aboutsummaryrefslogtreecommitdiff
path: root/test/results/default/ieee_c37118.pcap.out
blob: 46cd3ca25fca6a21990e35a66933a6dcf9c7d66f (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37

00613{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/default\/pcap\/ieee_c37118.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","ndpi_api_version":11619,"size_per_flow":1408,"max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":7560000000,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0}
00837{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/ieee_c37118.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","ndpi_api_version":11619,"size_per_flow":1408,"packets-captured":1,"packets-processed":0,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2,"global_ts_usec":1218021007698753}
00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/ieee_c37118.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1218021007698753,"flow_src_last_pkt_time":1218021007698753,"flow_dst_last_pkt_time":1218021007698753,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1218021007698753,"l3_proto":"ip4","src_ip":"192.168.0.20","dst_ip":"192.168.0.241","src_port":36835,"dst_port":4712,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00557{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/ieee_c37118.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_src_last_pkt_time":1218021007698753,"flow_dst_last_pkt_time":1218021007698753,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1218021007698753,"pkt":"ADCnAA06AAlrk3uDCABFAAA846tAAEAG1LrAqAAUwKgA8Y\/jEmgIDYWkAAAAAKACFtAWCwAAAgQFtAQCCAoCxGYPAAAAAAEDAwY="}
00560{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/ieee_c37118.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_src_last_pkt_time":1218021007698753,"flow_dst_last_pkt_time":1218021007699989,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":78,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":78,"pkt_l4_len":44,"thread_ts_usec":1218021007699989,"pkt":"AAlrk3uDADCnAA06CABFAABAZWQAAEAGkv7AqADxwKgAFBJoj+PZe3k4CA2FpbASIfAmuQAAAgQFtAEDAwABAQQCAQEICnGgDcwCxGYP"}
00545{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"cfgs\/default\/pcap\/ieee_c37118.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":3,"flow_src_last_pkt_time":1218021007700023,"flow_dst_last_pkt_time":1218021007699989,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1218021007700023,"pkt":"ADCnAA06AAlrk3uDCABFAAA046xAAEAG1MHAqAAUwKgA8Y\/jEmgIDYWl2Xt5OYAQAFyJFwAAAQEICgLEZhBxoA3M"}
00569{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/ieee_c37118.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":4,"flow_src_last_pkt_time":1218021007700230,"flow_dst_last_pkt_time":1218021007699989,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":84,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":84,"pkt_l4_len":50,"thread_ts_usec":1218021007700230,"pkt":"ADCnAA06AAlrk3uDCABFAABG461AAEAG1K7AqAAUwKgA8Y\/jEmgIDYWl2Xt5OYAYAFwF4wAAAQEICgLEZhBxoA3MqkEAEgDxAAAAAAAAAAAABdfQ"}
00939{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/ieee_c37118.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1218021007698753,"flow_src_last_pkt_time":1218021007700230,"flow_dst_last_pkt_time":1218021007699989,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":18,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":18,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1218021007700230,"l3_proto":"ip4","src_ip":"192.168.0.20","dst_ip":"192.168.0.241","src_port":36835,"dst_port":4712,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"IEEE-C37118","proto_id":"367","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":31,"category":"IoT-Scada"}}
00544{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/ieee_c37118.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":5,"flow_src_last_pkt_time":1218021007700230,"flow_dst_last_pkt_time":1218021007701832,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1218021007701832,"pkt":"AAlrk3uDADCnAA06CABFAAA0ZWUAAEAGkwnAqADxwKgAFBJoj+PZe3k5CA2Ft4AQId5ngwAAAQEICnGgDcwCxGYQ"}
02186{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":32,"source":"cfgs\/default\/pcap\/ieee_c37118.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":14,"flow_dst_packets_processed":18,"flow_first_seen":1218021007698753,"flow_src_last_pkt_time":1218021007982488,"flow_dst_last_pkt_time":1218021007965319,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":18,"flow_dst_max_l4_payload_len":134,"flow_src_tot_l4_payload_len":36,"flow_dst_tot_l4_payload_len":890,"midstream":0,"thread_ts_usec":1218021007982488,"l3_proto":"ip4","src_ip":"192.168.0.20","dst_ip":"192.168.0.241","src_port":36835,"dst_port":4712,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":207,"avg":17751.6,"max":40001,"stddev":13277.6,"var":176295104.0,"ent":4.5,"data": [1236,1270,207,1843,699,2315,976,1753,1047,20120,38956,19861,2840,19920,19921,20016,39141,19972,20168,38019,19966,20020,40000,19866,22584,20167,20073,37505,19862,19977,40001]},"pktlen": {"min":52,"avg":81.6,"max":186,"stddev":31.5,"var":989.7,"ent":4.9,"data": [60,64,52,70,52,186,52,70,52,106,106,52,106,52,106,52,106,52,106,106