summaryrefslogtreecommitdiff
path: root/test/results/mpeg-dash.pcap.out
blob: fbcb8dd02a8b1c84223bb3e04866b376e8912f55 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42

00475{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"mpeg-dash.pcap","alias":"nDPId-test","max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"tick-resolution":1000,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":3265032704,"max-packets-per-flow-to-send":3,"max-packets-per-flow-to-process":32,"global_ts_usec":0}
00552{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"mpeg-dash.pcap","alias":"nDPId-test","packets-captured":1,"packets-processed":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2,"global_ts_usec":1618744212035234}
00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"mpeg-dash.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1618744212035234,"flow_src_last_pkt_time":1618744212035234,"flow_dst_last_pkt_time":1618744212035234,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1618744212035234,"l3_proto":"ip4","src_ip":"10.84.1.81","dst_ip":"166.248.152.10","src_port":60926,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
00539{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"mpeg-dash.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_src_last_pkt_time":1618744212035234,"flow_dst_last_pkt_time":1618744212035234,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1618744212035234,"pkt":"AAAAAAAAAAQAk2VwCABFAAA8XJFAAEAGk4MKVAFRpviYCu3+AFDXU1UdAAAAAKAC\/\/+5fwAAAgQFtAQCCArQulhbAAAAAAEDAwo="}
00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"mpeg-dash.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_src_last_pkt_time":1618744212035234,"flow_dst_last_pkt_time":1618744212169869,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1618744212169869,"pkt":"AAAAAAAAAAMAbDnzCABFAAA0AABAADAGAB2m+JgKClQBUQBQ7f6v9cxW11NVHoASchAbdQAAAgQFeAEBBAIBAwMK"}
00953{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"mpeg-dash.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":3,"flow_src_last_pkt_time":1618744212202980,"flow_dst_last_pkt_time":1618744212169869,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":382,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":382,"pkt_l4_len":348,"thread_ts_usec":1618744212202980,"pkt":"AAAAAAAAAAQAk2VwCABFAAFwXJNAAEAGkk0KVAFRpviYCu3+AFDXU1Uer\/XMV1AYAFYA8wAAR0VUIC9hcy9iaWdvLWFkLWNyZWF0aXZlcy8zczMvMmxPVEE3Lm1wNCBIVFRQLzEuMQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKExpbnV4OyBBbmRyb2lkIDExOyBTTS1BNzE1RiBCdWlsZC9SUDFBLjIwMDcyMC4wMTI7IHd2KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBWZXJzaW9uLzQuMCBDaHJvbWUvODkuMC40Mzg5LjEwNSBNb2JpbGUgU2FmYXJpLzUzNy4zNg0KYmlnby1oYXNoOiBWRkJOek8zaVZjdkdwV05kDQpIb3N0OiBnZGwubmV3cy1jZG4uc2l0ZQ0KQ29ubmVjdGlvbjogS2VlcC1BbGl2ZQ0KQWNjZXB0LUVuY29kaW5nOiBnemlwDQoNCg=="}
01345{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3,"source":"mpeg-dash.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1618744212035234,"flow_src_last_pkt_time":1618744212202980,"flow_dst_last_pkt_time":1618744212169869,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":328,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":328,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1618744212202980,"l3_proto":"ip4","src_ip":"10.84.1.81","dst_ip":"166.248.152.10","src_port":60926,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"16": {"risk":"Suspicious DGA Domain name","severity":"High","risk_score": {"total":250,"client":125,"server":125}}},"confidence": {"6":"DPI"},"proto":"HTTP.MpegDash","proto_id":"7.291","encrypted":0,"breed":"Acceptable","category_id":1,"category":"Media","hostname":"gdl.news-cdn.site","http": {"url":"gdl.news-cdn.site\/as\/bigo-ad-creatives\/3s3\/2lOTA7.mp4","code":0,"content_type":"","user_agent":"Mozilla\/5.0 (Linux; Android 11; SM-A715F Build\/RP1A.200720.012; wv) AppleWebKit\/537.36 (KHTML, like Gecko) Version\/4.0 Chrome\/89.0.4389.105 Mobile Safari\/537.36","detected_os":"Android 11"}}}
