mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 14:48:21 +00:00
Fix unit tests for new ordering from NetSessions::Drain
This commit is contained in:
Tim Wojtulewicz
parent
a4b8aa1f30
commit
01207c0720
43 changed files with 362 additions and 362 deletions
|
|
@ -3,7 +3,7 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path conn
|
||||
#open 2018-07-09-14-17-29
|
||||
#open 2019-07-31-18-49-55
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
||||
#types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
||||
1529347003.860008 C7fIlMZDuRiqjpYbb 1.1.1.6 57005 2.2.2.2 48879 tcp - 0.001018 0 0 S0 - - 0 S 2 80 0 0 -
|
||||
|
|
@ -22,20 +22,20 @@
|
|||
1529347003.883152 CPhDKt12KQPUVbQz06 1234::a 57005 5678:: 48879 tcp - 0.001005 0 0 S0 - - 0 S 2 120 0 0 -
|
||||
1529347003.884945 CAnFrb2Cvxr5T7quOc 1234:: 57005 5678:: 48879 tcp - 0.001005 0 0 S0 - - 0 S 2 120 0 0 -
|
||||
1529347003.886751 C8rquZ3DjgNW06JGLl 1234::2 57005 5678:: 48879 tcp - 0.001120 0 0 S0 - - 0 S 2 120 0 0 -
|
||||
1529347003.851951 CFLRIC3zaTU1loLGxh 1234::4 57005 5678:: 48879 udp - 0.000905 0 0 S0 - - 0 D 2 96 0 0 -
|
||||
1529347003.855232 Ck51lg1bScffFj34Ri 1234::a 57005 5678:: 48879 udp - 0.000894 0 0 S0 - - 0 D 2 96 0 0 -
|
||||
1529347003.839636 CtPZjS20MLrsMUOJi2 1.1.1.12 57005 2.2.2.2 48879 udp - 0.000847 0 0 S0 - - 0 D 2 56 0 0 -
|
||||
1529347003.858393 CNnMIj2QSd84NKf7U3 1234::2 57005 5678:: 48879 udp - 0.000902 0 0 S0 - - 0 D 2 96 0 0 -
|
||||
1529347003.842649 CmES5u32sYpV7JYN 1.1.1.2 57005 2.2.2.2 48879 udp - 0.000830 0 0 S0 - - 0 D 2 56 0 0 -
|
||||
1529347003.850367 C0LAHyvtKSQHyJxIl 1234::6 57005 5678:: 48879 udp - 0.000898 0 0 S0 - - 0 D 2 96 0 0 -
|
||||
1529347003.848776 CwjjYJ2WqgTbAqiHl6 1234::c 57005 5678:: 48879 udp - 0.000902 0 0 S0 - - 0 D 2 96 0 0 -
|
||||
1529347003.856801 C9mvWx3ezztgzcexV7 1234:: 57005 5678:: 48879 udp - 0.000898 0 0 S0 - - 0 D 2 96 0 0 -
|
||||
1529347003.841103 CUM0KZ3MLUfNB0cl11 1.1.1.0 57005 2.2.2.2 48879 udp - 0.000926 0 0 S0 - - 0 D 2 56 0 0 -
|
||||
1529347003.845524 C37jN32gN3y3AZzyf6 1.1.1.10 57005 2.2.2.2 48879 udp - 0.000843 0 0 S0 - - 0 D 2 56 0 0 -
|
||||
1529347003.847079 C3eiCBGOLw3VtHfOj 1234::e 57005 5678:: 48879 udp - 0.001014 0 0 S0 - - 0 D 2 96 0 0 -
|
||||
1529347003.853544 C9rXSW3KSpTYvPrlI1 1234::8 57005 5678:: 48879 udp - 0.001010 0 0 S0 - - 0 D 2 96 0 0 -
|
||||
1529347003.842649 CmES5u32sYpV7JYN 1.1.1.2 57005 2.2.2.2 48879 udp - 0.000830 0 0 S0 - - 0 D 2 56 0 0 -
|
||||
1529347003.836659 ClEkJM2Vm5giqnMf4h 1.1.1.4 57005 2.2.2.2 48879 udp - 0.000847 0 0 S0 - - 0 D 2 56 0 0 -
|
||||
1529347003.838130 C4J4Th3PJpwUYZZ6gc 1.1.1.14 57005 2.2.2.2 48879 udp - 0.000880 0 0 S0 - - 0 D 2 56 0 0 -
|
||||
1529347003.844086 CP5puj4I8PtEU4qzYg 1.1.1.8 57005 2.2.2.2 48879 udp - 0.000830 0 0 S0 - - 0 D 2 56 0 0 -
|
||||
1529347003.834704 CHhAvVGS1DHFjwGM9 1.1.1.6 57005 2.2.2.2 48879 udp - 0.001243 0 0 S0 - - 0 D 2 56 0 0 -
|
||||
#close 2018-07-09-14-17-29
|
||||
1529347003.844086 CP5puj4I8PtEU4qzYg 1.1.1.8 57005 2.2.2.2 48879 udp - 0.000830 0 0 S0 - - 0 D 2 56 0 0 -
|
||||
1529347003.845524 C37jN32gN3y3AZzyf6 1.1.1.10 57005 2.2.2.2 48879 udp - 0.000843 0 0 S0 - - 0 D 2 56 0 0 -
|
||||
1529347003.839636 CtPZjS20MLrsMUOJi2 1.1.1.12 57005 2.2.2.2 48879 udp - 0.000847 0 0 S0 - - 0 D 2 56 0 0 -
|
||||
