summaryrefslogtreecommitdiff
path: root/test/results/z3950.pcapng.out
diff options
context:
space:
mode:
Diffstat (limited to 'test/results/z3950.pcapng.out')
-rw-r--r--test/results/z3950.pcapng.out16
1 files changed, 8 insertions, 8 deletions
diff --git a/test/results/z3950.pcapng.out b/test/results/z3950.pcapng.out
index 1ad802de9..c4938bc30 100644
--- a/test/results/z3950.pcapng.out
+++ b/test/results/z3950.pcapng.out
@@ -3,14 +3,14 @@
00458{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"z3950.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_last_seen":1623680697296,"flow_idle_time":7440000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"ts_msec":1623680697296,"pkt":"eJS0JASgYDjgxTWgCABFAAA07vtAAH8Gl6\/AqAJkwa7wXeYpANJ85vsBAAAAAIAC+vCgIgAAAgQFtAEDAwgBAQQC"}
00457{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"z3950.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_last_seen":1623680697327,"flow_idle_time":7440000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"ts_msec":1623680697327,"pkt":"YDjgxTWgeJS0JASgCABFAAA0AABAADYGz6vBrvBdwKgCZADS5indlQhqfOb7AoAS+vC6GgAAAgQFrAEBBAIBAwMH"}
00441{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"z3950.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":3,"flow_last_seen":1623680697329,"flow_idle_time":7440000,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"ts_msec":1623680697329,"pkt":"eJS0JASgYDjgxTWgCABFAAAo7vxAAH8Gl7rAqAJkwa7wXeYpANJ85vsC3ZUIa1AQAgTz0QAA"}
-00614{"flow_event_id":5,"flow_event_name":"guessed","thread_id":0,"packet_id":16,"source":"z3950.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_packets_processed":15,"flow_first_seen":1623680697296,"flow_last_seen":1623680698846,"flow_idle_time":7440000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1452,"flow_tot_l4_payload_len":4151,"flow_avg_l4_payload_len":276,"midstream":0,"ts_msec":1625070123680,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"193.174.240.93","src_port":58921,"dst_port":210,"l4_proto":"tcp","ndpi": {"proto":"Z39.50","breed":"Acceptable","category":"Network"}}
+00650{"flow_event_id":5,"flow_event_name":"guessed","thread_id":0,"packet_id":16,"source":"z3950.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_packets_processed":15,"flow_first_seen":1623680697296,"flow_last_seen":1623680698846,"flow_idle_time":7440000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1452,"flow_tot_l4_payload_len":4151,"flow_avg_l4_payload_len":276,"midstream":0,"ts_msec":1625070123680,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"193.174.240.93","src_port":58921,"dst_port":210,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"Z39.50","breed":"Acceptable","category":"Network"}}
00580{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":16,"source":"z3950.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_packets_processed":15,"flow_first_seen":1623680697296,"flow_last_seen":1623680698846,"flow_idle_time":7440000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1452,"flow_tot_l4_payload_len":4151,"flow_avg_l4_payload_len":276,"midstream":0,"ts_msec":1625070123680,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"193.174.240.93","src_port":58921,"dst_port":210,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
00571{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":16,"source":"z3950.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":1625070123680,"flow_last_seen":1625070123680,"flow_idle_time":7440000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":0,"ts_msec":1625070123680,"l3_proto":"ip4","src_ip":"192.168.0.20","dst_ip":"129.187.139.43","src_port":46524,"dst_port":9991,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
00459{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":16,"source":"z3950.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_last_seen":1625070123680,"flow_idle_time":7440000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"ts_msec":1625070123680,"pkt":"YDjgxTWgABjzZLGICABFAAA0k\/xAAJAGiSTAqAAUgbuLK7W8JweM39PGAAAAAIAC+vDNyQAAAgQFtAEBBAIBAwMH"}
00459{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":17,"source":"z3950.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":2,"flow_last_seen":1625070123709,"flow_idle_time":7440000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"ts_msec":1625070123709,"pkt":"ABjzZLGIYDjgxTWgCABFAAA0AABAADUGeCGBu4srwKgAFCcHtbz4JgxZjN\/Tx4ASchDtagAAAgQFrAEBBAIBAwMH"}
