1
2
3
4
5
6
7
8
9
|
flow_datalink,l3_proto,src_ip,dst_ip,l4_proto,src_port,dst_port,flow_state,flow_src_packets_processed,flow_dst_packets_processed,flow_first_seen,flow_src_last_pkt_time,flow_dst_last_pkt_time,flow_src_min_l4_payload_len,flow_dst_min_l4_payload_len,flow_src_max_l4_payload_len,flow_dst_max_l4_payload_len,flow_src_tot_l4_payload_len,flow_dst_tot_l4_payload_len,midstream,iat_min,iat_avg,iat_max,iat_stddev,iat_var,iat_ent,iat_data,pktlen_min,pktlen_avg,pktlen_max,pktlen_stddev,pktlen_var,pktlen_ent,pktlen_data,bins_c_to_s,bins_s_to_c,directions,entropies,proto,proto_id,encrypted,breed,category,confidence_id,confidence,risks
1,ip4,10.0.2.15,75.133.101.93,tcp,50285,52367,finished,13,19,88704875,100541304,100658601,0,0,599,1460,1036,10762,0,68,767424.4,8796467,2113226.8,4465727373312.0,2.6,"111774,112031,223,580,122233,123811,1735,510239,510348,125373,7027,133055,508500,509079,643423,701863,8737919,8796467,643884,78,644721,118605,2969,121592,121581,84,121516,120907,68,120959,117511",40,409.2,1500,491.7,241767.6,4.1,"52,44,40,639,40,652,90,40,353,40,182,423,40,68,40,449,40,86,40,1500,1052,40,640,1488,40,1500,628,40,1500,628,40,640","9,2,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0","6,0,0,0,1,0,0,0,0,0,0,1,1,0,0,0,0,0,4,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0","0,1,0,0,1,1,0,1,0,1,1,1,0,0,1,1,0,0,1,1,1,0,1,1,0,1,1,0,1,1,0,1","4.585552692,4.823068142,4.680641651,5.822128773,4.621928692,5.725380421,5.587119579,4.671928883,7.096185207,4.621928692,6.667861462,7.368043423,4.680641651,5.340273857,4.621928692,7.401152134,4.780641556,5.582901478,4.621928692,7.849462032,7.784356117,4.730641365,7.643722534,7.861162663,4.730641365,7.864004135,7.644542217,4.680641174,7.856564045,7.631118298,4.680641174,7.673601151",Gnutella,35,0,Potentially Dangerous,Download,6,DPI,"22"
1,ip4,10.0.2.15,104.156.226.72,tcp,50284,53258,finished,16,16,88704150,101062565,101062734,0,0,600,1024,1062,6684,0,1,797322.6,8218469,1970792.9,3884024594432.0,2.9,"128313,128710,372,938,178629,178799,1,501219,501471,98390,140683,469376,511641,1190983,1233531,8175797,8218469,772334,828075,95677,89547,96875,110099,405396,409608,95445,89124,2830,63380,645,642",40,282.6,1064,381.8,145784.6,3.9,"52,44,40,640,40,668,90,40,353,40,574,40,68,40,442,40,86,40,1064,40,1064,40,1064,40,1064,40,1064,40,55,40,50,40","12,2,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0","8,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0","0,1,0,0,1,1,0,1,0,1,1,0,0,1,1,0,0,1,1,0,1,0,1,0,1,0,1,0,0,1,0,1","4.662476063,4.732159138,4.630641460,5.806861401,4.521928787,5.724582195,5.627513409,4.621928692,7.193869114,4.621928692,7.467946053,4.730641842,5.399097443,4.571928978,7.330091953,4.730641365,5.719189644,4.621928692,7.801183701,4.730641365,7.783223152,4.680641174,7.789729118,4.730641365,7.787688255,4.730641365,7.814134598,4.680641651,4.944017887,4.621928692,4.859469414,4.621928692",Gnutella,35,0,Potentially Dangerous,Download,6,DPI,"22"
1,ip4,10.0.2.15,104.238.172.250,tcp,50312,23548,finished,16,16,90745963,101065402,101065057,0,0,601,628,1115,1487,0,346,665759.1,8692014,2110974.0,4456211546112.0,1.9,"30928,31210,439,818,29157,31647,2471,501745,502012,17074,17362,35097,479690,480352,544167,592641,8643736,8692014,619,570,563,598,427,387,461,428,346,360,379,396,439",40,121.8,668,170.0,28912.7,4.1,"52,44,40,641,40,668,90,40,353,40,182,370,40,67,40,427,40,94,40,50,40,50,40,50,40,50,40,50,40,50,40,50","12,2,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0","12,0,0,0,1,0,0,0,0,0,1,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0","0,1,0,0,1,1,0,1,0,1,1,1,0,0,1,1,0,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0","4.492582321,4.720129013,4.521928787,5.809185505,4.508695602,5.773917675,5.619303703,4.558695793,7.143177032,4.389823914,6.687948704,7.327623844,4.671928406,5.289166927,4.558695793,7.411965370,4.621928692,5.812307358,4.489823818,4.722780704,4.489823818,4.682780743,4.489823818,4.722780704,4.489823818,4.722780704,4.439823627,4.722780704,4.489823818,4.722780704,4.489823818,4.642780781",Gnutella,35,0,Potentially Dangerous,Download,6,DPI,"22"
