"172.28.4.53","dst_ip":"172.16.5.170","src_port":54632,"dst_port":69,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
+00759{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":1,"source":"tftp.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946730124846,"flow_last_seen":946730124846,"flow_idle_time":200000,"flow_min_l4_payload_len":19,"flow_max_l4_payload_len":19,"flow_tot_l4_payload_len":19,"midstream":0,"thread_ts_msec":946730124846,"l3_proto":"ip4","src_ip":"172.28.4.53","dst_ip":"172.16.5.170","src_port":54626,"dst_port":69,"l4_proto":"udp","ndpi": {"flow_risk": {"17": {"risk":"Malformed Packet","severity":"Low","risk_score": {"total":260,"client":130,"server":130}}},"confidence": {"6":"DPI"},"proto":"TFTP","breed":"Acceptable","category":"DataTransfer"}}
+00572{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2,"source":"tftp.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946730124846,"flow_last_seen":946730124846,"flow_idle_time":200000,"flow_min_l4_payload_len":9,"flow_max_l4_payload_len":9,"flow_tot_l4_payload_len":9,"midstream":0,"thread_ts_msec":946730124846,"l3_proto":"ip4","src_ip":"172.28.4.53","dst_ip":"172.16.5.170","src_port":54632,"dst_port":69,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
00438{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"tftp.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_last_seen":946730124846,"flow_idle_time":200000,"pkt_oversize":false,"pkt_caplen":51,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":51,"pkt_l4_len":17,"thread_ts_msec":946730124846,"pkt":"9Opn97JCCAAnntJbCABFAAAl+hlAAEAR3pisHAQ1rBAFqtVoAEUAER52AAEAb2N0ZXQA"}
-00749{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":2,"source":"tftp.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":946730124846,"flow_last_seen":946730124846,"flow_idle_time":200000,"flow_min_l4_payload_len":9,"flow_max_l4_payload_len":9,"flow_tot_l4_payload_len":9,"flow_avg_l4_payload_len":9,"midstream":0,"thread_ts_msec":946730124846,"l3_proto":"ip4","src_ip":"172.28.4.53","dst_ip":"172.16.5.170","src_port":54632,"dst_port":69,"l4_proto":"udp","ndpi": {"flow_risk": {"17": {"risk":"Malformed Packet","severity":"Low","risk_score": {"total":260,"client":130,"server":130}}},"confidence": {"6":"DPI"},"proto":"TFTP","breed":"Acceptable","category":"DataTransfer"}}
-00571{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3,"source":"tftp.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":946730124846,"flow_last_seen":946730124846,"flow_idle_time":200000,"flow_min_l4_payload_len":20,"flow_max_l4_payload_len":20,"flow_tot_l4_payload_len":20,"flow_avg_l4_payload_len":20,"midstream":0,"thread_ts_msec":946730124846,"l3_proto":"ip4","src_ip":"192.168.0.253","dst_ip":"192.168.0.10","src_port":50618,"dst_port":69,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
+00756{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":2,"source":"tftp.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946730124846,"flow_last_seen":946730124846,"flow_idle_time":200000,"flow_min_l4_payload_len":9,"flow_max_l4_payload_len":9,"flow_tot_l4_payload_len":9,"midstream":0,"thread_ts_msec":946730124846,"l3_proto":"ip4","src_ip":"172.28.4.53","dst_ip":"172.16.5.170","src_port":54632,"dst_port":69,"l4_proto":"udp","ndpi": {"flow_risk": {"17": {"risk":"Malformed Packet","severity":"Low","risk_score": {"total":260,"client":130,"server":130}}},"confidence": {"6":"DPI"},"proto":"TFTP","breed":"Acceptable","category":"DataTransfer"}}
+00577{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3,"source":"tftp.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946730124846,"flow_last_seen":946730124846,"flow_idle_time":200000,"flow_min_l4_payload_len":20,"flow_max_l4_payload_len":20,"flow_tot_l4_payload_len":20,"midstream":0,"thread_ts_msec":946730124846,"l3_proto":"ip4","src_ip":"192.168.0.253","dst_ip":"192.168.0.10","src_port":50618,"dst_port":69,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
