1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
|
DAEMON-EVENT: init
DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
new: [.....1] [ip4][..tcp] [.192.168.242.15][63340] -> [..35.174.82.237][11095] [MIDSTREAM]
DAEMON-EVENT: [Processed: 30 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
analyse: [.....1] [ip4][..tcp] [.192.168.242.15][63340] -> [..35.174.82.237][11095]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.061| 60.122| 38.821| 28.558|815563555.209| 0.000]
[PKTLEN......: 54.000| 60.000| 57.000| 3.000| 9.000| 5.000]
[BINS(c->s)..: 16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,1,1,0,0,1,0,1,1,0,0,1,0,1,1,0,0,1,0,1,1,0,0,1,0,1,1,0,0,1]
[IATS(ms)....: 60.8,60066.5,60071.0,444.6,512.2,60052.4,60122.1,60064.1,60058.5,139.4,204.1,59876.0,59944.8,60065.8,60071.7,305.5,379.3,59710.1,59782.3,60066.2,60065.0,470.7,541.9,60021.2,60097.0,60072.0,60059.9,163.5,227.3,59834.0,59896.7,0.0]
[PKTLENS.....: 60,54,60,54,54,60,60,54,60,54,54,60,60,54,60,54,54,60,60,54,60,54,54,60,60,54,60,54,54,60,60,54]
guessed: [.....1] [ip4][..tcp] [.192.168.242.15][63340] -> [..35.174.82.237][11095] [NestLogSink.AmazonAWS][Cloud][Acceptable]
detected: [.....1] [ip4][..tcp] [.192.168.242.15][63340] -> [..35.174.82.237][11095] [NestLogSink.AmazonAWS][Cloud][Acceptable]
DAEMON-EVENT: [Processed: 60 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 1|detection-updates: 0|updates: 0]
new: [.....2] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53]
detected: [.....2] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Network][Acceptable]
detection-update: [.....2] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Network][Acceptable]
new: [.....3] [ip4][..tcp] [.192.168.242.15][63342] -> [.35.188.154.186][11095]
detected: [.....3] [ip4][..tcp] [.192.168.242.15][63342] -> [.35.188.154.186][11095] [NestLogSink][Cloud][Acceptable]
analyse: [.....3] [ip4][..tcp] [.192.168.242.15][63342] -> [.35.188.154.186][11095] [NestLogSink][Cloud][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 1.491| 0.199| 0.354|125081.829| 0.000]
[PKTLEN......: 54.000| 733.000| 255.900| 219.800|48330.300| 4.500]
[BINS(c->s)..: 4,1,1,0,0,0,0,0,0,0,0,0,0,0,10,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 4,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,1,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,0,1,0]
[IATS(ms)....: 69.7,72.2,635.6,708.3,5.3,110.8,1347.4,1490.6,118.0,84.3,0.1,88.9,80.3,82.8,83.4,80.0,80.0,80.2,79.6,79.6,80.9,81.4,80.7,80.0,79.3,79.3,79.9,72.2,8.5,80.0,81.8,0.0]
[PKTLENS.....: 60,58,60,585,54,733,60,106,54,124,54,111,509,109,509,109,509,109,509,109,509,109,509,109,509,109,509,109,60,509,109,509]
new: [.....4] [ip4][..tcp] [.192.168.242.15][63343] -> [..35.174.82.237][11095]
detected: [.....4] [ip4][..tcp] [.192.168.242.15][63343] -> [..35.174.82.237][11095] [NestLogSink][Cloud][Acceptable]
new: [.....5] [ip4][..tcp] [.192.168.242.15][63344] -> [.35.188.154.186][11095]
detected: [.....5] [ip4][..tcp] [.192.168.242.15][63344] -> [.35.188.154.186][11095] [NestLogSink][Cloud][Acceptable]
update: [.....2] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Network][Acceptable]
