00615{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"max-flows-per-thread":32768,"max-idle-flows-per-thread":1024,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":7560000000,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0}
00836{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":1,"packets-processed":0,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2,"global_ts_usec":1674583448287506}
00774{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1674583461865595,"flow_src_last_pkt_time":1674583461865595,"flow_dst_last_pkt_time":1674583461865595,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1674583461865595,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"192.168.1.2","src_port":56272,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00561{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_src_last_pkt_time":1674583461865595,"flow_dst_last_pkt_time":1674583461865595,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":78,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":78,"pkt_l4_len":44,"thread_ts_usec":1674583461865595,"pkt":"AICPmq69KDc3AG3ICABFAABAAABAAP8G97LAqAGywKgBAtvQAFAaMXySAAAAALAC\/\/+gxwAAAgQFtAEDAwUBAQgKBzOYGQAAAAAEAgAA"}
00775{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1674583461865599,"flow_src_last_pkt_time":1674583461865599,"flow_dst_last_pkt_time":1674583461865599,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1674583461865599,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"192.168.1.2","src_port":56273,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00561{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_src_last_pkt_time":1674583461865599,"flow_dst_last_pkt_time":1674583461865599,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":78,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":78,"pkt_l4_len":44,"thread_ts_usec":1674583461865599,"pkt":"AICPmq69KDc3AG3ICABFAABAAABAAP8G97LAqAGywKgBAtvRAbuqfYgvAAAAALAC\/\/8DcgAAAgQFtAEDAwUBAQgKBzOYGQAAAAAEAgAA"}
00555{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_src_last_pkt_time":1674583461865595,"flow_dst_last_pkt_time":1674583461866656,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1674583461866656,"pkt":"KDc3AG3IAICPmq69CABFAAA8AABAAEAGtrfAqAECwKgBsgBQ29DADINiGjF8k6AScSBavQAAAgQFtAQCCAoAP6ItBzOYGQEDAwc="}
00543{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":3,"flow_src_last_pkt_time":1674583461866773,"flow_dst_last_pkt_time":1674583461866656,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1674583461866773,"pkt":"AICPmq69KDc3AG3ICABFAAA0AABAAP8G977AqAGywKgBAtvQAFAaMXyTwAyDY4AQEBXqkwAAAQEICgczmBoAP6It"}
00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":2,"flow_src_last_pkt_time":1674583461865599,"flow_dst_last_pkt_time":1674583461866839,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1674583461866839,"pkt":"KDc3AG3IAICPmq69CABFAAA8AABAAEAGtrfAqAECwKgBsgG729HP\/qw3qn2IMKAScSCEoAAAAgQFtAQCCAoAP6ItBzOYGQEDAwc="}
00544{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":8,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":3,"flow_src_last_pkt_time":1674583461866873,"flow_dst_last_pkt_time":1674583461866839,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1674583461866873,"pkt":"AICPmq69KDc3AG3ICABFAAA0AABAAP8G977AqAGywKgBAtvRAbuqfYgwz\/6sOIAQEBUUdwAAAQEICgczmBoAP6It"}
00527{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":9,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":4,"flow_src_last_pkt_time":1674583461866897,"flow_dst_last_pkt_time":1674583461866656,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":1674583461866897,"pkt":"AICPmq69KDc3AG3ICABFAAAoAABAAP8G98rAqAGywKgBAtvQAFAaMXyTwAyDY1AUEBVlYQAA"}
00529{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":10,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":4,"flow_src_last_pkt_time":1674583461866946,"flow_dst_last_pkt_time":1674583461866839,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":1674583461866946,"pkt":"AICPmq69KDc3AG3ICABFAAAoAABAAP8G98rAqAGywKgBAtvRAbuqfYgwz\/6sOFAUEBWPRAAA"}
00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":11,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1674583461880765,"flow_src_last_pkt_time":1674583461880765,"flow_dst_last_pkt_time":1674583461880765,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1674583461880765,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"192.168.1.2","src_port":56274,"dst_port":445,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00562{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":11,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":3,"flow_packet_id":1,"flow_src_last_pkt_time":1674583461880765,"flow_dst_last_pkt_time":1674583461880765,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":78,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":78,"pkt_l4_len":44,"thread_ts_usec":1674583461880765,"pkt":"AICPmq69KDc3AG3ICABFAABAAABAAP8G97LAqAGywKgBAtvSAb0tgNLTAAAAALAC\/\/81ugAAAgQFtAEDAwUBAQgKBzOYJwAAAAAEAgAA"}
