aboutsummaryrefslogtreecommitdiff
path: root/test/results/http-lines-split.pcap.out
blob: 6e0ff6fde1d570010d54ed74156e67ef56217308 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30

00484{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"http-lines-split.pcap","alias":"nDPId-test","max-flows-per-thread":2048,"max-idle-flows-per-thread":256,"tick-resolution":1000,"reader-thread-count":1,"idle-scan-period":10000,"generic-max-idle-time":600000,"icmp-max-idle-time":30000,"udp-max-idle-time":180000,"tcp-max-idle-time":7440000,"tcp-max-post-end-flow-time":120000,"max-packets-per-flow-to-send":15,"max-packets-per-flow-to-process":255}
00489{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"http-lines-split.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_first_seen":1593713340401,"flow_last_seen":0,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.0.1","dst_ip":"192.168.0.20","src_port":39236,"dst_port":31337,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15}
00431{"flow_id":1,"flow_packet_id":1,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"http-lines-split.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1593713340,"pkt_ts_usec":401681,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"pkt":"ABjzZLGIYDjgxTWgCABFAAA0t6tAAHkGyLLAqAABwKgAFJlEemkrolmxAAAAAIAC+vBZugAAAgQFtAEBBAIBAwMG"}
00432{"flow_id":1,"flow_packet_id":2,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"http-lines-split.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1593713340,"pkt_ts_usec":401724,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"pkt":"YDjgxTWgABjzZLGICABFAAA0AABAALIGR17AqAAUwKgAAXppmUT8ca\/AK6JZsoAS+vCBjAAAAgQFtAEBBAIBAwMH"}
00424{"flow_id":1,"flow_packet_id":3,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"http-lines-split.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1593713340,"pkt_ts_usec":401990,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":20,"pkt":"ABjzZLGIYDjgxTWgCABFAAAot6xAAHkGyL3AqAABwKgAFJlEemkrolmy\/HGvwVAQA+zlTAAAAAAAAAAA"}
00469{"flow_id":1,"flow_packet_id":4,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4,"source":"http-lines-split.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1593713340,"pkt_ts_usec":402042,"pkt_caplen":92,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":92,"pkt_l4_len":58,"pkt":"ABjzZLGIYDjgxTWgCABFAABOt61AAHkGyJbAqAABwKgAFJlEemkrolmy\/HGvwVAYA+z\/KAAAR0VUIC8gSFRUUC8xLjENCkhvc3Q6IHRvbmkubGFuOjMxMzM3DQo="}
00688{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":4,"source":"http-lines-split.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":4,"flow_first_seen":1593713340401,"flow_last_seen":1593713340402,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":38,"flow_tot_l4_payload_len":38,"flow_avg_l4_payload_len":9,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.0.1","dst_ip":"192.168.0.20","src_port":39236,"dst_port":31337,"l4_proto":"tcp","ndpi": {"flow_risk": {"5":"Known protocol on non standard port"},"proto":"HTTP","breed":"Acceptable","category":"Web"},"http": {"hostname":"toni.lan","url":"toni.lan:31337\/","code":0,"content_type":"","user_agent":""}}
00416{"flow_id":1,"flow_packet_id":5,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5,"source":"http-lines-split.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1593713340,"pkt_ts_usec":402061,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"pkt":"YDjgxTWgABjzZLGICABFAAAoPVdAALIGChPAqAAUwKgAAXppmUT8ca\/BK6JZ2FAQAfaBgAAA"}