1529347003.838130 C4J4Th3PJpwUYZZ6gc 1.1.1.14 57005 2.2.2.2 48879 udp - 0.000880 0 0 S0 - - 0 D 2 56 0 0 -
|
||||
1529347003.856801 C9mvWx3ezztgzcexV7 1234:: 57005 5678:: 48879 udp - 0.000898 0 0 S0 - - 0 D 2 96 0 0 -
|
||||
1529347003.858393 CNnMIj2QSd84NKf7U3 1234::2 57005 5678:: 48879 udp - 0.000902 0 0 S0 - - 0 D 2 96 0 0 -
|
||||
1529347003.851951 CFLRIC3zaTU1loLGxh 1234::4 57005 5678:: 48879 udp - 0.000905 0 0 S0 - - 0 D 2 96 0 0 -
|
||||
1529347003.850367 C0LAHyvtKSQHyJxIl 1234::6 57005 5678:: 48879 udp - 0.000898 0 0 S0 - - 0 D 2 96 0 0 -
|
||||
1529347003.853544 C9rXSW3KSpTYvPrlI1 1234::8 57005 5678:: 48879 udp - 0.001010 0 0 S0 - - 0 D 2 96 0 0 -
|
||||
1529347003.855232 Ck51lg1bScffFj34Ri 1234::a 57005 5678:: 48879 udp - 0.000894 0 0 S0 - - 0 D 2 96 0 0 -
|
||||
1529347003.848776 CwjjYJ2WqgTbAqiHl6 1234::c 57005 5678:: 48879 udp - 0.000902 0 0 S0 - - 0 D 2 96 0 0 -
|
||||
1529347003.847079 C3eiCBGOLw3VtHfOj 1234::e 57005 5678:: 48879 udp - 0.001014 0 0 S0 - - 0 D 2 96 0 0 -
|
||||
#close 2019-07-31-18-49-55
|
||||
|
|
|
|||
|
|
@ -3,10 +3,10 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path conn
|
||||
#open 2016-07-13-16-12-55
|
||||
#open 2019-07-31-18-52-05
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
||||
#types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
||||
1371685686.536606 CHhAvVGS1DHFjwGM9 65.65.65.65 19244 65.65.65.65 80 tcp - - - - OTH - - 0 D 1 257 0 0 -
|
||||
1371686961.479321 C4J4Th3PJpwUYZZ6gc 65.65.65.65 61193 65.65.65.65 80 tcp - - - - OTH - - 0 D 1 710 0 0 -
|
||||
1371686961.156859 ClEkJM2Vm5giqnMf4h 65.65.65.65 32828 65.65.65.65 80 tcp - - - - OTH - - 0 ^d 0 0 1 1500 -
|
||||
#close 2016-07-13-16-12-55
|
||||
1371686961.479321 C4J4Th3PJpwUYZZ6gc 65.65.65.65 61193 65.65.65.65 80 tcp - - - - OTH - - 0 D 1 710 0 0 -
|
||||
#close 2019-07-31-18-52-05
|
||||
|
|
|
|||
|
|
@ -3,14 +3,14 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path conn
|
||||
#open 2016-07-13-16-12-57
|
||||
#open 2019-07-31-18-52-11
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
||||
#types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
||||
1284385417.962560 CUM0KZ3MLUfNB0cl11 fe80::ce05:eff:fe88:0 546 ff02::1:2 547 udp - 0.078000 114 0 S0 - - 0 D 2 210 0 0 -
|
||||
1284385418.014560 CmES5u32sYpV7JYN fe80::c801:eff:fe88:8 547 fe80::ce05:eff:fe88:0 546 udp - 0.096000 192 0 S0 - - 0 D 2 288 0 0 -
|
||||
1284385411.035560 CHhAvVGS1DHFjwGM9 fe80::c801:eff:fe88:8 143 ff02::16 0 icmp - 0.835000 160 0 OTH - - 0 - 8 608 0 0 -
|
||||
1284385417.962560 CUM0KZ3MLUfNB0cl11 fe80::ce05:eff:fe88:0 546 ff02::1:2 547 udp - 0.078000 114 0 S0 - - 0 D 2 210 0 0 -
|
||||
1284385451.658560 CP5puj4I8PtEU4qzYg fc00:0:2:100::1:1 128 fc00::1 129 icmp - 0.156000 260 260 OTH - - 0 - 5 500 5 500 -
|
||||
1284385412.963560 C4J4Th3PJpwUYZZ6gc fe80::ce05:eff:fe88:0 133 ff02::2 134 icmp - - - - OTH - - 0 - 1 48 0 0 -
|
||||
1284385413.027560 CtPZjS20MLrsMUOJi2 fe80::c801:eff:fe88:8 134 fe80::ce05:eff:fe88:0 133 icmp - - - - OTH - - 0 - 1 64 0 0 -
|
||||
1284385411.091560 ClEkJM2Vm5giqnMf4h fe80::c801:eff:fe88:8 136 ff02::1 135 icmp - - - - OTH - - 0 - 1 64 0 0 -
|
||||
#close 2016-07-13-16-12-57
|
||||
1284385411.035560 CHhAvVGS1DHFjwGM9 fe80::c801:eff:fe88:8 143 ff02::16 0 icmp - 0.835000 160 0 OTH - - 0 - 8 608 0 0 -