analyse: [.....4] [ip4][..tcp] [.192.168.242.15][63343] -> [..35.174.82.237][11095] [NestLogSink][Cloud][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.007| 60.078| 8.258| 19.898|395938807.939| 0.000]
[PKTLEN......: 54.000| 731.000| 181.000| 184.800|34140.600| 4.400]
[BINS(c->s)..: 9,1,0,1,0,3,0,0,0,1,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 7,2,0,0,1,3,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,1,1,0,1,0,0,1,0,1,0,1,0,1,0,0,1,0,0,1,0,1,1]
[IATS(ms)....: 64.1,66.7,638.8,711.0,16.5,201.4,1246.7,1463.2,104.9,69.4,22.0,94.7,71.2,78.1,7.1,87.2,75.8,84.5,84.3,76.4,307.3,280.7,43.3,5019.6,5092.3,178.8,59560.5,59727.7,60063.8,60077.6,375.9,0.0]
[PKTLENS.....: 60,58,60,585,54,731,60,106,54,458,54,114,176,683,60,234,220,234,204,234,215,60,215,60,346,116,60,60,54,60,54,54]
end: [.....1] [ip4][..tcp] [.192.168.242.15][63340] -> [..35.174.82.237][11095] [NestLogSink.AmazonAWS][Cloud][Acceptable]
end: [.....3] [ip4][..tcp] [.192.168.242.15][63342] -> [.35.188.154.186][11095] [NestLogSink][Cloud][Acceptable]
end: [.....5] [ip4][..tcp] [.192.168.242.15][63344] -> [.35.188.154.186][11095] [NestLogSink][Cloud][Acceptable]
update: [.....2] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Network][Acceptable]
DAEMON-EVENT: [Processed: 215 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 2 / 5|skipped: 0|!detected: 0|guessed: 1|detection-updates: 1|updates: 2]
idle: [.....2] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Network][Acceptable]
DAEMON-EVENT: [Processed: 245 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 1 / 5|skipped: 0|!detected: 0|guessed: 1|detection-updates: 1|updates: 2]
DAEMON-EVENT: [Processed: 275 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 1 / 5|skipped: 0|!detected: 0|guessed: 1|detection-updates: 1|updates: 2]
new: [.....6] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53]
detected: [.....6] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Network][Acceptable]
detection-update: [.....6] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Network][Acceptable]
new: [.....7] [ip4][..tcp] [.192.168.242.15][63345] -> [.35.188.154.186][11095]
detected: [.....7] [ip4][..tcp] [.192.168.242.15][63345] -> [.35.188.154.186][11095] [NestLogSink][Cloud][Acceptable]
analyse: [.....7] [ip4][..tcp] [.192.168.242.15][63345] -> [.35.188.154.186][11095] [NestLogSink][Cloud][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 1.478| 0.186| 0.338|114146.574| 0.000]
[PKTLEN......: 54.000| 732.000| 255.900| 219.700|48280.000| 4.500]
[BINS(c->s)..: 4,1,1,0,0,0,0,0,0,0,0,0,0,0,10,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 4,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,1,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,0,1,0]
[IATS(ms)....: 61.0,66.3,638.6,696.7,5.2,274.7,1166.9,1477.5,96.3,57.0,0.0,69.6,64.9,63.5,66.2,66.3,63.9,64.1,63.9,63.8,65.2,65.0,63.2,63.3,64.2,64.1,63.8,54.1,11.8,65.2,63.5,0.0]
[PKTLENS.....: 60,58,60,584,54,732,60,106,54,124,54,111,509,109,509,109,509,109,509,109,509,109,509,109,509,109,509,109,60,509,109,509]
new: [.....8] [ip4][..tcp] [.192.168.242.15][63346] -> [..35.174.82.237][11095]
detected: [.....8] [ip4][..tcp] [.192.168.242.15][63346] -> [..35.174.82.237][11095] [NestLogSink][Cloud][Acceptable]