00454{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"tftp.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":1,"flow_last_seen":946730124846,"flow_idle_time":200000,"pkt_oversize":false,"pkt_caplen":62,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":62,"pkt_l4_len":28,"thread_ts_msec":946730124846,"pkt":"AFCN14tDAAu+GJpACABFAAAwAAAAAP8ROWXAqAD9wKgACsW6AEUAHD4gAAFyZmMxMzUwLnR4dABvY3RldAA="}
-00635{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":3,"source":"tftp.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":946730124846,"flow_last_seen":946730124846,"flow_idle_time":200000,"flow_min_l4_payload_len":20,"flow_max_l4_payload_len":20,"flow_tot_l4_payload_len":20,"flow_avg_l4_payload_len":20,"midstream":0,"thread_ts_msec":946730124846,"l3_proto":"ip4","src_ip":"192.168.0.253","dst_ip":"192.168.0.10","src_port":50618,"dst_port":69,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"TFTP","breed":"Acceptable","category":"DataTransfer"}}
-00577{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":4,"source":"tftp.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":946730124846,"flow_last_seen":946730124846,"flow_idle_time":200000,"flow_min_l4_payload_len":516,"flow_max_l4_payload_len":516,"flow_tot_l4_payload_len":516,"flow_avg_l4_payload_len":516,"midstream":0,"thread_ts_msec":946730124846,"l3_proto":"ip4","src_ip":"192.168.0.10","dst_ip":"192.168.0.253","src_port":3445,"dst_port":50618,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
+00641{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":3,"source":"tftp.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946730124846,"flow_last_seen":946730124846,"flow_idle_time":200000,"flow_min_l4_payload_len":20,"flow_max_l4_payload_len":20,"flow_tot_l4_payload_len":20,"midstream":0,"thread_ts_msec":946730124846,"l3_proto":"ip4","src_ip":"192.168.0.253","dst_ip":"192.168.0.10","src_port":50618,"dst_port":69,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"TFTP","breed":"Acceptable","category":"DataTransfer"}}
+00582{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":4,"source":"tftp.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946730124846,"flow_last_seen":946730124846,"flow_idle_time":200000,"flow_min_l4_payload_len":516,"flow_max_l4_payload_len":516,"flow_tot_l4_payload_len":516,"midstream":0,"thread_ts_msec":946730124846,"l3_proto":"ip4","src_ip":"192.168.0.10","dst_ip":"192.168.0.253","src_port":3445,"dst_port":50618,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
01118{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4,"source":"tftp.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":1,"flow_last_seen":946730124846,"flow_idle_time":200000,"pkt_oversize":false,"pkt_caplen":558,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":558,"pkt_l4_len":524,"thread_ts_msec":946730124846,"pkt":"AAu+GJpAAFCN14tDCABFAAIgkyUAAIARI1DAqAAKwKgA\/Q11xboCDNSjAAMAAQoKCgoKCk5ldHdvcmsgV29ya2luZyBHcm91cCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgSy4gU29sbGlucwpSZXF1ZXN0IEZvciBDb21tZW50czogMTM1MCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBNSVQKU1REOiAzMyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgSnVseSAxOTkyCk9ic29sZXRlczogUkZDIDc4MwoKCiAgICAgICAgICAgICAgICAgICAgIFRIRSBURlRQIFBST1RPQ09MIChSRVZJU0lPTiAyKQoKU3RhdHVzIG9mIHRoaXMgTWVtbwoKICAgVGhpcyBSRkMgc3BlY2lmaWVzIGFuIElBQiBzdGFuZGFyZHMgdHJhY2sgcHJvdG9jb2wgZm9yIHRoZSBJbnRlcm5ldAogICBjb21tdW5pdHksIGFuZCByZXF1ZXN0cyBkaXNjdXNzaW9uIGFuZCBzdWdnZXN0aW9ucyBmb3IgaW1wcm92ZW1lbnRzLgogICBQbGVhc2UgcmVmZXIgdG8gdGhlIGN1cnJlbnQgZWRpdGlvbiBvZiB0aGUgIklB"}
00450{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5,"source":"tftp.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":2,"flow_last_seen":946730124846,"flow_idle_time":200000,"pkt_oversize":false,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":12,"thread_ts_msec":946730124846,"pkt":"AFCN14tDAAu+GJpACABFAAAgAAEAAP8ROXTAqAD9wKgACsW6DXUADKpJAAQAAQAAAAAAAAAAAAAAAAAA"}