00555{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":5,"source":"mpeg-dash.pcap","alias":"nDPId-test","packets-captured":5,"packets-processed":4,"total-skipped-flows":0,"total-l4-payload-len":1728,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":1,"total-detection-updates":0,"total-updates":0,"current-active-flows":1,"total-active-flows":1,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":8,"global_ts_usec":1652784807797513}
00754{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":5,"source":"mpeg-dash.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1652784807797513,"flow_src_last_pkt_time":1652784807797513,"flow_dst_last_pkt_time":1652784807797513,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1652784807797513,"l3_proto":"ip4","src_ip":"192.168.2.105","dst_ip":"54.161.101.85","src_port":59142,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
00537{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5,"source":"mpeg-dash.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_src_last_pkt_time":1652784807797513,"flow_dst_last_pkt_time":1652784807797513,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1652784807797513,"pkt":"tKXvZygQwDiWIaSpCABFAAA8gI1AAEAGWyfAqAJpNqFlVecGAFDeWzbUAAAAAKAC+vAGuAAAAgQFtAQCCArGziP6AAAAAAEDAwc="}
00537{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6,"source":"mpeg-dash.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":2,"flow_src_last_pkt_time":1652784807797513,"flow_dst_last_pkt_time":1652784807901734,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1652784807901734,"pkt":"wDiWIaSptKXvZygQCABFAAA8AABAAOwGL7Q2oWVVwKgCaQBQ5waq30sm3ls21aASaN+YUwAAAgQFrAQCCAqvHVtJxs4j+gEDAwc="}
00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7,"source":"mpeg-dash.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":3,"flow_src_last_pkt_time":1652784807901785,"flow_dst_last_pkt_time":1652784807901734,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1652784807901785,"pkt":"tKXvZygQwDiWIaSpCABFAAA0gI5AAEAGWy7AqAJpNqFlVecGAFDeWzbVqt9LJ4AQAfYtmQAAAQEICsbOJGKvHVtJ"}
01097{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":8,"source":"mpeg-dash.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1652784807797513,"flow_src_last_pkt_time":1652784807901836,"flow_dst_last_pkt_time":1652784807901734,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":184,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":184,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1652784807901836,"l3_proto":"ip4","src_ip":"192.168.2.105","dst_ip":"54.161.101.85","src_port":59142,"dst_port":80,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.MpegDash","proto_id":"7.291","encrypted":0,"breed":"Acceptable","category_id":1,"category":"Media","hostname":"livesim.dashif.org","http": {"url":"livesim.dashif.org\/livesim\/sts_1652783809\/sid_40c11e12\/chunkdur_1\/ato_7\/testpic4_8s\/A48\/init.mp4","code":0,"content_type":"","user_agent":"VLC\/3.0.16 LibVLC\/3.0.16"}}}
00763{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":9,"source":"mpeg-dash.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1652784808500848,"flow_src_last_pkt_time":1652784808500848,"flow_dst_last_pkt_time":1652784808500848,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":1440,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1440,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1440,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1652784808500848,"l3_proto":"ip4","src_ip":"54.161.101.85","dst_ip":"192.168.2.105","src_port":80,"dst_port":59144,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