new: [.....9] [ip4][..tcp] [.192.168.242.15][63347] -> [.35.188.154.186][11095]
detected: [.....9] [ip4][..tcp] [.192.168.242.15][63347] -> [.35.188.154.186][11095] [NestLogSink][Cloud][Acceptable]
update: [.....6] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Network][Acceptable]
end: [.....4] [ip4][..tcp] [.192.168.242.15][63343] -> [..35.174.82.237][11095] [NestLogSink][Cloud][Acceptable]
end: [.....7] [ip4][..tcp] [.192.168.242.15][63345] -> [.35.188.154.186][11095] [NestLogSink][Cloud][Acceptable]
end: [.....9] [ip4][..tcp] [.192.168.242.15][63347] -> [.35.188.154.186][11095] [NestLogSink][Cloud][Acceptable]
update: [.....6] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Network][Acceptable]
analyse: [.....8] [ip4][..tcp] [.192.168.242.15][63346] -> [..35.174.82.237][11095] [NestLogSink][Cloud][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.007| 60.066| 10.038| 21.842|477077551.710| 0.000]
[PKTLEN......: 54.000| 731.000| 176.200| 185.800|34538.800| 4.400]
[BINS(c->s)..: 10,1,0,1,0,3,0,0,0,1,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 7,2,0,0,1,2,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,1,1,0,1,0,0,1,0,1,0,1,0,0,1,0,0,1,0,1,1,0,0]
[IATS(ms)....: 66.2,68.9,635.0,702.4,15.4,246.0,1210.6,1481.6,108.8,76.2,16.8,97.4,71.0,72.8,6.7,85.9,79.2,75.8,75.0,77.2,97.4,2619.5,2881.1,371.8,59569.0,59778.5,60066.0,60063.7,377.5,447.3,59622.6,0.0]
[PKTLENS.....: 60,58,60,585,54,731,60,106,54,458,54,114,176,683,60,234,220,234,204,234,215,60,346,116,60,60,54,60,54,54,60,60]
idle: [.....6] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Network][Acceptable]
DAEMON-EVENT: [Processed: 424 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 1 / 9|skipped: 0|!detected: 0|guessed: 1|detection-updates: 2|updates: 4]
DAEMON-EVENT: [Processed: 452 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 1 / 9|skipped: 0|!detected: 0|guessed: 1|detection-updates: 2|updates: 4]
new: [....10] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53]
detected: [....10] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Network][Acceptable]
detection-update: [....10] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Network][Acceptable]
new: [....11] [ip4][..tcp] [.192.168.242.15][63348] -> [.35.188.154.186][11095]
detected: [....11] [ip4][..tcp] [.192.168.242.15][63348] -> [.35.188.154.186][11095] [NestLogSink][Cloud][Acceptable]
analyse: [....11] [ip4][..tcp] [.192.168.242.15][63348] -> [.35.188.154.186][11095] [NestLogSink][Cloud][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 1.475| 0.185| 0.337|113653.596| 0.000]
[PKTLEN......: 54.000| 732.000| 255.900| 219.700|48280.000| 4.500]
[BINS(c->s)..: 4,1,1,0,0,0,0,0,0,0,0,0,0,0,10,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 4,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,1,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,0,1,0]
[IATS(ms)....: 56.8,63.4,631.1,692.5,5.0,275.3,1167.1,1475.0,94.9,57.0,0.0,68.3,63.6,63.6,63.3,63.5,64.3,71.1,70.3,64.3,64.5,64.0,64.3,64.3,63.7,63.2,62.9,53.1,10.8,65.0,64.0,0.0]
[PKTLENS.....: 60,58,60,584,54,732,60,106,54,124,54,111,509,109,509,109,509,109,509,109,509,109,509,109,509,109,509,109,60,509,109,509]