01118{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6,"source":"tftp.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":3,"flow_last_seen":946730124846,"flow_idle_time":200000,"pkt_oversize":false,"pkt_caplen":558,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":558,"pkt_l4_len":524,"thread_ts_msec":946730124846,"pkt":"AAu+GJpAAFCN14tDCABFAAIgkycAAIARI07AqAAKwKgA\/Q11xboCDOXlAAMAAkIgT2ZmaWNpYWwgUHJvdG9jb2wKICAgU3RhbmRhcmRzIiBmb3IgdGhlIHN0YW5kYXJkaXphdGlvbiBzdGF0ZSBhbmQgc3RhdHVzIG9mIHRoaXMgcHJvdG9jb2wuCiAgIERpc3RyaWJ1dGlvbiBvZiB0aGlzIG1lbW8gaXMgdW5saW1pdGVkLgoKU3VtbWFyeQoKICAgVEZUUCBpcyBhIHZlcnkgc2ltcGxlIHByb3RvY29sIHVzZWQgdG8gdHJhbnNmZXIgZmlsZXMuICBJdCBpcyBmcm9tCiAgIHRoaXMgdGhhdCBpdHMgbmFtZSBjb21lcywgVHJpdmlhbCBGaWxlIFRyYW5zZmVyIFByb3RvY29sIG9yIFRGVFAuCiAgIEVhY2ggbm9udGVybWluYWwgcGFja2V0IGlzIGFja25vd2xlZGdlZCBzZXBhcmF0ZWx5LiAgVGhpcyBkb2N1bWVudAogICBkZXNjcmliZXMgdGhlIHByb3RvY29sIGFuZCBpdHMgdHlwZXMgb2YgcGFja2V0cy4gIFRoZSBkb2N1bWVudCBhbHNvCiAgIGV4cGxhaW5zIHRoZSByZWFzb25zIGJlaGluZCBzb21lIG9mIHRoZSBkZXNpZ24gZGVjaXNpb25zLgoKQWNrbm93bGVnZW1lbnRzCgogICBUaGUg"}
-00772{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":7,"source":"tftp.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_packets_processed":4,"flow_first_seen":946730124846,"flow_last_seen":946730124846,"flow_idle_time":200000,"flow_min_l4_payload_len":4,"flow_max_l4_payload_len":516,"flow_tot_l4_payload_len":1040,"flow_avg_l4_payload_len":260,"midstream":0,"thread_ts_msec":946730124846,"l3_proto":"ip4","src_ip":"192.168.0.10","dst_ip":"192.168.0.253","src_port":3445,"dst_port":50618,"l4_proto":"udp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}}},"confidence": {"6":"DPI"},"proto":"TFTP","breed":"Acceptable","category":"DataTransfer"}}
+00777{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":7,"source":"tftp.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":946730124846,"flow_last_seen":946730124846,"flow_idle_time":200000,"flow_min_l4_payload_len":4,"flow_max_l4_payload_len":516,"flow_tot_l4_payload_len":1040,"midstream":0,"thread_ts_msec":946730124846,"l3_proto":"ip4","src_ip":"192.168.0.10","dst_ip":"192.168.0.253","src_port":3445,"dst_port":50618,"l4_proto":"udp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}}},"confidence": {"6":"DPI"},"proto":"TFTP","breed":"Acceptable","category":"DataTransfer"}}
00554{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":102,"source":"tftp.pcap","alias":"nDPId-test","packets-captured":102,"packets-processed":101,"total-skipped-flows":0,"total-l4-payload-len":25039,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":4,"total-detection-updates":0,"total-updates":0,"current-active-flows":4,"total-active-flows":4,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":17,"global_ts_msec":946733724846}
-00571{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":102,"source":"tftp.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":946733724846,"flow_last_seen":946733724846,"flow_idle_time":200000,"flow_min_l4_payload_len":19,"flow_max_l4_payload_len":19,"flow_tot_l4_payload_len":19,"flow_avg_l4_payload_len":19,"midstream":0,"thread_ts_msec":946733724846,"l3_proto":"ip4","src_ip":"172.28.4.53","dst_ip":"172.16.5.170","src_port":54627,"dst_port":69,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
+00577{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":102,"source":"tftp.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946733724846,"flow_last_seen":946733724846,"flow_idle_time":200000,"flow_min_l4_payload_len":19,"flow_max_l4_payload_len":19,"flow_tot_l4_payload_len":19,"midstream":0,"thread_ts_msec":946733724846,"l3_proto":"ip4","src_ip":"172.28.4.53","dst_ip":"172.16.5.170","src_port":54627,"dst_port":69,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