02459{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":9,"source":"mpeg-dash.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":1,"flow_src_last_pkt_time":1652784808500848,"flow_dst_last_pkt_time":1652784808500848,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":1506,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1506,"pkt_l4_len":1472,"thread_ts_usec":1652784808500848,"pkt":"wDiWIaSptKXvZygQCABFAAXUcu5AAOwGty02oWVVwKgCaQBQ5wi4j+HSMIk\/coAQANuo3AAAAQEICq8dXZ\/GziZPSFRUUC8xLjEgMjAwIE9LDQpEYXRlOiBUdWUsIDE3IE1heSAyMDIyIDEwOjUzOjI4IEdNVA0KU2VydmVyOiBBcGFjaGUvMi40LjUzICgpIE9wZW5TU0wvMS4wLjJrLWZpcHMgbW9kX3dzZ2kvNC43LjEgUHl0aG9uLzMuNw0KVXBncmFkZTogaDIsaDJjDQpDb25uZWN0aW9uOiBVcGdyYWRlDQpBY2NlcHQtUmFuZ2VzOiBieXRlcw0KUHJhZ21hOiBuby1jYWNoZQ0KQ2FjaGUtQ29udHJvbDogbm8tY2FjaGUNCkV4cGlyZXM6IC0xDQpEQVNILUxpdmUtU2ltdWxhdG9yOiBEQVNILUlGIGxpdmUgREFTSCBzaW11bGF0b3IgMi4wLjENCkFjY2Vzcy1Db250cm9sLUFsbG93LUhlYWRlcnM6IG9yaWdpbixyYW5nZSxhY2NlcHQtZW5jb2RpbmcscmVmZXJlcg0KQWNjZXNzLUNvbnRyb2wtQWxsb3ctTWV0aG9kczogR0VULEhFQUQsT1BUSU9OUw0KQWNjZXNzLUNvbnRyb2wtQWxsb3ctT3JpZ2luOiAqDQpBY2Nlc3MtQ29udHJvbC1FeHBvc2UtSGVhZGVyczogU2VydmVyLHJhbmdlLENvbnRlbnQtTGVuZ3RoLENvbnRlbnQtUmFuZ2UsRGF0ZQ0KQ29udGVudC1MZW5ndGg6IDk0NA0KQ29udGVudC1UeXBlOiB2aWRlby9tcDQNCg0KAAAAHGZ0eXBpc281AAAAAWF2YzFpc281ZGFzaAAAAAhmcmVlAAAAYGZyZWVJc29NZWRpYSBGaWxlIFByb2R1Y2VkIHdpdGggR1BBQyAwLjUuMi1ERVYtcmV2VmVyc2lvbjogMC41LjItNDI2LWdjNWFkNGU0K2Rmc2c1LTFidWlsZDEAAAADLG1vb3YAAABsbXZoZAAAAAAAAAAAAAAAAAAAA+gAAAAAAAEAAAEAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAABIbXZleAAAABBtZWhkAAAAAAA27oAAAAAgdHJleAAAAAAAAAABAAAAAQAAAgAAAAAAAAEAAAAAABB0cmVwAAAAAAAAAAEAAAIOdHJhawAAAFx0a2hkAAAAAwAAAADVk9GpAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAQAAAAAUAAAAC0AAAAAAAJGVkdHMAAAAcZWxzdAAAAAAAAAABAAAAAAAABAAAAQAAAAABhm1kaWEAAAAgbWRoZAAAAAAAAAAAAAAAAAAAPAAAAAAAFccAAAAAAC1oZGxyAAAAAAAAAAB2aWRlAAAAAAAAAAAAAAAAVmlkZW9IYW5kbGVyAAAAATFtaW5mAAAAFHZtaGQAAAABAAAAAAAAAAAAAAAkZGluZgAAABxkcmVmAAAAAAAAAAEAAAAMdXJsIAAAAAEAAADxc3RibAAAAKVzdHNkAAAAAAAAAAEAAACVYXZjMQAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAUAAtAASAAAAEgAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABj\/\/wAAAD9hdmNDAWQAH\/\/hACNnZAAfrNlAUAW6EAAAAwAQAAADA8ZKAAknwAEk\/mkwB4wYywEABWjr7LIs\/Pj4AAAAABBzdHRzAAAAAAAAAAAAAAAQc3RzYwAAAAAAAAAAAAAAFHN0c3oAAAAAAAAAAAAAAAAAAAAQc3RjbwAAAAAAAAAAAAAAYnVkdGEAAABabWV0YQAAAAAA"}
00903{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":9,"source":"mpeg-dash.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1652784808500848,"flow_src_last_pkt_time":1652784808500848,"flow_dst_last_pkt_time":1652784808500848,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":1440,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1440,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1440,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1652784808500848,"l3_proto":"ip4","src_ip":"54.161.101.85","dst_ip":"192.168.2.105","src_port":80,"dst_port":59144,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.MpegDash","proto_id":"7.291","encrypted":0,"breed":"Acceptable","category_id":1,"category":"Media","hostname":"","http": {}}}
00527{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":10,"source":"mpeg-dash.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":2,"flow_src_last_pkt_time":1652784808500848,"flow_dst_last_pkt_time":1652784808500868,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1652784808500868,"pkt":"tKXvZygQwDiWIaSpCABFAAA0NqpAAEAGpRLAqAJpNqFlVecIAFAwiT9yuI\/ncoAQAfUkJQAAAQEICsbOJrmvHV2f"}