new: [....12] [ip4][..tcp] [.192.168.242.15][63349] -> [..35.174.82.237][11095]
detected: [....12] [ip4][..tcp] [.192.168.242.15][63349] -> [..35.174.82.237][11095] [NestLogSink][Cloud][Acceptable]
update: [....10] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Network][Acceptable]
end: [.....8] [ip4][..tcp] [.192.168.242.15][63346] -> [..35.174.82.237][11095] [NestLogSink][Cloud][Acceptable]
end: [....11] [ip4][..tcp] [.192.168.242.15][63348] -> [.35.188.154.186][11095] [NestLogSink][Cloud][Acceptable]
update: [....10] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Network][Acceptable]
idle: [....10] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Network][Acceptable]
analyse: [....12] [ip4][..tcp] [.192.168.242.15][63349] -> [..35.174.82.237][11095] [NestLogSink][Cloud][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.004| 60.116| 15.667| 26.142|683403720.524| 0.000]
[PKTLEN......: 54.000| 732.000| 159.100| 181.000|32752.900| 4.300]
[BINS(c->s)..: 10,1,0,1,0,2,1,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 9,2,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,1,1,0,1,0,0,1,0,0,1,0,1,0,0,1,0,1,0,1,0,1,1]
[IATS(ms)....: 65.1,68.1,678.4,747.3,17.5,94.7,1396.4,1507.7,104.4,70.6,14.5,87.7,68.9,73.0,7.0,83.6,72.6,4.3,74.3,110.5,112.2,137.1,59606.1,59757.9,60076.8,60061.1,60093.4,60092.4,60108.1,60116.2,184.2,0.0]
[PKTLENS.....: 60,58,60,584,54,732,60,106,54,258,54,114,176,683,60,234,204,60,234,215,346,116,60,60,54,60,54,60,54,60,54,54]
DAEMON-EVENT: [Processed: 562 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 1 / 12|skipped: 0|!detected: 0|guessed: 1|detection-updates: 3|updates: 6]
new: [....13] [ip4][..tcp] [.192.168.242.15][63350] -> [..35.174.82.237][11095]
detected: [....13] [ip4][..tcp] [.192.168.242.15][63350] -> [..35.174.82.237][11095] [NestLogSink][Cloud][Acceptable]
end: [....12] [ip4][..tcp] [.192.168.242.15][63349] -> [..35.174.82.237][11095] [NestLogSink][Cloud][Acceptable]
new: [....14] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53]
detected: [....14] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Network][Acceptable]
detection-update: [....14] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Network][Acceptable]
new: [....15] [ip4][..tcp] [.192.168.242.15][63351] -> [.35.188.154.186][11095]
detected: [....15] [ip4][..tcp] [.192.168.242.15][63351] -> [.35.188.154.186][11095] [NestLogSink][Cloud][Acceptable]
analyse: [....15] [ip4][..tcp] [.192.168.242.15][63351] -> [.35.188.154.186][11095] [NestLogSink][Cloud][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 1.484| 0.189| 0.353|124509.217| 0.000]
[PKTLEN......: 54.000| 733.000| 255.900| 219.800|48309.800| 4.500]
[BINS(c->s)..: 4,1,1,0,0,0,0,0,0,0,0,0,0,0,10,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 4,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,1,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,0,1,0]
[IATS(ms)....: 55.5,58.1,637.6,698.6,8.3,132.5,1319.8,1484.0,100.9,62.4,0.0,73.7,66.3,66.1,64.4,70.8,72.5,66.2,63.7,65.4,67.1,65.6,63.5,64.0,64.9,67.0,66.2,76.4,5.2,82.4,64.4,0.0]
[PKTLENS.....: 60,58,60,584,54,733,60,106,54,124,54,111,509,109,509,109,509,109,509,109,509,109,509,109,509,109,509,109,60,509,109,509]