00456{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":102,"source":"tftp.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":1,"flow_last_seen":946733724846,"flow_idle_time":200000,"pkt_oversize":false,"pkt_caplen":61,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":61,"pkt_l4_len":27,"thread_ts_msec":946733724846,"pkt":"9Opn97JCCAAnntJbCABFAAAv+hlAAEAR3pisHAQ1rBAFqtVjAEUAGx52AAFzeXNtYW4ubGlzAG9jdGV0AA=="}
-00635{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":102,"source":"tftp.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":946733724846,"flow_last_seen":946733724846,"flow_idle_time":200000,"flow_min_l4_payload_len":19,"flow_max_l4_payload_len":19,"flow_tot_l4_payload_len":19,"flow_avg_l4_payload_len":19,"midstream":0,"thread_ts_msec":946733724846,"l3_proto":"ip4","src_ip":"172.28.4.53","dst_ip":"172.16.5.170","src_port":54627,"dst_port":69,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"TFTP","breed":"Acceptable","category":"DataTransfer"}}
-00794{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":103,"source":"tftp.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_packets_processed":1,"flow_first_seen":946730124846,"flow_last_seen":946730124846,"flow_idle_time":200000,"flow_min_l4_payload_len":19,"flow_max_l4_payload_len":19,"flow_tot_l4_payload_len":19,"flow_avg_l4_payload_len":19,"midstream":0,"thread_ts_msec":946733724846,"l3_proto":"ip4","src_ip":"172.28.4.53","dst_ip":"172.16.5.170","src_port":54626,"dst_port":69,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"17": {"risk":"Malformed Packet","severity":"Low","risk_score": {"total":260,"client":130,"server":130}}},"confidence": {"6":"DPI"},"proto":"TFTP","breed":"Acceptable","category":"DataTransfer"}}
-00790{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":103,"source":"tftp.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_packets_processed":1,"flow_first_seen":946730124846,"flow_last_seen":946730124846,"flow_idle_time":200000,"flow_min_l4_payload_len":9,"flow_max_l4_payload_len":9,"flow_tot_l4_payload_len":9,"flow_avg_l4_payload_len":9,"midstream":0,"thread_ts_msec":946733724846,"l3_proto":"ip4","src_ip":"172.28.4.53","dst_ip":"172.16.5.170","src_port":54632,"dst_port":69,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"17": {"risk":"Malformed Packet","severity":"Low","risk_score": {"total":260,"client":130,"server":130}}},"confidence": {"6":"DPI"},"proto":"TFTP","breed":"Acceptable","category":"DataTransfer"}}
-00815{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":103,"source":"tftp.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_packets_processed":98,"flow_first_seen":946730124846,"flow_last_seen":946730124846,"flow_idle_time":200000,"flow_min_l4_payload_len":4,"flow_max_l4_payload_len":516,"flow_tot_l4_payload_len":24991,"flow_avg_l4_payload_len":255,"midstream":0,"thread_ts_msec":946733724846,"l3_proto":"ip4","src_ip":"192.168.0.10","dst_ip":"192.168.0.253","src_port":3445,"dst_port":50618,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}}},"confidence": {"6":"DPI"},"proto":"TFTP","breed":"Acceptable","category":"DataTransfer"}}
-00676{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":103,"source":"tftp.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_packets_processed":1,"flow_first_seen":946730124846,"flow_last_seen":946730124846,"flow_idle_time":200000,"flow_min_l4_payload_len":20,"flow_max_l4_payload_len":20,"flow_tot_l4_payload_len":20,"flow_avg_l4_payload_len":20,"midstream":0,"thread_ts_msec":946733724846,"l3_proto":"ip4","src_ip":"192.168.0.253","dst_ip":"192.168.0.10","src_port":50618,"dst_port":69,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"TFTP","breed":"Acceptable","category":"DataTransfer"}}