,52,106,106,52,106,52,106,106,52,106,106,52]},"bins": {"c_to_s": [14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [3,14,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"directions": [0,1,0,0,1,1,0,0,1,1,1,0,1,0,1,0,1,0,1,1,0,1,1,0,1,0,1,1,0,1,1,0],"entropies": [4.496836185,5.048533440,4.931210041,4.651202679,4.969671726,4.443276405,4.931210041,4.690558434,4.969671249,5.657071114,5.579102516,4.969671249,5.555610657,4.969671726,5.699430466,4.969671726,5.692310333,5.008132935,5.652293205,5.602812290,4.931209564,5.597970963,5.583358288,4.931209564,5.605093002,4.931209564,5.657070637,5.635706902,5.008132935,5.642828465,5.594747066,5.008132935]},"ndpi": {"confidence": {"6":"DPI"},"proto":"IEEE-C37118","proto_id":"367","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":31,"category":"IoT-Scada"}}
00848{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":418,"source":"cfgs\/default\/pcap\/ieee_c37118.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","ndpi_api_version":11619,"size_per_flow":1408,"packets-captured":418,"packets-processed":417,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":13796,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":1,"total-detection-updates":0,"total-updates":0,"current-active-flows":1,"total-active-flows":1,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":11,"global_ts_usec":1218023578251598}
00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":418,"source":"cfgs\/default\/pcap\/ieee_c37118.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1218023578251598,"flow_src_last_pkt_time":1218023578251598,"flow_dst_last_pkt_time":1218023578251598,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":18,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":18,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":18,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1218023578251598,"l3_proto":"ip4","src_ip":"192.168.0.10","dst_ip":"192.168.0.60","src_port":4712,"dst_port":4713,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
00537{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":418,"source":"cfgs\/default\/pcap\/ieee_c37118.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_src_last_pkt_time":1218023578251598,"flow_dst_last_pkt_time":1218023578251598,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":26,"thread_ts_usec":1218023578251598,"pkt":"AKD0AaNIAB1gY4VACABFAAAualcAAIARTtHAqAAKwKgAPBJoEmkAGlB5qkEAEgA8SJmQmgA0LtUAAVYL"}
00939{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":418,"source":"cfgs\/default\/pcap\/ieee_c37118.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1218023578251598,"flow_src_last_pkt_time":1218023578251598,"flow_dst_last_pkt_time":1218023578251598,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":18,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":18,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":18,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1218023578251598,"l3_proto":"ip4","src_ip":"192.168.0.10","dst_ip":"192.168.0.60","src_port":4712,"dst_port":4713,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"IEEE-C37118","proto_id":"367","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":31,"category":"IoT-Scada"}}
00537{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":419,"source":"cfgs\/default\/pcap\/ieee_c37118.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":2,"flow_src_last_pkt_time":1218023578568431,"flow_dst_last_pkt_time":1218023578251598,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":26,"thread_ts_usec":1218023578568431,"pkt":"AKD0AaNIAB1gY4VACABFAAAuanwAAIARTqzAqAAKwKgAPBJoEmkAGpBdqkEAEgA8SJmQmgCQLhIABRaK"}
01016{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":420,"source":"cfgs\/default\/pcap\/ieee_c37118.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":3,"flow_src_last_pkt_time":1218023578568431,"flow_dst_last_pkt_time":1218023578569608,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":416,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":416,"pkt_l4_len":382,"thread_ts_usec":1218023578569608,"pkt":"AB1gY4VAAKD0AaNICABFAAGS1IQAAB4RRUDAqAA8wKgAChJpEmgBfnYHqjEBdgA8SJM3QwAH70AAD0JAAAFQTVUxICAgICAgICAgICAgAD0ABwADAAAAAVZBICAgICAgICAgICAgICBWQiAgICAgICAgICAgICAgVkMgICAgICAgICAgICAgIERpZyBDaGFubmVsIDEgICBEaWcgQ2hhbm5lbCAyICAgRGlnIENoYW5uZWwgMyAgIERpZyBDaGFubmVsIDQgICBEaWcgQ2hhbm5lbCA1ICAgRGlnIENoYW5uZWwgNiAgIERpZyBDaGFubmVsIDcgICBEaWcgQ2hhbm5lbCA4ICAgRGlnIENoYW5uZWwgOSAgIERpZyBDaGFubmVsIDEwICBEaWcgQ2hhbm5lbCAxMSAgRGlnIENoYW5uZWwgMTIgIERpZyBDaGFubmVsIDEzICBEaWcgQ2hhbm5lbCAxNCAgRGlnIENoYW5uZWwgMTUgIERpZyBDaGFubmVsIDE2ICAAAATEAAAExAAABMQAAAAAAAEAAQAygdI="}
00537{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":421,"source":"cfgs\/default\/pcap\/ieee_c37118.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":4,"flow_src_last_pkt_time":1218023578622812,"flow_dst_last_pkt_time":1218023578569608,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":26,"thread_ts_usec":1218023578622812,"pkt":"AKD0AaNIAB1gY4VACABFAAAuan8AAIARTqnAqAAKwKgAPBJoEmkAGq95qkEAEgA8SJmQmgCcLgEAAvd1"}