00456{"flow_id":1,"flow_packet_id":6,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6,"source":"http-lines-split.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1593713340,"pkt_ts_usec":402236,"pkt_caplen":83,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":83,"pkt_l4_len":49,"pkt":"ABjzZLGIYDjgxTWgCABFAABFt65AAHkGyJ7AqAABwKgAFJlEemkrolnY\/HGvwVAYA+zalAAAVXNlci1BZ2VudDogdWNsaWVudC1mZXRjaA0KDQo="}
00416{"flow_id":1,"flow_packet_id":7,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7,"source":"http-lines-split.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1593713340,"pkt_ts_usec":402249,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"pkt":"YDjgxTWgABjzZLGICABFAAAoPVhAALIGChLAqAAUwKgAAXppmUT8ca\/BK6JZ9VAQAfaBgAAA"}
00440{"flow_id":1,"flow_packet_id":8,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":8,"source":"http-lines-split.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1593713340,"pkt_ts_usec":403665,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"pkt":"YDjgxTWgABjzZLGICABFAAA5PVlAALIGCgDAqAAUwKgAAXppmUT8ca\/BK6JZ9VAYAfaBkQAASFRUUC8xLjAgMjAwIE9LDQo="}
02370{"flow_id":1,"flow_packet_id":9,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":9,"source":"http-lines-split.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1593713340,"pkt_ts_usec":403827,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"pkt":"YDjgxTWgABjzZLGICABFAAXcPVpAALIGBFzAqAAUwKgAAXppmUT8ca\/SK6JZ9VAQAfaHNAAAU2VydmVyOiBTaW1wbGVIVFRQLzAuNiBQeXRob24vMi43LjE2DQpEYXRlOiBUaHUsIDAyIEp1bCAyMDIwIDE4OjA5OjAwIEdNVA0KQ29udGVudC10eXBlOiB0ZXh0L2h0bWw7IGNoYXJzZXQ9VVRGLTgNCkNvbnRlbnQtTGVuZ3RoOiAxNDc2DQoNCjwhRE9DVFlQRSBodG1sIFBVQkxJQyAiLS8vVzNDLy9EVEQgSFRNTCAzLjIgRmluYWwvL0VOIj48aHRtbD4KPHRpdGxlPkRpcmVjdG9yeSBsaXN0aW5nIGZvciAvPC90aXRsZT4KPGJvZHk+CjxoMj5EaXJlY3RvcnkgbGlzdGluZyBmb3IgLzwvaDI+Cjxocj4KPHVsPgo8bGk+PGEgaHJlZj0iLmdkYl9oaXN0b3J5Ij4uZ2RiX2hpc3Rvcnk8L2E+CjxsaT48YSBocmVmPSIuZ2l0LyI+LmdpdC88L2E+CjxsaT48YSBocmVmPSIuZ2l0aWdub3JlIj4uZ2l0aWdub3JlPC9hPgo8bGk+PGEgaHJlZj0iLmdpdGxhYi1jaS55bWwiPi5naXRsYWItY2kueW1sPC9hPgo8bGk+PGEgaHJlZj0iLnRhcmJhbGwtdmVyc2lvbiI+LnRhcmJhbGwtdmVyc2lvbjwvYT4KPGxpPjxhIGhyZWY9Ii50cmF2aXMueW1sIj4udHJhdmlzLnltbDwvYT4KPGxpPjxhIGhyZWY9ImFjbG9jYWwubTQiPmFjbG9jYWwubTQ8L2E+CjxsaT48YSBocmVmPSJBVVRIT1JTIj5BVVRIT1JTPC9hPgo8bGk+PGEgaHJlZj0iYXV0b2dlbi5zaCI+YXV0b2dlbi5zaDwvYT4KPGxpPjxhIGhyZWY9ImF1dG9tNHRlLmNhY2hlLyI+YXV0b200dGUuY2FjaGUvPC9hPgo8bGk+PGEgaHJlZj0iYnVpbGQtYXV4LyI+YnVpbGQtYXV4LzwvYT4KPGxpPjxhIGhyZWY9IkNoYW5nZUxvZyI+Q2hhbmdlTG9nPC9hPgo8bGk+PGEgaHJlZj0iY29tcGlsZSI+Y29tcGlsZTwvYT4KPGxpPjxhIGhyZWY9ImNvbmZpZy5ndWVzcyI+Y29uZmlnLmd1ZXNzPC9hPgo8bGk+PGEgaHJlZj0iY29uZmlnLmxvZyI+Y29uZmlnLmxvZzwvYT4KPGxpPjxhIGhyZWY9ImNvbmZpZy5zdGF0dXMiPmNvbmZpZy5zdGF0dXM8L2E+CjxsaT48YSBocmVmPSJjb25maWcuc3ViIj5jb25maWcuc3ViPC9hPgo8bGk+PGEgaHJlZj0iY29uZmlndXJlIj5jb25maWd1cmU8L2E+CjxsaT48YSBocmVmPSJjb25maWd1cmUuYWMiPmNvbmZpZ3VyZS5hYzwvYT4KPGxpPjxhIGhyZWY9IkNPUFlJTkciPkNPUFlJTkc8L2E+CjxsaT48YSBocmVmPSJkYXRhLyI+ZGF0YS88L2E+CjxsaT48YSBocmVmPSJkZXBjb21wIj5kZXBjb21wPC9hPgo8bGk+PGEgaHJlZj0iSU5TVEFMTCI+SU5TVEFMTDwvYT4KPGxpPjxhIGhyZWY9Imluc3RhbGwtc2giPmluc3RhbGwtc2g8L2E+CjxsaT48YSBocmVmPSJtNC8iPm00LzwvYT4KPGxpPjxhIGhyZWY9Ik1ha2VmaWxlIj5NYWtlZmlsZTwvYT4KPGxpPjxhIGhyZWY9Ik1ha2VmaWxlLmFtIj5NYWtlZmlsZS5hbTwvYT4KPGxpPjxhIGhyZWY9Ik1ha2VmaWxlLmluIj5NYWtlZmlsZS5pbjwvYT4KPGxpPjxhIGhyZWY9Im1pc3NpbmciPm1pc3Npbmc8L2E+CjxsaT48YSBocmVmPSJORVdTIj5ORVdTPC9hPgo8bGk+PGE="}