00536{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":12,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":3,"flow_packet_id":2,"flow_src_last_pkt_time":1674583461880765,"flow_dst_last_pkt_time":1674583461881499,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":20,"thread_ts_usec":1674583461881499,"pkt":"KDc3AG3IAICPmq69CABFAAAo6o9AAEAGzDvAqAECwKgBsgG929IAAAAALYDS1FAUAABN5wAAAAAAAAAA"}
00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":17,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1674583480667908,"flow_src_last_pkt_time":1674583480667908,"flow_dst_last_pkt_time":1674583480667908,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1674583480667908,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"192.168.1.2","src_port":43067,"dst_port":3389,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00536{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":17,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":4,"flow_packet_id":1,"flow_src_last_pkt_time":1674583480667908,"flow_dst_last_pkt_time":1674583480667908,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":1674583480667908,"pkt":"AICPmq69KDc3AG3ICABFAAAs390AADkGHerAqAGywKgBAqg7DT33aG6WAAAAAGACBAD0qQAAAgQFtA=="}
00536{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":18,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":4,"flow_packet_id":2,"flow_src_last_pkt_time":1674583480667908,"flow_dst_last_pkt_time":1674583480668537,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":20,"thread_ts_usec":1674583480668537,"pkt":"KDc3AG3IAICPmq69CABFAAAo7VpAAEAGyXDAqAECwKgBsg09qDsAAAAA92hul1AUAAAQUwAAAAAAAAAA"}
00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":21,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1674583488939833,"flow_src_last_pkt_time":1674583488939833,"flow_dst_last_pkt_time":1674583488939833,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1674583488939833,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"192.168.1.2","src_port":62971,"dst_port":3390,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00528{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":21,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":5,"flow_packet_id":1,"flow_src_last_pkt_time":1674583488939833,"flow_dst_last_pkt_time":1674583488939833,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":1674583488939833,"pkt":"AICPmq69KDc3AG3ICABFAAAoyXMAACoGQ1jAqAGywKgBAvX7DT7+udErAAAAAFABBABUvwAA"}
00537{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":22,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":5,"flow_packet_id":2,"flow_src_last_pkt_time":1674583488939833,"flow_dst_last_pkt_time":1674583488940443,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":20,"thread_ts_usec":1674583488940443,"pkt":"KDc3AG3IAICPmq69CABFAAAo8E9AAEAGxnvAqAECwKgBsg0+9fsAAAAA\/rnRLFAUAABYqwAAAAAAAAAA"}
00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":25,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1674583496676115,"flow_src_last_pkt_time":1674583496676115,"flow_dst_last_pkt_time":1674583496676115,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1674583496676115,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"192.168.1.2","src_port":57916,"dst_port":3391,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00528{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":25,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":6,"flow_packet_id":1,"flow_src_last_pkt_time":1674583496676115,"flow_dst_last_pkt_time":1674583496676115,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":1674583496676115,"pkt":"AICPmq69KDc3AG3ICABFAAAoe1IAAC0GjnnAqAGywKgBAuI8DT+4WmFbAAAAAFAABAAergAA"}
00537{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":26,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":6,"flow_packet_id":2,"flow_src_last_pkt_time":1674583496676115,"flow_dst_last_pkt_time":1674583496676680,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":20,"thread_ts_usec":1674583496676680,"pkt":"KDc3AG3IAICPmq69CABFAAAo8LdAAEAGxhPAqAECwKgBsg0\/4jwAAAAAuFphW1AUAAAimgAAAAAAAAAA"}
00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":29,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1674583501982691,"flow_src_last_pkt_time":1674583501982691,"flow_dst_last_pkt_time":1674583501982691,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1674583501982691,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"192.168.1.2","src_port":63243,"dst_port":3392,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00528{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":29,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":7,"flow_packet_id":1,"flow_src_last_pkt_time":1674583501982691,"flow_dst_last_pkt_time":1674583501982691,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":1674583501982691,"pkt":"AICPmq69KDc3AG3ICABFAAAohgUAADMGfcbAqAGywKgBAvcLDUDJoapcAAAAAFApBACvbAAA"}