|
||||
1284385412.963560 C4J4Th3PJpwUYZZ6gc fe80::ce05:eff:fe88:0 133 ff02::2 134 icmp - - - - OTH - - 0 - 1 48 0 0 -
|
||||
#close 2019-07-31-18-52-11
|
||||
|
|
|
|||
|
|
@ -3,8 +3,8 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path conn
|
||||
#open 2019-04-17-20-42-43
|
||||
#open 2019-07-31-18-52-37
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
||||
#types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
||||
1285862902.700271 CHhAvVGS1DHFjwGM9 10.0.88.85 50368 192.168.0.27 80 tcp - 60.991770 474 23783 RSTO - - 24257 ShADaGdgtR 17 1250 22 28961 -
|
||||
#close 2019-04-17-20-42-43
|
||||
#close 2019-07-31-18-52-37
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path conn
|
||||
#open 2019-04-17-20-42-44
|
||||
#open 2019-07-31-18-52-37
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
||||
#types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
||||
1300475167.096535 CHhAvVGS1DHFjwGM9 141.142.220.202 5353 224.0.0.251 5353 udp dns - - - S0 - - 0 D 1 73 0 0 -
|
||||
|
|
@ -30,14 +30,14 @@
|
|||
1300475173.116749 C8rquZ3DjgNW06JGLl fe80::3074:17d5:2052:c324 54213 ff02::1:3 5355 udp dns 0.099801 66 0 S0 - - 0 D 2 162 0 0 -
|
||||
1300475173.117362 CzrZOtXqhwwndQva3 141.142.220.226 55671 224.0.0.252 5355 udp dns 0.099849 66 0 S0 - - 0 D 2 122 0 0 -
|
||||
1300475173.153679 CaGCc13FffXe6RkQl9 141.142.220.238 56641 141.142.220.255 137 udp dns - - - S0 - - 0 D 1 78 0 0 -
|
||||
1300475169.780331 CFSwNi4CNGxcuffo49 141.142.220.235 6705 173.192.163.128 80 tcp - - - - OTH - - 0 ^h 0 0 1 48 -
|
||||
1300475168.892913 CykQaM33ztNt0csB9a 141.142.220.118 49999 208.80.152.3 80 tcp http 0.220961 1137 733 S1 - - 0 ShADad 6 1457 4 949 -
|
||||
1300475168.724007 CUM0KZ3MLUfNB0cl11 141.142.220.118 48649 208.80.152.118 80 tcp http 0.119905 525 232 S1 - - 0 ShADad 4 741 3 396 -
|
||||
1300475168.855330 CwjjYJ2WqgTbAqiHl6 141.142.220.118 49997 208.80.152.3 80 tcp http 0.219720 1125 734 S1 - - 0 ShADad 6 1445 4 950 -
|
||||
1300475168.855305 C3eiCBGOLw3VtHfOj 141.142.220.118 49996 208.80.152.3 80 tcp http 0.218501 1171 733 S1 - - 0 ShADad 6 1491 4 949 -
|
||||
1300475168.652003 CtPZjS20MLrsMUOJi2 141.142.220.118 35634 208.80.152.2 80 tcp - 0.061329 463 350 OTH - - 0 DdA 2 567 1 402 -
|
||||
1300475168.902635 CiyBAq1bBLNaTiTAc 141.142.220.118 35642 208.80.152.2 80 tcp http 0.120041 534 412 S1 - - 0 ShADad 4 750 3 576 -
|
||||
1300475168.855305 C3eiCBGOLw3VtHfOj 141.142.220.118 49996 208.80.152.3 80 tcp http 0.218501 1171 733 S1 - - 0 ShADad 6 1491 4 949 -
|
||||
1300475168.855330 CwjjYJ2WqgTbAqiHl6 141.142.220.118 49997 208.80.152.3 80 tcp http 0.219720 1125 734 S1 - - 0 ShADad 6 1445 4 950 -
|
||||
1300475168.859163 Ck51lg1bScffFj34Ri 141.142.220.118 49998 208.80.152.3 80 tcp http 0.215893 1130 734 S1 - - 0 ShADad 6 1450 4 950 -
|
||||
1300475168.892913 CykQaM33ztNt0csB9a 141.142.220.118 49999 208.80.152.3 80 tcp http 0.220961 1137 733 S1 - - 0 ShADad 6 1457 4 949 -
|
||||
1300475168.892936 CtxTCR2Yer0FR1tIBg 141.142.220.118 50000 208.80.152.3 80 tcp http 0.229603 1148 734 S1 - - 0 ShADad 6 1468 4 950 -
|
||||
1300475168.895267 CLNN1k2QMum1aexUK7 141.142.220.118 50001 208.80.152.3 80 tcp http 0.227284 1178 734 S1 - - 0 ShADad 6 1498 4 950 -
|
||||
#close 2019-04-17-20-42-44
|
||||