00635{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":11,"source":"mpeg-dash.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":3,"flow_src_last_pkt_time":1652784808501352,"flow_dst_last_pkt_time":1652784808500868,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":143,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":143,"pkt_l4_len":109,"thread_ts_usec":1652784808501352,"pkt":"wDiWIaSptKXvZygQCABFAACBcu9AAOwGvH82oWVVwKgCaQBQ5wi4j+dyMIk\/coAYANvyTQAAAQEICq8dXZ\/GziZPAAAhaGRscgAAAAAAAAAAbWRpcmFwcGwAAAAAAAAAAAAAAAAtaWxzdAAAACWpdG9vAAAAHWRhdGEAAAABAAAAAExhdmY1Ni40MC4xMDE="}
00910{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":11,"source":"mpeg-dash.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1652784808500848,"flow_src_last_pkt_time":1652784808501352,"flow_dst_last_pkt_time":1652784808500868,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1440,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1517,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1652784808501352,"l3_proto":"ip4","src_ip":"54.161.101.85","dst_ip":"192.168.2.105","src_port":80,"dst_port":59144,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.MpegDash","proto_id":"7.291","encrypted":0,"breed":"Acceptable","category_id":1,"category":"Media","hostname":"","http": {}}}
00761{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":13,"source":"mpeg-dash.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1652784814543352,"flow_src_last_pkt_time":1652784814543352,"flow_dst_last_pkt_time":1652784814543352,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":191,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":191,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":191,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1652784814543352,"l3_proto":"ip4","src_ip":"192.168.2.105","dst_ip":"54.161.101.85","src_port":59146,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
00786{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":13,"source":"mpeg-dash.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":1,"flow_src_last_pkt_time":1652784814543352,"flow_dst_last_pkt_time":1652784814543352,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":257,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":257,"pkt_l4_len":223,"thread_ts_usec":1652784814543352,"pkt":"tKXvZygQwDiWIaSpCABFAADzRtZAAEAGlCfAqAJpNqFlVecKAFBASLN\/hVfSJoAYAfZzRwAAAQEICsbOPlSvHXU7R0VUIC9saXZlc2ltL3N0c18xNjUyNzgzODA5L3NpZF80MGMxMWUxMi9jaHVua2R1cl8xL2F0b183L3Rlc3RwaWM0XzhzL1YyNDAwLzIwNjU5ODA5OS5tNHMgSFRUUC8xLjENCkhvc3Q6IGxpdmVzaW0uZGFzaGlmLm9yZw0KQ2FjaGUtQ29udHJvbDogbm8tY2FjaGUNClVzZXItQWdlbnQ6IFZMQy8zLjAuMTYgTGliVkxDLzMuMC4xNg0KDQo="}
01107{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":13,"source":"mpeg-dash.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1652784814543352,"flow_src_last_pkt_time":1652784814543352,"flow_dst_last_pkt_time":1652784814543352,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":191,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":191,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":191,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1652784814543352,"l3_proto":"ip4","src_ip":"192.168.2.105","dst_ip":"54.161.101.85","src_port":59146,"dst_port":80,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.MpegDash","proto_id":"7.291","encrypted":0,"breed":"Acceptable","category_id":1,"category":"Media","hostname":"livesim.dashif.org","http": {"url":"livesim.dashif.org\/livesim\/sts_1652783809\/sid_40c11e12\/chunkdur_1\/ato_7\/testpic4_8s\/V2400\/206598099.m4s","code":0,"content_type":"","user_agent":"VLC\/3.0.16 LibVLC\/3.0.16"}}}
