DAEMON-EVENT: init DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [.192.168.195.58][49399] -> [.192.168.193.12][.2000] [MIDSTREAM] detected: [.....1] [ip4][..tcp] [.192.168.195.58][49399] -> [.192.168.193.12][.2000] [CiscoSkinny][VoIP][Acceptable] new: [.....2] [ip4][..tcp] [.192.168.193.12][.2000] -> [.192.168.195.50][51532] [MIDSTREAM] detected: [.....2] [ip4][..tcp] [.192.168.193.12][.2000] -> [.192.168.195.50][51532] [CiscoSkinny][VoIP][Acceptable] analyse: [.....1] [ip4][..tcp] [.192.168.195.58][49399] -> [.192.168.193.12][.2000] [CiscoSkinny][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 3.610| 0.245| 0.877|769437.794| 0.000] [PKTLEN......: 60.000| 378.000| 114.200| 74.300| 5521.700| 4.800] [BINS(c->s)..: 9,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 9,2,0,0,5,1,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,1,1,0,1,1,1,1,0,1,0,1,1,1,1,0,1,0,0,1,1,0,1,0,1,1,0,0,0,1,0] [IATS(ms)....: 2.2,0.0,0.0,6.0,3.8,0.3,0.0,0.0,20.0,19.7,10.4,48.8,3559.6,0.0,0.1,3609.8,11.7,20.1,16.5,36.5,7.0,23.4,32.8,20.0,11.7,0.0,20.0,11.5,27.3,50.7,26.7,0.0] [PKTLENS.....: 78,82,70,78,60,378,82,90,82,60,214,74,60,78,194,90,60,266,60,102,60,198,60,198,60,198,186,60,106,106,60,106] new: [.....3] [ip4][..udp] [.192.168.195.58][32150] -> [.192.168.193.24][.9395] detected: [.....3] [ip4][..udp] [.192.168.195.58][32150] -> [.192.168.193.24][.9395] [RTP][Media][Acceptable] new: [.....4] [ip4][..udp] [.192.168.195.58][32144] -> [.192.168.195.50][17718] detected: [.....4] [ip4][..udp] [.192.168.195.58][32144] -> [.192.168.195.50][17718] [RTP][Media][Acceptable] new: [.....5] [ip4][..udp] [.192.168.195.50][17726] -> [.192.168.193.24][.9399] detected: [.....5] [ip4][..udp] [.192.168.195.50][17726] -> [.192.168.193.24][.9399] [RTP][Media][Acceptable] new: [.....6] [ip4][..udp] [.192.168.195.58][32152] -> [.192.168.193.24][.9396] detected: [.....6] [ip4][..udp] [.192.168.195.58][32152] -> [.192.168.193.24][.9396] [RTP][Media][Acceptable] new: [.....7] [ip4][..udp] [.192.168.195.50][17732] -> [.192.168.193.24][.9400] detected: [.....7] [ip4][..udp] [.192.168.195.50][17732] -> [.192.168.193.24][.9400] [RTP][Media][Acceptable] analyse: [.....4] [ip4][..udp] [.192.168.195.58][32144] -> [.192.168.195.50][17718] [RTP][Media][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.026| 0.010| 0.010| 104.356| 0.000] [PKTLEN......: 214.000| 214.000| 214.000| 0.000| 0.000| 5.000] [BINS(c->s)..: 0,0,0,0,0,18,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,0,0,0,1,1,0,0,1,1,0,0,1,1,0,0,1,1,0,0,1,1,0,0,1,1,0,0,1,1,0,0] [IATS(ms)....: 0.0,19.9,0.0,25.6,0.0,20.0,0.0,19.9,0.0,19.9,0.0,20.0,0.0,20.0,0.0,20.0,0.0,20.0,0.0,20.0,0.0,20.0,0.0,20.0,0.0,20.0,0.0,20.0,0.0,20.0,0.0,0.0] [PKTLENS.....: 214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214] analyse: [.....3] [ip4][..udp] [.192.168.195.58][32150] -> [.192.168.193.24][.9395] [RTP][Media][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.020| 0.020| 0.020| 0.000| 0.001| 0.000] [PKTLEN......: 214.000| 214.000| 214.000| 0.000| 0.000| 5.000] [BINS(c->s)..: 0,0,0,0,0,32,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [IATS(ms)....: 20.0,20.0,19.9,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.1,20.0,20.0,20.0,20.1,19.9,20.0,20.0,20.0,19.9,20.0,20.1,20.0,20.0,20.0,0.0] [PKTLENS.....: 214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214] analyse: [.....5] [ip4][..udp] [.192.168.195.50][17726] -> [.192.168.193.24][.9399] [RTP][Media][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.020| 0.020| 0.020| 0.000| 0.001| 0.000] [PKTLEN......: 214.000| 