1300475168.724007 CUM0KZ3MLUfNB0cl11 141.142.220.118 48649 208.80.152.118 80 tcp http 0.119905 525 232 S1 - - 0 ShADad 4 741 3 396 -
|
||||
1300475169.780331 CFSwNi4CNGxcuffo49 141.142.220.235 6705 173.192.163.128 80 tcp - - - - OTH - - 0 ^h 0 0 1 48 -
|
||||
#close 2019-07-31-18-52-37
|
||||
|
|
|
|||
|
|
@ -3,15 +3,15 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path conn
|
||||
#open 2016-07-13-16-13-04
|
||||
#open 2019-07-31-18-52-20
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
||||
#types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
||||
1257655301.595604 C37jN32gN3y3AZzyf6 2001:4978:f:4c::2 53382 2001:4860:b002::68 80 tcp http 2.101052 2981 4665 S1 - - 0 ShADad 10 3605 11 5329 C4J4Th3PJpwUYZZ6gc
|
||||
1257655296.585034 C4J4Th3PJpwUYZZ6gc 192.168.3.101 53859 216.14.98.22 5072 udp ayiya 20.879001 5129 6109 SF - - 0 Dd 21 5717 13 6473 -
|
||||
1257655293.629048 CHhAvVGS1DHFjwGM9 192.168.3.101 53796 216.14.98.22 5072 udp ayiya - - - SHR - - 0 ^d 0 0 1 176 -
|
||||
1257655296.585034 C4J4Th3PJpwUYZZ6gc 192.168.3.101 53859 216.14.98.22 5072 udp ayiya 20.879001 5129 6109 SF - - 0 Dd 21 5717 13 6473 -
|
||||
1257655296.585333 CP5puj4I8PtEU4qzYg :: 135 ff02::1:ff00:2 136 icmp - - - - OTH - - 0 - 1 64 0 0 C4J4Th3PJpwUYZZ6gc
|
||||
1257655296.585151 CUM0KZ3MLUfNB0cl11 fe80::216:cbff:fe9a:4cb9 131 ff02::2:f901:d225 130 icmp - 0.719947 32 0 OTH - - 0 - 2 144 0 0 C4J4Th3PJpwUYZZ6gc
|
||||
1257655296.585034 CtPZjS20MLrsMUOJi2 fe80::216:cbff:fe9a:4cb9 131 ff02::1:ff9a:4cb9 130 icmp - 4.922880 32 0 OTH - - 0 - 2 144 0 0 C4J4Th3PJpwUYZZ6gc
|
||||
1257655293.629048 ClEkJM2Vm5giqnMf4h 2001:4978:f:4c::1 128 2001:4978:f:4c::2 129 icmp - 23.834987 168 56 OTH - - 0 - 3 312 1 104 CHhAvVGS1DHFjwGM9,C4J4Th3PJpwUYZZ6gc
|
||||
1257655296.585188 CmES5u32sYpV7JYN fe80::216:cbff:fe9a:4cb9 131 ff02::1:ff00:2 130 icmp - 0.919988 32 0 OTH - - 0 - 2 144 0 0 C4J4Th3PJpwUYZZ6gc
|
||||
#close 2016-07-13-16-13-04
|
||||
1257655296.585034 CtPZjS20MLrsMUOJi2 fe80::216:cbff:fe9a:4cb9 131 ff02::1:ff9a:4cb9 130 icmp - 4.922880 32 0 OTH - - 0 - 2 144 0 0 C4J4Th3PJpwUYZZ6gc
|
||||
1257655296.585151 CUM0KZ3MLUfNB0cl11 fe80::216:cbff:fe9a:4cb9 131 ff02::2:f901:d225 130 icmp - 0.719947 32 0 OTH - - 0 - 2 144 0 0 C4J4Th3PJpwUYZZ6gc
|
||||
#close 2019-07-31-18-52-20
|
||||
|
|
|
|||
|
|
@ -3,10 +3,10 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path http
|
||||
#open 2019-03-13-20-02-18
|
||||
#open 2019-07-31-18-52-20
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p trans_depth method host uri referrer version user_agent origin request_body_len response_body_len status_code status_msg info_code info_msg tags username password proxied orig_fuids orig_filenames orig_mime_types resp_fuids resp_filenames resp_mime_types
|
||||
#types time string addr port addr port count string string string string string string string count count count string count string set[enum] string string set[string] vector[string] vector[string] vector[string] vector[string] vector[string] vector[string]
|
||||
1257655301.652206 C37jN32gN3y3AZzyf6 2001:4978:f:4c::2 53382 2001:4860:b002::68 80 1 GET ipv6.google.com / - 1.1 Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en; rv:1.9.0.15pre) Gecko/2009091516 Camino/2.0b4 (like Firefox/3.0.15pre) - 0 10102 200 OK - - (empty) - - - - - - FYAtjT24MvCBUs5K5f - text/html