00760{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":13,"source":"mpeg-dash.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1652784807797513,"flow_src_last_pkt_time":1652784807901836,"flow_dst_last_pkt_time":1652784807901734,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":184,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":184,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1652784814543352,"l3_proto":"ip4","src_ip":"192.168.2.105","dst_ip":"54.161.101.85","src_port":59142,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
00767{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":13,"source":"mpeg-dash.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1652784808500848,"flow_src_last_pkt_time":1652784808501352,"flow_dst_last_pkt_time":1652784808514677,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1440,"flow_dst_max_l4_payload_len":191,"flow_src_tot_l4_payload_len":1517,"flow_dst_tot_l4_payload_len":191,"midstream":1,"thread_ts_usec":1652784814543352,"l3_proto":"ip4","src_ip":"54.161.101.85","dst_ip":"192.168.2.105","src_port":80,"dst_port":59144,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
00762{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":13,"source":"mpeg-dash.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1652784814543352,"flow_src_last_pkt_time":1652784814543352,"flow_dst_last_pkt_time":1652784814543352,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":191,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":191,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":191,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1652784814543352,"l3_proto":"ip4","src_ip":"192.168.2.105","dst_ip":"54.161.101.85","src_port":59146,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
01048{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":13,"source":"mpeg-dash.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1618744212035234,"flow_src_last_pkt_time":1618744212202980,"flow_dst_last_pkt_time":1618744212338460,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":328,"flow_dst_max_l4_payload_len":1400,"flow_src_tot_l4_payload_len":328,"flow_dst_tot_l4_payload_len":1400,"midstream":0,"thread_ts_usec":1652784814543352,"l3_proto":"ip4","src_ip":"10.84.1.81","dst_ip":"166.248.152.10","src_port":60926,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"16": {"risk":"Suspicious DGA Domain name","severity":"High","risk_score": {"total":250,"client":125,"server":125}}},"confidence": {"6":"DPI"},"proto":"HTTP.MpegDash","proto_id":"7.291","encrypted":0,"breed":"Acceptable","category_id":1,"category":"Media"}}
00561{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":13,"source":"mpeg-dash.pcap","alias":"nDPId-test","packets-captured":13,"packets-processed":13,"total-skipped-flows":0,"total-l4-payload-len":3811,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":4,"total-detection-updates":1,"total-updates":0,"current-active-flows":0,"total-active-flows":4,"total-idle-flows":4,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":27,"global_ts_usec":1652784814543352}
~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~
~~ packets captured/processed: 13/13
~~ skipped flows.............: 0
~~ total layer4 data length..: 3811 bytes
~~ total detected protocols..: 4
~~ total active/idle flows...: 4/4
~~ total timeout flows.......: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ total memory allocated....: 6043267 bytes
~~ total memory freed........: 6043267 bytes
~~ total allocations/frees...: 121547/121547
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ json string min len.......: 480 chars
~~ json string max len.......: 2464 chars
~~ json string avg len.......: 1471 chars
Powered by cgit, Themed by Ted Yin.