+00641{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":102,"source":"tftp.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946733724846,"flow_last_seen":946733724846,"flow_idle_time":200000,"flow_min_l4_payload_len":19,"flow_max_l4_payload_len":19,"flow_tot_l4_payload_len":19,"midstream":0,"thread_ts_msec":946733724846,"l3_proto":"ip4","src_ip":"172.28.4.53","dst_ip":"172.16.5.170","src_port":54627,"dst_port":69,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"TFTP","breed":"Acceptable","category":"DataTransfer"}}
+00800{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":103,"source":"tftp.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946730124846,"flow_last_seen":946730124846,"flow_idle_time":200000,"flow_min_l4_payload_len":19,"flow_max_l4_payload_len":19,"flow_tot_l4_payload_len":19,"midstream":0,"thread_ts_msec":946733724846,"l3_proto":"ip4","src_ip":"172.28.4.53","dst_ip":"172.16.5.170","src_port":54626,"dst_port":69,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"17": {"risk":"Malformed Packet","severity":"Low","risk_score": {"total":260,"client":130,"server":130}}},"confidence": {"6":"DPI"},"proto":"TFTP","breed":"Acceptable","category":"DataTransfer"}}
+00797{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":103,"source":"tftp.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946730124846,"flow_last_seen":946730124846,"flow_idle_time":200000,"flow_min_l4_payload_len":9,"flow_max_l4_payload_len":9,"flow_tot_l4_payload_len":9,"midstream":0,"thread_ts_msec":946733724846,"l3_proto":"ip4","src_ip":"172.28.4.53","dst_ip":"172.16.5.170","src_port":54632,"dst_port":69,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"17": {"risk":"Malformed Packet","severity":"Low","risk_score": {"total":260,"client":130,"server":130}}},"confidence": {"6":"DPI"},"proto":"TFTP","breed":"Acceptable","category":"DataTransfer"}}
+00821{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":103,"source":"tftp.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":49,"flow_dst_packets_processed":49,"flow_first_seen":946730124846,"flow_last_seen":946730124846,"flow_idle_time":200000,"flow_min_l4_payload_len":4,"flow_max_l4_payload_len":516,"flow_tot_l4_payload_len":24991,"midstream":0,"thread_ts_msec":946733724846,"l3_proto":"ip4","src_ip":"192.168.0.10","dst_ip":"192.168.0.253","src_port":3445,"dst_port":50618,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}}},"confidence": {"6":"DPI"},"proto":"TFTP","breed":"Acceptable","category":"DataTransfer"}}
+00682{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":103,"source":"tftp.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946730124846,"flow_last_seen":946730124846,"flow_idle_time":200000,"flow_min_l4_payload_len":20,"flow_max_l4_payload_len":20,"flow_tot_l4_payload_len":20,"midstream":0,"thread_ts_msec":946733724846,"l3_proto":"ip4","src_ip":"192.168.0.253","dst_ip":"192.168.0.10","src_port":50618,"dst_port":69,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"TFTP","breed":"Acceptable","category":"DataTransfer"}}
00554{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":103,"source":"tftp.pcap","alias":"nDPId-test","packets-captured":103,"packets-processed":102,"total-skipped-flows":0,"total-l4-payload-len":25058,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":5,"total-detection-updates":0,"total-updates":0,"current-active-flows":1,"total-active-flows":5,"total-idle-flows":4,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":25,"global_ts_msec":946737844630}
-00571{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":103,"source":"tftp.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":946737844630,"flow_last_seen":946737844630,"flow_idle_time":200000,"flow_min_l4_payload_len":18,"flow_max_l4_payload_len":18,"flow_tot_l4_payload_len":18,"flow_avg_l4_payload_len":18,"midstream":0,"thread_ts_msec":946737844630,"l3_proto":"ip4","src_ip":"172.28.5.91","dst_ip":"172.28.5.170","src_port":44618,"dst_port":69,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