00536{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":30,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":7,"flow_packet_id":2,"flow_src_last_pkt_time":1674583501982691,"flow_dst_last_pkt_time":1674583501983146,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":20,"thread_ts_usec":1674583501983146,"pkt":"KDc3AG3IAICPmq69CABFAAAo8MlAAEAGxgHAqAECwKgBsg1A9wsAAAAAyaGqXVAUAACzgAAAAAAAAAAA"}
01284{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":30,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1674583480667908,"flow_src_last_pkt_time":1674583480667908,"flow_dst_last_pkt_time":1674583480668537,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1674583501983146,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"192.168.1.2","src_port":43067,"dst_port":3389,"l4_proto":"tcp","ndpi": {"flow_risk": {"30": {"risk":"Desktop\/File Sharing","severity":"Low","risk_score": {"total":600,"client":480,"server":120}},"50": {"risk":"TCP Connection Issues","severity":"Medium","risk_score": {"total":350,"client":235,"server":115}},"55": {"risk":"Probing Attempt","severity":"Medium","risk_score": {"total":510,"client":375,"server":135}}},"confidence": {"1":"Match by port"},"proto":"RDP","proto_id":"88","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":12,"category":"RemoteAccess"}}
00777{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":30,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1674583480667908,"flow_src_last_pkt_time":1674583480667908,"flow_dst_last_pkt_time":1674583480668537,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1674583501983146,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"192.168.1.2","src_port":43067,"dst_port":3389,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
01202{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":30,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1674583461865595,"flow_src_last_pkt_time":1674583461866897,"flow_dst_last_pkt_time":1674583461866656,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1674583501983146,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"192.168.1.2","src_port":56272,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"50": {"risk":"TCP Connection Issues","severity":"Medium","risk_score": {"total":350,"client":235,"server":115}},"55": {"risk":"Probing Attempt","severity":"Medium","risk_score": {"total":510,"client":375,"server":135}}},"confidence": {"1":"Match by port"},"proto":"HTTP","proto_id":"7","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web","hostname":"","domainame":"","http": {}}}
00775{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":30,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1674583461865595,"flow_src_last_pkt_time":1674583461866897,"flow_dst_last_pkt_time":1674583461866656,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1674583501983146,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"192.168.1.2","src_port":56272,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
01157{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":30,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1674583461865599,"flow_src_last_pkt_time":1674583461866946,"flow_dst_last_pkt_time":1674583461866839,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1674583501983146,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"192.168.1.2","src_port":56273,"dst_port":443,"l4_proto":"tcp","ndpi": {"flow_risk": {"50": {"risk":"TCP Connection Issues","severity":"Medium","risk_score": {"total":350,"client":235,"server":115}},"55": {"risk":"Probing Attempt","severity":"Medium","risk_score": {"total":510,"client":375,"server":135}}},"confidence": {"1":"Match by port"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}}
00776{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":30,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1674583461865599,"flow_src_last_pkt_time":1674583461866946,"flow_dst_last_pkt_time":1674583461866839,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1674583501983146,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"192.168.1.2","src_port":56273,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
01170{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":30,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1674583461880765,"flow_src_last_pkt_time":1674583461880765,"flow_dst_last_pkt_time":1674583461881499,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1674583501983146,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"192.168.1.2","src_port":56274,"dst_port":445,"l4_proto":"tcp","ndpi": {"flow_risk": {"50": {"risk":"TCP Connection Issues","severity":"Medium","risk_score": {"total":350,"client":235,"server":115}},"55": {"risk":"Probing Attempt","severity":"Medium","risk_score": {"total":510,"client":375,"server":135}}},"confidence": {"1":"Match by port"},"proto":"SMBv23","proto_id":"41","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}}