1,ip4,10.0.2.15,188.61.52.183,tcp,50300,11852,finished,16,16,90742816,121143186,117002254,0,0,599,1460,1696,3374,0,49,1827735.8,13801588,3934254.5,15478358540288.0,2.8,"17190,17418,3506,3946,14197,14999,687,2797,2855,25798,49,26144,8990,9323,15893,71757,495574,483536,221196,265159,15579,77266,487598,467678,9468962,9510672,13760964,13801588,1593559,1633954,4140974",40,198.9,1500,294.0,86413.1,4.0,"52,44,40,639,40,699,111,40,304,40,1500,180,40,166,40,91,40,219,40,404,40,387,40,507,40,115,40,111,40,176,40,101","8,1,2,1,1,0,0,0,1,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0","8,1,1,0,1,1,0,0,0,0,1,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0","0,1,0,0,1,1,0,1,0,1,1,1,0,0,1,1,0,1,0,0,1,1,0,1,0,0,1,1,0,0,1,0","4.624014378,4.823068142,4.780641079,5.806199551,4.621928692,5.719610691,5.576837540,4.671928883,5.283092022,4.671928883,7.655467510,6.721651554,4.721928596,6.328861237,4.558695793,5.166602612,4.830641270,6.855683327,4.780641556,7.482919216,4.671928883,7.395811558,4.730640888,7.500388622,4.830641270,5.985765934,4.621928692,5.830484867,4.830641270,6.691635132,4.621928692,5.872485161",Gnutella,35,0,Potentially Dangerous,Download,6,DPI,"22"
1,ip4,10.0.2.15,109.214.154.216,tcp,50248,6346,finished,14,18,71205274,117002547,132821508,0,0,304,1024,705,2420,0,1091,3464951.8,22684647,6255594.5,39132462055424.0,3.3,"399865,400165,2576,3065,879170,880284,1091,343284,15848,359592,3003,2180,5087,145122,145627,10048654,10048652,469496,2676,472723,3557750,3604090,6175326,6222212,413766,464528,22633783,22684647,605343,604983,15818919",40,138.2,1064,217.4,47264.8,4.0,"52,44,40,344,40,323,143,40,118,762,40,53,58,40,149,40,104,40,1064,45,40,122,40,70,40,213,40,52,40,123,40,62","9,0,2,2,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0","12,0,2,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0","0,1,0,0,1,1,0,1,1,1,0,1,1,0,0,1,0,1,1,1,0,1,0,0,1,1,0,0,1,0,1,1","4.638531685,4.760457039,4.611769199,5.768550396,4.503056526,5.575543404,5.615631580,4.553056717,5.640929699,7.709812641,4.680641174,4.708038807,4.874885082,4.592897415,6.317804813,4.453056812,5.923436165,4.453056812,7.776337624,4.335103989,4.830641270,6.163827896,4.780641556,5.454720020,4.621928692,6.573338509,4.730640888,4.776329994,4.621928692,6.159438610,4.571928978,4.925578117",Gnutella,35,0,Potentially Dangerous,Download,6,DPI,"22"
1,ip4,10.0.2.15,86.208.180.181,tcp,50249,45883,finished,16,16,71205609,187576304,187064352,0,0,303,1065,713,3012,0,276,7491272.5,55455380,14262251.0,203411798622208.0,3.2,"106993,107336,276,805,178388,179820,1439,41004,98031,375723,432936,10046845,10046768,42293,94463,6595038,6594815,3591919,3643921,39217,93460,24009088,24063297,605105,604823,14641110,23768,14665256,55396943,55455380,453178",40,156.9,1105,244.6,59812.5,4.0,"52,44,40,343,40,323,143,40,912,40,149,40,104,40,1105,40,200,40,70,40,189,40,52,40,123,40,64,489,40,50,40,49","11,0,2,2,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0","10,0,0,0,1,1,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0","0,1,0,0,1,1,0,1,1,0,0,1,0,1,1,0,1,0,0,1,1,0,0,1,0,1,1,1,0,1,0,0","4.624014378,4.624093533,4.730641365,5.758390427,4.553056717,5.558244705,5.696007252,4.621928692,7.730160713,4.830641270,6.349717140,4.521929264,5.981128693,4.571928978,7.767892838,4.780641556,6.727245331,4.730641365,5.454720020,4.603056908,6.642654419,4.780641079,4.853253365,4.671928883,6.256999493,4.671928883,5.061660290,7.508594036,4.830641270,4.642780781,4.780641556,4.618614674",Gnutella,35,0,Potentially Dangerous,Download,6,DPI,"22"