+00577{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":103,"source":"tftp.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946737844630,"flow_last_seen":946737844630,"flow_idle_time":200000,"flow_min_l4_payload_len":18,"flow_max_l4_payload_len":18,"flow_tot_l4_payload_len":18,"midstream":0,"thread_ts_msec":946737844630,"l3_proto":"ip4","src_ip":"172.28.5.91","dst_ip":"172.28.5.170","src_port":44618,"dst_port":69,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
00452{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":103,"source":"tftp.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":1,"flow_last_seen":946737844630,"flow_idle_time":200000,"pkt_oversize":false,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":26,"thread_ts_msec":946737844630,"pkt":"eCSvPj0DAFBWn8+KCABFAAAuYudAAEARdJqsHAVbrBwFqq5KAEUAGkfgAAJ6ei5iaW4AbmV0YXNjaWkA"}
-00635{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":103,"source":"tftp.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":946737844630,"flow_last_seen":946737844630,"flow_idle_time":200000,"flow_min_l4_payload_len":18,"flow_max_l4_payload_len":18,"flow_tot_l4_payload_len":18,"flow_avg_l4_payload_len":18,"midstream":0,"thread_ts_msec":946737844630,"l3_proto":"ip4","src_ip":"172.28.5.91","dst_ip":"172.28.5.170","src_port":44618,"dst_port":69,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"TFTP","breed":"Acceptable","category":"DataTransfer"}}
-00570{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":104,"source":"tftp.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":946737844631,"flow_last_seen":946737844631,"flow_idle_time":200000,"flow_min_l4_payload_len":4,"flow_max_l4_payload_len":4,"flow_tot_l4_payload_len":4,"flow_avg_l4_payload_len":4,"midstream":0,"thread_ts_msec":946737844631,"l3_proto":"ip4","src_ip":"172.28.5.170","dst_ip":"172.28.5.91","src_port":62058,"dst_port":44618,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
+00641{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":103,"source":"tftp.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946737844630,"flow_last_seen":946737844630,"flow_idle_time":200000,"flow_min_l4_payload_len":18,"flow_max_l4_payload_len":18,"flow_tot_l4_payload_len":18,"midstream":0,"thread_ts_msec":946737844630,"l3_proto":"ip4","src_ip":"172.28.5.91","dst_ip":"172.28.5.170","src_port":44618,"dst_port":69,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"TFTP","breed":"Acceptable","category":"DataTransfer"}}
+00577{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":104,"source":"tftp.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946737844631,"flow_last_seen":946737844631,"flow_idle_time":200000,"flow_min_l4_payload_len":4,"flow_max_l4_payload_len":4,"flow_tot_l4_payload_len":4,"midstream":0,"thread_ts_msec":946737844631,"l3_proto":"ip4","src_ip":"172.28.5.170","dst_ip":"172.28.5.91","src_port":62058,"dst_port":44618,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
00437{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":104,"source":"tftp.pcap","alias":"nDPId-test","flow_id":7,"flow_packet_id":1,"flow_last_seen":946737844631,"flow_idle_time":200000,"pkt_oversize":false,"pkt_caplen":46,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":46,"pkt_l4_len":12,"thread_ts_msec":946737844631,"pkt":"AFBWn8+KeCSvPj0DCABFAAAgqt8AAEARbLCsHAWqrBwFW\/JqrkoADPveAAQAAA=="}