00776{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":30,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1674583461880765,"flow_src_last_pkt_time":1674583461880765,"flow_dst_last_pkt_time":1674583461881499,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1674583501983146,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"192.168.1.2","src_port":56274,"dst_port":445,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
01100{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":30,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1674583496676115,"flow_src_last_pkt_time":1674583496676115,"flow_dst_last_pkt_time":1674583496676680,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1674583501983146,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"192.168.1.2","src_port":57916,"dst_port":3391,"l4_proto":"tcp","ndpi": {"flow_risk": {"50": {"risk":"TCP Connection Issues","severity":"Medium","risk_score": {"total":350,"client":235,"server":115}},"55": {"risk":"Probing Attempt","severity":"Medium","risk_score": {"total":510,"client":375,"server":135}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}}
00777{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":30,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1674583496676115,"flow_src_last_pkt_time":1674583496676115,"flow_dst_last_pkt_time":1674583496676680,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1674583501983146,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"192.168.1.2","src_port":57916,"dst_port":3391,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
01100{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":30,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1674583488939833,"flow_src_last_pkt_time":1674583488939833,"flow_dst_last_pkt_time":1674583488940443,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1674583501983146,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"192.168.1.2","src_port":62971,"dst_port":3390,"l4_proto":"tcp","ndpi": {"flow_risk": {"50": {"risk":"TCP Connection Issues","severity":"Medium","risk_score": {"total":350,"client":235,"server":115}},"55": {"risk":"Probing Attempt","severity":"Medium","risk_score": {"total":510,"client":375,"server":135}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}}
00777{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":30,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1674583488939833,"flow_src_last_pkt_time":1674583488939833,"flow_dst_last_pkt_time":1674583488940443,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1674583501983146,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"192.168.1.2","src_port":62971,"dst_port":3390,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
01100{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":30,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1674583501982691,"flow_src_last_pkt_time":1674583501982691,"flow_dst_last_pkt_time":1674583501983146,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1674583501983146,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"192.168.1.2","src_port":63243,"dst_port":3392,"l4_proto":"tcp","ndpi": {"flow_risk": {"50": {"risk":"TCP Connection Issues","severity":"Medium","risk_score": {"total":350,"client":235,"server":115}},"55": {"risk":"Probing Attempt","severity":"Medium","risk_score": {"total":510,"client":375,"server":135}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}}
00777{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":30,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1674583501982691,"flow_src_last_pkt_time":1674583501982691,"flow_dst_last_pkt_time":1674583501983146,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1674583501983146,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"192.168.1.2","src_port":63243,"dst_port":3392,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00842{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":30,"source":"cfgs\/default\/pcap\/tcp_scan.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":30,"packets-processed":18,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":3,"total-guessed-flows":4,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":7,"total-idle-flows":7,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":42,"global_ts_usec":1674583501983146}
~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~
~~ packets captured/processed: 30/18
~~ skipped flows.............: 0
~~ total layer4 data length..: 0 bytes
~~ total detected protocols..: 0
~~ total active/idle flows...: 7/7
~~ total timeout flows.......: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ total memory allocated....: 8437707 bytes
~~ total memory freed........: 8437707 bytes
~~ total allocations/frees...: 144833/144833
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ json message min len.......: 532 chars
~~ json message max len.......: 1289 chars
~~ json message avg len.......: 909 chars