00628{"flow_id":1,"flow_packet_id":10,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":10,"source":"http-lines-split.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1593713340,"pkt_ts_usec":403894,"pkt_caplen":209,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":209,"pkt_l4_len":175,"pkt":"YDjgxTWgABjzZLGICABFAADDPVtAALIGCXTAqAAUwKgAAXppmUT8cbWGK6JZ9VAZAfaCGwAAIGhyZWY9IlBLR0JVSUxEIj5QS0dCVUlMRDwvYT4KPGxpPjxhIGhyZWY9IlJFQURNRSI+UkVBRE1FPC9hPgo8bGk+PGEgaHJlZj0iUkVBRE1FLm1kIj5SRUFETUUubWQ8L2E+CjxsaT48YSBocmVmPSJzcmMvIj5zcmMvPC9hPgo8L3VsPgo8aHI+CjwvYm9keT4KPC9odG1sPgo="}
00426{"flow_id":1,"flow_packet_id":11,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":11,"source":"http-lines-split.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1593713340,"pkt_ts_usec":403900,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":20,"pkt":"ABjzZLGIYDjgxTWgCABFAAAot69AAHkGyLrAqAABwKgAFJlEemkroln1\/HGv0lAQA+zk+AAAAAAAAAAA"}
00426{"flow_id":1,"flow_packet_id":12,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":12,"source":"http-lines-split.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1593713340,"pkt_ts_usec":404101,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":20,"pkt":"ABjzZLGIYDjgxTWgCABFAAAot7BAAHkGyLnAqAABwKgAFJlEemkroln1\/HG2IlAQA+reqgAAAAAAAAAA"}
00426{"flow_id":1,"flow_packet_id":13,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":13,"source":"http-lines-split.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1593713340,"pkt_ts_usec":404575,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":20,"pkt":"ABjzZLGIYDjgxTWgCABFAAAot7FAAHkGyLjAqAABwKgAFJlEemkroln1\/HG2IlARA+reqQAAAAAAAAAA"}
00417{"flow_id":1,"flow_packet_id":14,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":14,"source":"http-lines-split.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1593713340,"pkt_ts_usec":404597,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"pkt":"YDjgxTWgABjzZLGICABFAAAoAABAALIGR2rAqAAUwKgAAXppmUT8cbYiK6JZ9lAQAfbgnQAA"}
00511{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":14,"source":"http-lines-split.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":14,"flow_first_seen":1593713340401,"flow_last_seen":1593713340404,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1460,"flow_tot_l4_payload_len":1699,"flow_avg_l4_payload_len":121,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.0.1","dst_ip":"192.168.0.20","src_port":39236,"dst_port":31337,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15}
00136{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":14,"source":"http-lines-split.pcap","alias":"nDPId-test"}
~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~
~~ packets captured/processed: 14/14
~~ skipped flows.............: 0
~~ total layer4 data length..: 2003 bytes
~~ total detected protocols..: 1
~~ total active/idle flows...: 1/1
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ total memory allocated....: 4820519 bytes
~~ total memory freed........: 4820519 bytes
~~ total allocations/frees...: 58374/58374
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Powered by cgit, Themed by Ted Yin.