01206{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":105,"source":"tftp.pcap","alias":"nDPId-test","flow_id":7,"flow_packet_id":2,"flow_last_seen":946737844632,"flow_idle_time":200000,"pkt_oversize":false,"pkt_caplen":558,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":558,"pkt_l4_len":524,"thread_ts_msec":946737844632,"pkt":"eCSvPj0DAFBWn8+KCABFAAIgYuhAAEARcqesHAVbrBwFqq5K8moCDEJWAAMAAR+LCACcqPdgAAPs3L1untmCpufcR\/GhA5oMuEVS\/wLGCRUYA5RkCLATYQCzRPW0DIrcoKTq6cweH4fPYWDDgR3MMew+I389YwMFOnD6+MaFNxG1tLiuquiOnn\/96+5wdXG4eP3u5at3V88Pjw+\/fn59PL\/9+sevm\/vD3bff7x7+7b\/9dv9vz3\/8vD3+8d3h8Pnh8dvxbw4\/Hv7+5z\/ePH79V3\/3+OOffhzPbv\/u8OMf\/7uvjz++Pdz\/q79785erF3+5+LvDvzv\/67fbf\/V3ly+vnv\/LD9\/u\/\/7hX\/3dP\/z8+dd3z5794z\/+41\/+78t\/+fLw\/e\/+zeH\/+VWHf7z5cfiv\/9v\/5uvtf\/Gv\/38u\/P3x7ufPf\/r8\/O2rf\/Pu8Pff7r4ejr\/h59fvh+8Pv+5\/Hr4+Pj48vjv8+vH73\/\/4\/J\/\/7fl\/+uHfHM7\/q8OzP24enz3+un\/2n0+e\/aeTd4e\/\/S9\/+9\/\/+d8f\/vnf\/+0\/\/O3\/\/Nt\/\/Nv\/9rf\/ePjn\/\/mf\/6d\/\/vf\/\/D8ef\/w\/\/uVPf\/tf\/\/Yf0NDQ0NDQ0Oq0V09oN\/c3Xx4f7j8\/v3j+4oj71w+\/H\/77f\/mLv9zefLv7p\/\/ycPyn37\/d3\/z8fyXM\/8cv+vDw+P3m7vD13337eTi9PPwPx997\/G84e\/JL3uz+j0JDQ0NDQ0Or0Z7vJhoaGhoa"}
01206{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":106,"source":"tftp.pcap","alias":"nDPId-test","flow_id":7,"flow_packet_id":3,"flow_last_seen":946737844632,"flow_idle_time":200000,"pkt_oversize":false,"pkt_caplen":558,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":558,"pkt_l4_len":524,"thread_ts_msec":946737844632,"pkt":"eCSvPj0DAFBWn8+KCABFAAIgYulAAEARcqasHAVbrBwFqq5K8moCDEJWAAMAAR+LCACcqPdgAAPs3L1untmCpufcR\/GhA5oMuEVS\/wLGCRUYA5RkCLATYQCzRPW0DIrcoKTq6cweH4fPYWDDgR3MMew+I389YwMFOnD6+MaFNxG1tLiuquiOnn\/96+5wdXG4eP3u5at3V88Pjw+\/fn59PL\/9+sevm\/vD3bff7x7+7b\/9dv9vz3\/8vD3+8d3h8Pnh8dvxbw4\/Hv7+5z\/ePH79V3\/3+OOffhzPbv\/u8OMf\/7uvjz++Pdz\/q79785erF3+5+LvDvzv\/67fbf\/V3ly+vnv\/LD9\/u\/\/7hX\/3dP\/z8+dd3z5794z\/+41\/+78t\/+fLw\/e\/+zeH\/+VWHf7z5cfiv\/9v\/5uvtf\/Gv\/38u\/P3x7ufPf\/r8\/O2rf\/Pu8Pff7r4ejr\/h59fvh+8Pv+5\/Hr4+Pj48vjv8+vH73\/\/4\/J\/\/7fl\/+uHfHM7\/q8OzP24enz3+un\/2n0+e\/aeTd4e\/\/S9\/+9\/\/+d8f\/vnf\/+0\/\/O3\/\/Nt\/\/Nv\/9rf\/ePjn\/\/mf\/6d\/\/vf\/\/D8ef\/w\/\/uVPf\/tf\/\/Yf0NDQ0NDQ0Oq0V09oN\/c3Xx4f7j8\/v3j+4oj71w+\/H\/77f\/mLv9zefLv7p\/\/ycPyn37\/d3\/z8fyXM\/8cv+vDw+P3m7vD13337eTi9PPwPx997\/G84e\/JL3uz+j0JDQ0NDQ0Or0Z7vJhoaGhoa"}
-00773{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":107,"source":"tftp.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_packets_processed":4,"flow_first_seen":946737844631,"flow_last_seen":946737844632,"flow_idle_time":200000,"flow_min_l4_payload_len":4,"flow_max_l4_payload_len":516,"flow_tot_l4_payload_len":1040,"flow_avg_l4_payload_len":260,"midstream":0,"thread_ts_msec":946737844632,"l3_proto":"ip4","src_ip":"172.28.5.170","dst_ip":"172.28.5.91","src_port":62058,"dst_port":44618,"l4_proto":"udp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}}},"confidence": {"6":"DPI"},"proto":"TFTP","breed":"Acceptable","category":"DataTransfer"}}
-00812{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":107,"source":"tftp.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"finished","flow_packets_processed":4,"flow_first_seen":946737844631,"flow_last_seen":946737844632,"flow_idle_time":200000,"flow_min_l4_payload_len":4,"flow_max_l4_payload_len":516,"flow_tot_l4_payload_len":1040,"flow_avg_l4_payload_len":260,"midstream":0,"thread_ts_msec":946737844632,"l3_proto":"ip4","src_ip":"172.28.5.170","dst_ip":"172.28.5.91","src_port":62058,"dst_port":44618,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}}},"confidence": {"6":"DPI"},"proto":"TFTP","breed":"Acceptable","category":"DataTransfer"}}
-00674{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":107,"source":"tftp.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"finished","flow_packets_processed":1,"flow_first_seen":946733724846,"flow_last_seen":946733724846,"flow_idle_time":200000,"flow_min_l4_payload_len":19,"flow_max_l4_payload_len":19,"flow_tot_l4_payload_len":19,"flow_avg_l4_payload_len":19,"midstream":0,"thread_ts_msec":946737844632,"l3_proto":"ip4","src_ip":"172.28.4.53","dst_ip":"172.16.5.170","src_port":54627,"dst_port":69,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"TFTP","breed":"Acceptable","category":"DataTransfer"}}