new: [....16] [ip4][..tcp] [.192.168.242.15][63352] -> [..35.174.82.237][11095]
analyse: [....13] [ip4][..tcp] [.192.168.242.15][63350] -> [..35.174.82.237][11095] [NestLogSink][Cloud][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.001| 60.156| 9.910| 20.689|428051338.887| 0.000]
[PKTLEN......: 54.000| 731.000| 161.100| 180.100|32452.700| 4.400]
[BINS(c->s)..: 10,2,0,1,0,2,1,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 8,2,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,1,1,0,1,0,0,1,0,1,0,0,1,0,0,1,1,0,0,1,0,0,1]
[IATS(ms)....: 68.6,72.2,634.4,701.9,15.9,150.9,1314.3,1491.3,109.2,71.0,18.0,93.5,70.2,72.1,7.2,80.0,74.1,77.1,76.5,41.6,115.5,208.5,59946.9,60155.8,60057.7,60124.3,30586.0,30652.9,66.9,1.3,68.3,0.0]
[PKTLENS.....: 60,58,60,585,54,731,60,106,54,258,54,114,176,683,60,234,204,234,215,60,346,116,60,60,54,54,60,116,54,60,60,54]
detected: [....16] [ip4][..tcp] [.192.168.242.15][63352] -> [..35.174.82.237][11095] [NestLogSink][Cloud][Acceptable]
new: [....17] [ip4][..tcp] [.192.168.242.15][63353] -> [.35.188.154.186][11095]
detected: [....17] [ip4][..tcp] [.192.168.242.15][63353] -> [.35.188.154.186][11095] [NestLogSink][Cloud][Acceptable]
update: [....14] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Network][Acceptable]
end: [....13] [ip4][..tcp] [.192.168.242.15][63350] -> [..35.174.82.237][11095] [NestLogSink][Cloud][Acceptable]
end: [....15] [ip4][..tcp] [.192.168.242.15][63351] -> [.35.188.154.186][11095] [NestLogSink][Cloud][Acceptable]
end: [....17] [ip4][..tcp] [.192.168.242.15][63353] -> [.35.188.154.186][11095] [NestLogSink][Cloud][Acceptable]
update: [....14] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Network][Acceptable]
analyse: [....16] [ip4][..tcp] [.192.168.242.15][63352] -> [..35.174.82.237][11095] [NestLogSink][Cloud][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.005| 60.173| 10.045| 21.954|481957439.865| 0.000]
[PKTLEN......: 54.000| 730.000| 176.200| 185.800|34529.800| 4.400]
[BINS(c->s)..: 10,1,0,1,0,3,0,0,0,1,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 7,2,0,0,1,2,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,1,1,0,1,0,0,1,0,1,0,1,0,0,1,0,0,1,0,1,0,1,0]
[IATS(ms)....: 65.3,67.8,637.5,709.8,18.7,293.4,1174.5,1482.0,109.1,72.2,18.0,90.8,70.3,73.2,8.7,96.5,87.7,75.9,79.0,77.4,126.7,2595.7,2731.0,150.4,59910.8,60056.8,60173.1,60107.0,4.7,60.6,60165.3,0.0]
[PKTLENS.....: 60,58,60,586,54,730,60,106,54,458,54,114,176,683,60,234,220,234,204,234,215,60,346,116,60,60,54,60,54,60,54,60]
idle: [....14] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Network][Acceptable]
DAEMON-EVENT: [Processed: 713 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 1 / 17|skipped: 0|!detected: 0|guessed: 1|detection-updates: 4|updates: 8]
DAEMON-EVENT: [Processed: 743 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 1 / 17|skipped: 0|!detected: 0|guessed: 1|detection-updates: 4|updates: 8]
DAEMON-EVENT: [Processed: 773 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 1 / 17|skipped: 0|!detected: 0|guessed: 1|detection-updates: 4|updates: 8]
idle: [....16] [ip4][..tcp] [.192.168.242.15][63352] -> [..35.174.82.237][11095] [NestLogSink][Cloud][Acceptable]
DAEMON-EVENT: shutdown
|