214.000| 214.000| 0.000| 0.000| 5.000] [BINS(c->s)..: 0,0,0,0,0,32,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [IATS(ms)....: 20.0,20.0,20.1,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.0,0.0] [PKTLENS.....: 214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214] analyse: [.....6] [ip4][..udp] [.192.168.195.58][32152] -> [.192.168.193.24][.9396] [RTP][Media][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.019| 0.021| 0.020| 0.000| 0.020| 0.000] [PKTLEN......: 214.000| 214.000| 214.000| 0.000| 0.000| 5.000] [BINS(c->s)..: 0,0,0,0,0,32,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [IATS(ms)....: 19.8,20.0,20.1,19.9,20.0,20.0,20.0,20.0,20.0,20.0,20.0,19.9,20.0,20.0,20.0,20.0,20.0,20.0,20.5,19.5,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.0,0.0] [PKTLENS.....: 214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214] analyse: [.....7] [ip4][..udp] [.192.168.195.50][17732] -> [.192.168.193.24][.9400] [RTP][Media][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.020| 0.020| 0.020| 0.000| 0.001| 0.000] [PKTLEN......: 214.000| 214.000| 214.000| 0.000| 0.000| 5.000] [BINS(c->s)..: 0,0,0,0,0,32,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [IATS(ms)....: 20.0,20.0,20.1,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.0,20.1,20.0,20.0,20.0,20.1,19.9,20.0,19.9,20.0,19.9,20.0,20.1,20.0,20.0,20.0,20.0,20.0,20.0,0.0] [PKTLENS.....: 214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214] new: [.....8] [ip4][..tcp] [.192.168.195.58][50917] -> [.....10.16.2.25][.2000] [MIDSTREAM] detected: [.....8] [ip4][..tcp] [.192.168.195.58][50917] -> [.....10.16.2.25][.2000] [CiscoSkinny][VoIP][Acceptable] analyse: [.....2] [ip4][..tcp] [.192.168.193.12][.2000] -> [.192.168.195.50][51532] [CiscoSkinny][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 7.046| 0.705| 1.877|3523893.789| 0.000] [PKTLEN......: 60.000| 546.000| 110.900| 93.800| 8793.000| 4.700] [BINS(c->s)..: 10,2,0,0,4,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 10,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,0,0,1,0,1,1,1,0,0,0,0,1,0,1,0,0,1,0,1,1,0,1,1,1,0,1,0,0,0,0,1] [IATS(ms)....: 0.0,0.1,0.7,0.7,19.9,3583.0,19.3,3622.2,2.1,0.0,0.0,18.0,15.9,20.1,36.3,2.1,20.0,30.9,40.0,6.9,19.1,13.1,64.1,28.3,103.9,42.3,80.4,6999.6,0.0,5.8,7045.9,0.0] [PKTLENS.....: 90,82,86,60,266,60,74,74,60,82,70,78,60,546,60,198,198,60,198,60,102,186,60,106,106,60,106,60,82,82,78,60] new: [.....9] [ip4][.icmp] [.192.168.195.50] -> [.192.168.195.58] detected: [.....9] [ip4][.icmp] [.192.168.195.50] -> [.192.168.195.58] [ICMP][Network][Acceptable] idle: [.....9] [ip4][.icmp] [.192.168.195.50] -> [.192.168.195.58] [ICMP][Network][Acceptable] idle: [.....1] [ip4][..tcp] [.192.168.195.58][49399] -> [.192.168.193.12][.2000] [CiscoSkinny][VoIP][Acceptable] idle: [.....2] [ip4][..tcp] [.192.168.193.12][.2000] -> [.192.168.195.50][51532] [CiscoSkinny][VoIP][Acceptable] idle: [.....5] [ip4][..udp] [.192.168.195.50][17726] -> [.192.168.193.24][.9399] [RTP][Media][Acceptable] idle: [.....7] [ip4][..udp] [.192.168.195.50][17732] -> [.192.168.193.24][.9400] [RTP][Media][Acceptable] idle: [.....3] [ip4][..udp] [.192.168.195.58][32150] -> [.192.168.193.24][.9395] [RTP][Media][Acceptable] idle: [.....6] [ip4][..udp] [.192.168.195.58][32152] -> [.192.168.193.24][.9396] [RTP][Media][Acceptable] idle: [.....4] [ip4][..udp] [.192.168.195.58][32144] -> [.192.168.195.50][17718] [RTP][Media][Acceptable] idle: [.....8] [ip4][..tcp] [.192.168.195.58][50917] -> [.....10.16.2.25][.2000] [CiscoSkinny][VoIP][Acceptable] DAEMON-EVENT: shutdown