00444{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":18,"source":"z3950.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":3,"flow_last_seen":1625070123709,"flow_idle_time":7440000,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"ts_msec":1625070123709,"pkt":"YDjgxTWgABjzZLGICABFAAAok\/1AAJAGiS\/AqAAUgbuLK7W8JweM39PH+CYMWlAQAfbNvQAA"}
-00669{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":26,"source":"z3950.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_packets_processed":11,"flow_first_seen":1625070123680,"flow_last_seen":1625070196998,"flow_idle_time":7440000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":113,"flow_tot_l4_payload_len":368,"flow_avg_l4_payload_len":33,"midstream":0,"ts_msec":1625070196998,"l3_proto":"ip4","src_ip":"192.168.0.20","dst_ip":"129.187.139.43","src_port":46524,"dst_port":9991,"l4_proto":"tcp","ndpi": {"flow_risk": {"5":"Known protocol on non standard port"},"proto":"Z39.50","breed":"Acceptable","category":"Network"}}
-00707{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":31,"source":"z3950.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_packets_processed":16,"flow_first_seen":1625070123680,"flow_last_seen":1625070200217,"flow_idle_time":7440000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":113,"flow_tot_l4_payload_len":411,"flow_avg_l4_payload_len":25,"midstream":0,"ts_msec":1625070200217,"l3_proto":"ip4","src_ip":"192.168.0.20","dst_ip":"129.187.139.43","src_port":46524,"dst_port":9991,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"5":"Known protocol on non standard port"},"proto":"Z39.50","breed":"Acceptable","category":"Network"}}
+00778{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":26,"source":"z3950.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_packets_processed":11,"flow_first_seen":1625070123680,"flow_last_seen":1625070196998,"flow_idle_time":7440000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":113,"flow_tot_l4_payload_len":368,"flow_avg_l4_payload_len":33,"midstream":0,"ts_msec":1625070196998,"l3_proto":"ip4","src_ip":"192.168.0.20","dst_ip":"129.187.139.43","src_port":46524,"dst_port":9991,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Protocol on Non Standard Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}}},"confidence": {"4":"DPI"},"proto":"Z39.50","breed":"Acceptable","category":"Network"}}
+00816{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":31,"source":"z3950.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_packets_processed":16,"flow_first_seen":1625070123680,"flow_last_seen":1625070200217,"flow_idle_time":7440000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":113,"flow_tot_l4_payload_len":411,"flow_avg_l4_payload_len":25,"midstream":0,"ts_msec":1625070200217,"l3_proto":"ip4","src_ip":"192.168.0.20","dst_ip":"129.187.139.43","src_port":46524,"dst_port":9991,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"5": {"risk":"Known Protocol on Non Standard Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}}},"confidence": {"4":"DPI"},"proto":"Z39.50","breed":"Acceptable","category":"Network"}}
00156{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":31,"source":"z3950.pcapng","alias":"nDPId-test","total-events-serialized":14}
~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~
~~ packets captured/processed: 31/31
@@ -20,10 +20,10 @@
~~ total active/idle flows...: 2/2
~~ total timeout flows.......: 1
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-~~ total memory allocated....: 4607385 bytes
-~~ total memory freed........: 4607385 bytes
-~~ total allocations/frees...: 99591/99591
+~~ total memory allocated....: 4692010 bytes
+~~ total memory freed........: 4692010 bytes
+~~ total allocations/frees...: 101181/101181
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ json string min len.......: 161 chars
-~~ json string max len.......: 712 chars
-~~ json string avg len.......: 498 chars
+~~ json string max len.......: 821 chars
+~~ json string avg len.......: 548 chars
Powered by cgit, Themed by Ted Yin.