|
||||
1257655302.514424 C37jN32gN3y3AZzyf6 2001:4978:f:4c::2 53382 2001:4860:b002::68 80 2 GET ipv6.google.com /csi?v=3&s=webhp&action=&tran=undefined&e=17259,19771,21517,21766,21887,22212&ei=BUz2Su7PMJTglQfz3NzCAw&rt=prt.77,xjs.565,ol.645 http://ipv6.google.com/ 1.1 Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en; rv:1.9.0.15pre) Gecko/2009091516 Camino/2.0b4 (like Firefox/3.0.15pre) - 0 0 204 No Content - - (empty) - - - - - - - - -
|
||||
1257655303.603569 C37jN32gN3y3AZzyf6 2001:4978:f:4c::2 53382 2001:4860:b002::68 80 3 GET ipv6.google.com /gen_204?atyp=i&ct=fade&cad=1254&ei=BUz2Su7PMJTglQfz3NzCAw&zx=1257655303600 http://ipv6.google.com/ 1.1 Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en; rv:1.9.0.15pre) Gecko/2009091516 Camino/2.0b4 (like Firefox/3.0.15pre) - 0 0 204 No Content - - (empty) - - - - - - - - -
|
||||
#close 2019-03-13-20-02-18
|
||||
#close 2019-07-31-18-52-20
|
||||
|
|
|
|||
|
|
@ -3,11 +3,11 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path tunnel
|
||||
#open 2016-07-13-16-13-04
|
||||
#open 2019-07-31-18-52-20
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p tunnel_type action
|
||||
#types time string addr port addr port enum enum
|
||||
1257655293.629048 CHhAvVGS1DHFjwGM9 192.168.3.101 53796 216.14.98.22 5072 Tunnel::AYIYA Tunnel::DISCOVER
|
||||
1257655296.585034 C4J4Th3PJpwUYZZ6gc 192.168.3.101 53859 216.14.98.22 5072 Tunnel::AYIYA Tunnel::DISCOVER
|
||||
1257655317.464035 C4J4Th3PJpwUYZZ6gc 192.168.3.101 53859 216.14.98.22 5072 Tunnel::AYIYA Tunnel::CLOSE
|
||||
1257655317.464035 CHhAvVGS1DHFjwGM9 192.168.3.101 53796 216.14.98.22 5072 Tunnel::AYIYA Tunnel::CLOSE
|
||||
#close 2016-07-13-16-13-04
|
||||
1257655317.464035 C4J4Th3PJpwUYZZ6gc 192.168.3.101 53859 216.14.98.22 5072 Tunnel::AYIYA Tunnel::CLOSE
|
||||
#close 2019-07-31-18-52-20
|
||||
|
|
|
|||
|
|
@ -3,10 +3,10 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path conn
|
||||
#open 2016-07-13-16-13-06
|
||||
#open 2019-07-31-18-53-16
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
||||
#types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
||||
1333458850.321642 ClEkJM2Vm5giqnMf4h 10.131.17.170 51803 173.199.115.168 80 tcp http 0.257902 1138 63424 S3 - - 0 ShADadf 29 2310 49 65396 CHhAvVGS1DHFjwGM9,C4J4Th3PJpwUYZZ6gc
|
||||
1333458850.321642 CHhAvVGS1DHFjwGM9 167.55.105.244 5906 207.233.125.40 2152 udp gtpv1 0.257902 2542 0 S0 - - 0 D 29 3354 0 0 -
|
||||
1333458850.325787 C4J4Th3PJpwUYZZ6gc 207.233.125.40 2152 167.55.105.244 2152 udp gtpv1 0.251127 65788 0 S0 - - 0 D 49 67160 0 0 -
|
||||
#close 2016-07-13-16-13-06
|
||||
1333458850.321642 CHhAvVGS1DHFjwGM9 167.55.105.244 5906 207.233.125.40 2152 udp gtpv1 0.257902 2542 0 S0 - - 0 D 29 3354 0 0 -
|
||||
#close 2019-07-31-18-53-16
|
||||
|
|
|
|||
|
|
@ -3,9 +3,9 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path http
|
||||
#open 2019-03-13-20-03-31
|
||||
#open 2019-07-31-18-53-16
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p trans_depth method host uri referrer version user_agent origin request_body_len response_body_len status_code status_msg info_code info_msg tags username password proxied orig_fuids orig_filenames orig_mime_types resp_fuids resp_filenames resp_mime_types
|
||||