00578{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":422,"source":"cfgs\/default\/pcap\/ieee_c37118.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":5,"flow_src_last_pkt_time":1218023578622812,"flow_dst_last_pkt_time":1218023578629213,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":90,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":90,"pkt_l4_len":56,"thread_ts_usec":1218023578629213,"pkt":"AB1gY4VAAKD0AaNICABFAABM1IUAAB4RRoXAqAA8wKgAChJpEmgAOBdgqgEAMAA8SJM3QwAI2aAAAELIJ7m\/yJ7CQsfkeUAnrSdCyAURPwa+sAAAAAAAABqc"}
02190{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":449,"source":"cfgs\/default\/pcap\/ieee_c37118.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":29,"flow_first_seen":1218023578251598,"flow_src_last_pkt_time":1218023578622812,"flow_dst_last_pkt_time":1218023579169239,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":18,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":18,"flow_dst_max_l4_payload_len":374,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":1718,"midstream":0,"thread_ts_usec":1218023579169239,"l3_proto":"ip4","src_ip":"192.168.0.10","dst_ip":"192.168.0.60","src_port":4712,"dst_port":4713,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":19796,"avg":41576.0,"max":318010,"stddev":73009.0,"var":5330315264.0,"ent":3.9,"data": [316833,318010,54381,59605,20198,20004,19807,20001,20003,20201,19799,19994,20205,19798,20210,19796,20005,19991,20008,20200,19801,19996,20004,20000,20202,19800,20004,20000,20002,20201,19796]},"pktlen": {"min":46,"avg":83.4,"max":402,"stddev":57.9,"var":3351.1,"ent":4.8,"data": [46,46,402,46,76,76,76,76,76,76,76,76,76,76,76,76,76,76,76,76,76,76,76,76,76,76,76,76,76,76,76,76]},"bins": {"c_to_s": [3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [0,28,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"directions": [0,0,1,0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1],"entropies": [4.419025898,4.245112896,4.107680798,4.419026375,4.914726734,4.888411045,4.977291107,4.801239491,4.941042423,4.941042423,4.977291107,4.950975418,4.950975418,4.941042423,5.003606796,4.860224247,4.898343563,4.924659729,4.977291107,4.950975418,5.024288177,4.814043045,4.950975418,4.902923107,5.076920033,4.801239491,4.814043045,4.929238796,4.924659729,4.898343563,4.925475597,4.899159908]},"ndpi": {"confidence": {"6":"DPI"},"proto":"IEEE-C37118","proto_id":"367","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":31,"category":"IoT-Scada"}}
00989{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":778,"source":"cfgs\/default\/pcap\/ieee_c37118.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":159,"flow_dst_packets_processed":258,"flow_first_seen":1218021007698753,"flow_src_last_pkt_time":1218021012734335,"flow_dst_last_pkt_time":1218021012734317,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":18,"flow_dst_max_l4_payload_len":134,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":13742,"midstream":0,"thread_ts_usec":1218023585746411,"l3_proto":"ip4","src_ip":"192.168.0.20","dst_ip":"192.168.0.241","src_port":36835,"dst_port":4712,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"IEEE-C37118","proto_id":"367","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":31,"category":"IoT-Scada"}}
00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":778,"source":"cfgs\/default\/pcap\/ieee_c37118.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":357,"flow_first_seen":1218023578251598,"flow_src_last_pkt_time":1218023585746411,"flow_dst_last_pkt_time":1218023585729395,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":18,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":18,"flow_dst_max_l4_payload_len":374,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":17462,"midstream":0,"thread_ts_usec":1218023585746411,"l3_proto":"ip4","src_ip":"192.168.0.10","dst_ip":"192.168.0.60","src_port":4712,"dst_port":4713,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"IEEE-C37118","proto_id":"367","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":31,"category":"IoT-Scada"}}
00850{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":778,"source":"cfgs\/default\/pcap\/ieee_c37118.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","ndpi_api_version":11619,"size_per_flow":1408,"packets-captured":778,"packets-processed":778,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":31330,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":2,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":2,"total-idle-flows":2,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":22,"global_ts_usec":1218023585746411}
~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~
~~ packets captured/processed: 778/778
~~ skipped flows.............: 0
~~ total layer4 data length..: 31330 bytes
~~ total detected protocols..: 2
~~ total active/idle flows...: 2/2
~~ total timeout flows.......: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ total memory allocated....: 6679138 bytes
~~ total memory freed........: 6679138 bytes
~~ total allocations/frees...: 114927/114927
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ json message min len.......: 542 chars
~~ json message max len.......: 2195 chars
~~ json message avg len.......: 1367 chars
Powered by cgit, Themed by Ted Yin.