-00674{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":107,"source":"tftp.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"finished","flow_packets_processed":1,"flow_first_seen":946737844630,"flow_last_seen":946737844630,"flow_idle_time":200000,"flow_min_l4_payload_len":18,"flow_max_l4_payload_len":18,"flow_tot_l4_payload_len":18,"flow_avg_l4_payload_len":18,"midstream":0,"thread_ts_msec":946737844632,"l3_proto":"ip4","src_ip":"172.28.5.91","dst_ip":"172.28.5.170","src_port":44618,"dst_port":69,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"TFTP","breed":"Acceptable","category":"DataTransfer"}}
+00778{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":107,"source":"tftp.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":946737844631,"flow_last_seen":946737844632,"flow_idle_time":200000,"flow_min_l4_payload_len":4,"flow_max_l4_payload_len":516,"flow_tot_l4_payload_len":1040,"midstream":0,"thread_ts_msec":946737844632,"l3_proto":"ip4","src_ip":"172.28.5.170","dst_ip":"172.28.5.91","src_port":62058,"dst_port":44618,"l4_proto":"udp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}}},"confidence": {"6":"DPI"},"proto":"TFTP","breed":"Acceptable","category":"DataTransfer"}}
+00817{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":107,"source":"tftp.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":946737844631,"flow_last_seen":946737844632,"flow_idle_time":200000,"flow_min_l4_payload_len":4,"flow_max_l4_payload_len":516,"flow_tot_l4_payload_len":1040,"midstream":0,"thread_ts_msec":946737844632,"l3_proto":"ip4","src_ip":"172.28.5.170","dst_ip":"172.28.5.91","src_port":62058,"dst_port":44618,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}}},"confidence": {"6":"DPI"},"proto":"TFTP","breed":"Acceptable","category":"DataTransfer"}}
+00680{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":107,"source":"tftp.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946733724846,"flow_last_seen":946733724846,"flow_idle_time":200000,"flow_min_l4_payload_len":19,"flow_max_l4_payload_len":19,"flow_tot_l4_payload_len":19,"midstream":0,"thread_ts_msec":946737844632,"l3_proto":"ip4","src_ip":"172.28.4.53","dst_ip":"172.16.5.170","src_port":54627,"dst_port":69,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"TFTP","breed":"Acceptable","category":"DataTransfer"}}
+00680{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":107,"source":"tftp.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946737844630,"flow_last_seen":946737844630,"flow_idle_time":200000,"flow_min_l4_payload_len":18,"flow_max_l4_payload_len":18,"flow_tot_l4_payload_len":18,"midstream":0,"thread_ts_msec":946737844632,"l3_proto":"ip4","src_ip":"172.28.5.91","dst_ip":"172.28.5.170","src_port":44618,"dst_port":69,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"TFTP","breed":"Acceptable","category":"DataTransfer"}}
00556{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":107,"source":"tftp.pcap","alias":"nDPId-test","packets-captured":107,"packets-processed":107,"total-skipped-flows":0,"total-l4-payload-len":26116,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":7,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":7,"total-idle-flows":7,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":37,"global_ts_msec":946737844632}
~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~
~~ packets captured/processed: 107/107
@@ -43,8 +43,8 @@
~~ total active/idle flows...: 7/7
~~ total timeout flows.......: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-~~ total memory allocated....: 6012658 bytes
-~~ total memory freed........: 6012658 bytes
+~~ total memory allocated....: 6012714 bytes
+~~ total memory freed........: 6012714 bytes
~~ total allocations/frees...: 121009/121009
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ json string min len.......: 442 chars
Powered by cgit, Themed by Ted Yin.