#types time string addr port addr port count string string string string string string string count count count string count string set[enum] string string set[string] vector[string] vector[string] vector[string] vector[string] vector[string] vector[string]
|
||||
1333458850.340368 ClEkJM2Vm5giqnMf4h 10.131.17.170 51803 173.199.115.168 80 1 GET cdn.epicgameads.com /ads/flash/728x90_nx8com.swf?clickTAG=http://www.epicgameads.com/ads/bannerclickPage.php?id=e3ubwU6IF&pd=1&adid=0&icpc=1&axid=0&uctt=1&channel=4&cac=1&t=728x90&cb=1333458879 http://www.epicgameads.com/ads/banneriframe.php?id=e3ubwU6IF&t=728x90&channel=4&cb=1333458905296 1.1 Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0) - 0 31461 200 OK - - (empty) - - - - - - FHKKd91EMHBEK0hbdg - application/x-shockwave-flash
|
||||
1333458850.399501 ClEkJM2Vm5giqnMf4h 10.131.17.170 51803 173.199.115.168 80 2 GET cdn.epicgameads.com /ads/flash/728x90_nx8com.swf?clickTAG=http://www.epicgameads.com/ads/bannerclickPage.php?id=e3ubwU6IF&pd=1&adid=0&icpc=1&axid=0&uctt=1&channel=0&cac=1&t=728x90&cb=1333458881 http://www.epicgameads.com/ads/banneriframe.php?id=e3ubwU6IF&t=728x90&cb=1333458920207 1.1 Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0) - 0 31461 200 OK - - (empty) - - - - - - Fu64Vqjy6nBop9nRd - application/x-shockwave-flash
|
||||
#close 2019-03-13-20-03-31
|
||||
#close 2019-07-31-18-53-16
|
||||
|
|
|
|||
|
|
@ -3,11 +3,11 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path tunnel
|
||||
#open 2016-07-13-16-13-06
|
||||
#open 2019-07-31-18-53-16
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p tunnel_type action
|
||||
#types time string addr port addr port enum enum
|
||||
1333458850.321642 CHhAvVGS1DHFjwGM9 167.55.105.244 5906 207.233.125.40 2152 Tunnel::GTPv1 Tunnel::DISCOVER
|
||||
1333458850.325787 C4J4Th3PJpwUYZZ6gc 207.233.125.40 2152 167.55.105.244 2152 Tunnel::GTPv1 Tunnel::DISCOVER
|
||||
1333458850.579544 CHhAvVGS1DHFjwGM9 167.55.105.244 5906 207.233.125.40 2152 Tunnel::GTPv1 Tunnel::CLOSE
|
||||
1333458850.579544 C4J4Th3PJpwUYZZ6gc 207.233.125.40 2152 167.55.105.244 2152 Tunnel::GTPv1 Tunnel::CLOSE
|
||||
#close 2016-07-13-16-13-06
|
||||
1333458850.579544 CHhAvVGS1DHFjwGM9 167.55.105.244 5906 207.233.125.40 2152 Tunnel::GTPv1 Tunnel::CLOSE
|
||||
#close 2019-07-31-18-53-16
|
||||
|
|
|
|||
|
|
@ -3,24 +3,24 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path conn
|
||||
#open 2016-07-13-16-13-08
|
||||
#open 2019-07-31-18-53-23
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
||||
#types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
||||
1333458850.014199 ClEkJM2Vm5giqnMf4h 172.24.204.200 56528 65.55.158.118 3544 udp teredo - - - S0 - - 0 D 1 88 0 0 CHhAvVGS1DHFjwGM9
|
||||
1333458850.035456 C0LAHyvtKSQHyJxIl 172.27.159.9 63912 94.245.121.253 3544 udp teredo - - - S0 - - 0 D 1 89 0 0 CwjjYJ2WqgTbAqiHl6
|
||||
1333458850.029783 C37jN32gN3y3AZzyf6 172.24.16.67 52298 65.55.158.118 3544 udp teredo - - - S0 - - 0 D 1 88 0 0 CmES5u32sYpV7JYN
|
||||
1333458850.040098 C7fIlMZDuRiqjpYbb 172.24.203.81 54447 65.55.158.118 3544 udp teredo 0.003698 120 0 S0 - - 0 D 2 176 0 0 CNnMIj2QSd84NKf7U3
|
||||
1333458850.037956 Ck51lg1bScffFj34Ri 190.104.181.57 2152 190.104.181.222 2152 udp gtpv1 - - - S0 - - 0 D 1 120 0 0 -
|
||||