timestamp,json_lines,json_bytes,flow_src_total_bytes,flow_dst_total_bytes,flow_new_count,flow_end_count,flow_idle_count,flow_update_count,flow_analyse_count,flow_guessed_count,flow_detected_count,flow_detection_update_count,flow_not_detected_count,flow_risky_count,packet_count,packet_flow_count,init_count,reconnect_count,shutdown_count,status_count,error_unknown_datalink,error_unknown_l3_protocol,error_unsupported_datalink,error_packet_too_short,error_packet_type_unknown,error_packet_header_invalid,error_ip4_packet_too_short,error_ip4_size_smaller_than_header,error_ip4_l4_payload_detection,error_ip6_packet_too_short,error_ip6_size_smaller_than_header,error_ip6_l4_payload_detection,error_tcp_packet_too_short,error_udp_packet_too_short,error_capture_size_smaller_than_packet,error_max_flows_to_track,error_flow_memory_alloc,flow_state_info,flow_state_finished,flow_breed_safe_count,flow_breed_acceptable_count,flow_breed_fun_count,flow_breed_unsafe_count,flow_breed_potentially_dangerous_count,flow_breed_tracker_ads_count,flow_breed_dangerous_count,flow_breed_unrated_count,flow_breed_unknown_count,flow_category_unspecified_count,flow_category_media_count,flow_category_vpn_count,flow_category_email_count,flow_category_data_transfer_count,flow_category_web_count,flow_category_social_network_count,flow_category_download_count,flow_category_game_count,flow_category_chat_count,flow_category_voip_count,flow_category_database_count,flow_category_remote_access_count,flow_category_cloud_count,flow_category_network_count,flow_category_collaborative_count,flow_category_rpc_count,flow_category_streaming_count,flow_category_system_count,flow_category_software_update_count,flow_category_music_count,flow_category_video_count,flow_category_shopping_count,flow_category_productivity_count,flow_category_file_sharing_count,flow_category_conn_check_count,flow_category_iot_scada_count,flow_category_virt_assistant_count,flow_category_cybersecurity_count,flow_category_adult_content_count,flow_category_mining_count,flow_category_malware_count,flow_category_advertisment_count,flow_category_banned_site_count,flow_category_site_unavail_count,flow_category_allowed_site_count,flow_category_antimalware_count,flow_category_crypto_currency_count,flow_category_gambling_count,flow_category_unknown_count,flow_confidence_by_port,flow_confidence_dpi_partial,flow_confidence_dpi_partial_cache,flow_confidence_dpi_cache,flow_confidence_dpi,flow_confidence_nbpf,flow_confidence_by_ip,flow_confidence_dpi_aggressive,flow_confidence_custom_rule,flow_confidence_unknown,flow_severity_low,flow_severity_medium,flow_severity_high,flow_severity_severe,flow_severity_critical,flow_severity_emergency,flow_severity_unknown,flow_l3_ip4_count,flow_l3_ip6_count,flow_l3_other_count,flow_l4_tcp_count,flow_l4_udp_count,flow_l4_icmp_count,flow_l4_other_count,flow_active_count,flow_detected_count,flow_guessed_count,flow_not_detected_count,flow_risk_1_count,flow_risk_2_count,flow_risk_3_count,flow_risk_4_count,flow_risk_5_count,flow_risk_6_count,flow_risk_7_count,flow_risk_8_count,flow_risk_9_count,flow_risk_10_count,flow_risk_11_count,flow_risk_12_count,flow_risk_13_count,flow_risk_14_count,flow_risk_15_count,flow_risk_16_count,flow_risk_17_count,flow_risk_18_count,flow_risk_19_count,flow_risk_20_count,flow_risk_21_count,flow_risk_22_count,flow_risk_23_count,flow_risk_24_count,flow_risk_25_count,flow_risk_26_count,flow_risk_27_count,flow_risk_28_count,flow_risk_29_count,flow_risk_30_count,flow_risk_31_count,flow_risk_32_count,flow_risk_33_count,flow_risk_34_count,flow_risk_35_count,flow_risk_36_count,flow_risk_37_count,flow_risk_38_count,flow_risk_39_count,flow_risk_40_count,flow_risk_41_count,flow_risk_42_count,flow_risk_43_count,flow_risk_44_count,flow_risk_45_count,flow_risk_46_count,flow_risk_47_count,flow_risk_48_count,flow_risk_49_count,flow_risk_50_count,flow_risk_51_count,flow_risk_52_count,flow_risk_53_count,flow_risk_54_count,flow_risk_55_count,flow_risk_56_count,flow_risk_unknown_count
0,6866,5760560,149308,234286,801,66,735,2519,6,1,401,5,399,361,1,1928,1,0,1,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,405,396,1,42,0,0,356,0,2,0,0,0,0,0,0,0,1,0,356,0,0,0,0,0,0,32,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,401,0,0,0,0,0,364,8,0,0,0,0,0,787,14,0,137,653,5,6,801,401,1,399,0,0,0,0,0,7,1,0,0,1,0,0,5,0,0,2,0,0,0,0,0,0,358,0,2,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0
|