1333458850.035460 C9rXSW3KSpTYvPrlI1 172.27.159.9 63912 94.245.121.254 3544 udp teredo - - - S0 - - 0 D 1 89 0 0 CwjjYJ2WqgTbAqiHl6
|
||||
1333458850.040098 CNnMIj2QSd84NKf7U3 174.94.190.229 2152 190.104.181.57 2152 udp gtpv1 0.003698 192 0 S0 - - 0 D 2 248 0 0 -
|
||||
1333458850.035456 CwjjYJ2WqgTbAqiHl6 190.104.181.210 2152 190.104.181.125 2152 udp gtpv1 0.000004 194 0 S0 - - 0 D 2 250 0 0 -
|
||||
1333458850.029781 CP5puj4I8PtEU4qzYg 172.24.16.67 52298 94.245.121.253 3544 udp teredo - - - S0 - - 0 D 1 88 0 0 CmES5u32sYpV7JYN
|
||||
1333458850.032887 C3eiCBGOLw3VtHfOj 10.131.42.160 62069 94.245.121.253 3544 udp teredo - - - SHR - - 0 ^d 0 0 1 84 C4J4Th3PJpwUYZZ6gc
|
||||
1333458850.037956 C9mvWx3ezztgzcexV7 10.131.112.102 51403 94.245.121.253 3544 udp teredo - - - SHR - - 0 ^d 0 0 1 84 Ck51lg1bScffFj34Ri
|
||||
1333458850.014199 CHhAvVGS1DHFjwGM9 174.94.190.213 2152 190.104.181.57 2152 udp gtpv1 - - - S0 - - 0 D 1 124 0 0 -
|
||||
1333458850.016620 C4J4Th3PJpwUYZZ6gc 174.94.190.229 2152 190.104.181.62 2152 udp gtpv1 0.016267 88 92 SF - - 0 Dd 1 116 1 120 -
|
||||
1333458850.029783 C37jN32gN3y3AZzyf6 172.24.16.67 52298 65.55.158.118 3544 udp teredo - - - S0 - - 0 D 1 88 0 0 CmES5u32sYpV7JYN
|
||||
1333458850.040098 C7fIlMZDuRiqjpYbb 172.24.203.81 54447 65.55.158.118 3544 udp teredo 0.003698 120 0 S0 - - 0 D 2 176 0 0 CNnMIj2QSd84NKf7U3
|
||||
1333458850.014199 ClEkJM2Vm5giqnMf4h 172.24.204.200 56528 65.55.158.118 3544 udp teredo - - - S0 - - 0 D 1 88 0 0 CHhAvVGS1DHFjwGM9
|
||||
1333458850.016620 CtPZjS20MLrsMUOJi2 172.24.16.121 61901 94.245.121.251 3544 udp teredo - - - S0 - - 0 D 1 80 0 0 C4J4Th3PJpwUYZZ6gc
|
||||
1333458850.029781 CP5puj4I8PtEU4qzYg 172.24.16.67 52298 94.245.121.253 3544 udp teredo - - - S0 - - 0 D 1 88 0 0 CmES5u32sYpV7JYN
|
||||
1333458850.035456 C0LAHyvtKSQHyJxIl 172.27.159.9 63912 94.245.121.253 3544 udp teredo - - - S0 - - 0 D 1 89 0 0 CwjjYJ2WqgTbAqiHl6
|
||||
1333458850.035460 C9rXSW3KSpTYvPrlI1 172.27.159.9 63912 94.245.121.254 3544 udp teredo - - - S0 - - 0 D 1 89 0 0 CwjjYJ2WqgTbAqiHl6
|
||||
1333458850.014199 CHhAvVGS1DHFjwGM9 174.94.190.213 2152 190.104.181.57 2152 udp gtpv1 - - - S0 - - 0 D 1 124 0 0 -
|
||||
1333458850.040098 CNnMIj2QSd84NKf7U3 174.94.190.229 2152 190.104.181.57 2152 udp gtpv1 0.003698 192 0 S0 - - 0 D 2 248 0 0 -
|
||||
1333458850.016620 C4J4Th3PJpwUYZZ6gc 174.94.190.229 2152 190.104.181.62 2152 udp gtpv1 0.016267 88 92 SF - - 0 Dd 1 116 1 120 -
|
||||
1333458850.037956 Ck51lg1bScffFj34Ri 190.104.181.57 2152 190.104.181.222 2152 udp gtpv1 - - - S0 - - 0 D 1 120 0 0 -
|
||||
1333458850.029781 CmES5u32sYpV7JYN 190.104.181.254 2152 190.104.181.62 2152 udp gtpv1 0.000002 192 0 S0 - - 0 D 2 248 0 0 -
|
||||
1333458850.035456 CwjjYJ2WqgTbAqiHl6 190.104.181.210 2152 190.104.181.125 2152 udp gtpv1 0.000004 194 0 S0 - - 0 D 2 250 0 0 -
|
||||
1333458850.016620 CUM0KZ3MLUfNB0cl11 2001:0:5ef5:79fb:38b8:1695:2b37:be8e 128 2002:2571:c817::2571:c817 129 icmp - - - - OTH - - 0 - 1 52 0 0 CtPZjS20MLrsMUOJi2
|
||||
1333458850.035456 CFLRIC3zaTU1loLGxh fe80::ffff:ffff:fffe 133 ff02::2 134 icmp - 0.000004 0 0 OTH - - 0 - 2 96 0 0 C9rXSW3KSpTYvPrlI1,C0LAHyvtKSQHyJxIl
|
||||
#close 2016-07-13-16-13-08
|
||||
#close 2019-07-31-18-53-23
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path tunnel
|
||||
#open 2016-07-13-16-13-08
|
||||
#open 2019-07-31-18-53-23
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p tunnel_type action
|
||||
#types time string addr port addr port enum enum
|
||||
1333458850.014199 CHhAvVGS1DHFjwGM9 174.94.190.213 2152 190.104.181.57 2152 Tunnel::GTPv1 Tunnel::DISCOVER
|
||||
|
|
@ -15,13 +15,13 @@
|
|||
1333458850.035460 C9rXSW3KSpTYvPrlI1 172.27.159.9 63912 94.245.121.254 3544 Tunnel::TEREDO Tunnel::DISCOVER
|
||||
1333458850.037956 Ck51lg1bScffFj34Ri 190.104.181.57 2152 190.104.181.222 2152 Tunnel::GTPv1 Tunnel::DISCOVER
|
||||
1333458850.040098 CNnMIj2QSd84NKf7U3 174.94.190.229 2152 190.104.181.57 2152 Tunnel::GTPv1 Tunnel::DISCOVER
|
||||
1333458850.043796 C0LAHyvtKSQHyJxIl 172.27.159.9 63912 94.245.121.253 3544 Tunnel::TEREDO Tunnel::CLOSE
|
||||
1333458850.043796 Ck51lg1bScffFj34Ri 190.104.181.57 2152 190.104.181.222 2152 Tunnel::GTPv1 Tunnel::CLOSE
|
||||
1333458850.043796 C9rXSW3KSpTYvPrlI1 172.27.159.9 63912 94.245.121.254 3544 Tunnel::TEREDO Tunnel::CLOSE
|
||||
1333458850.043796 CNnMIj2QSd84NKf7U3 174.94.190.229 2152 190.104.181.57 2152 Tunnel::GTPv1 Tunnel::CLOSE
|
||||
1333458850.043796 CwjjYJ2WqgTbAqiHl6 190.104.181.210 2152 190.104.181.125 2152 Tunnel::GTPv1 Tunnel::CLOSE
|
||||
1333458850.043796 CHhAvVGS1DHFjwGM9 174.94.190.213 2152 190.104.181.57 2152 Tunnel::GTPv1 Tunnel::CLOSE
|
||||
1333458850.043796 C4J4Th3PJpwUYZZ6gc 174.94.190.229 2152 190.104.181.62 2152 Tunnel::GTPv1 Tunnel::CLOSE
|
||||
1333458850.043796 CtPZjS20MLrsMUOJi2 172.24.16.121 61901 94.245.121.251 3544 Tunnel::TEREDO Tunnel::CLOSE
|
||||
1333458850.043796 C0LAHyvtKSQHyJxIl 172.27.159.9 63912 94.245.121.253 3544 Tunnel::TEREDO Tunnel::CLOSE
|
||||
1333458850.043796 C9rXSW3KSpTYvPrlI1 172.27.159.9 63912 94.245.121.254 3544 Tunnel::TEREDO Tunnel::CLOSE
|
||||
1333458850.043796 CHhAvVGS1DHFjwGM9 174.94.190.213 2152 190.104.181.57 2152 Tunnel::GTPv1 Tunnel::CLOSE
|
||||
1333458850.043796 CNnMIj2QSd84NKf7U3 174.94.190.229 2152 190.104.181.57 2152 Tunnel::GTPv1 Tunnel::CLOSE
|
||||
1333458850.043796 C4J4Th3PJpwUYZZ6gc 174.94.190.229 2152 190.104.181.62 2152 Tunnel::GTPv1 Tunnel::CLOSE
|
||||
1333458850.043796 Ck51lg1bScffFj34Ri 190.104.181.57 2152 190.104.181.222 2152 Tunnel::GTPv1 Tunnel::CLOSE
|
||||
1333458850.043796 CmES5u32sYpV7JYN 190.104.181.254 2152 190.104.181.62 2152 Tunnel::GTPv1 Tunnel::CLOSE
|
||||
#close 2016-07-13-16-13-08
|
||||
1333458850.043796 CwjjYJ2WqgTbAqiHl6 190.104.181.210 2152 190.104.181.125 2152 Tunnel::GTPv1 Tunnel::CLOSE
|
||||
#close 2019-07-31-18-53-23
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path conn
|
||||
#open 2016-07-13-16-13-14
|
||||
#open 2019-07-31-18-53-28
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
||||
#types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
||||
1210953047.736921 ClEkJM2Vm5giqnMf4h 192.168.2.16 1576 75.126.130.163 80 tcp - 0.000357 0 0 SHR - - 0 ^fA 1 40 1 40 -
|
||||
|
|
@ -16,15 +16,15 @@
|
|||
1210953074.264819 CtxTCR2Yer0FR1tIBg 192.168.2.16 1920 192.168.2.1 53 udp dns 0.297723 123 598 SF - - 0 Dd 3 207 3 682 -
|
||||
1210953074.570439 CpmdRlaUoJLN3uIRa 192.168.2.16 1580 67.228.110.120 80 tcp http 0.466677 469 3916 SF - - 0 ShADadFf 7 757 6 4164 -
|
||||
1210953074.057124 CykQaM33ztNt0csB9a 192.168.2.16 1576 75.126.130.163 80 tcp - - - - RSTRH - - 0 ^r 0 0 1 40 -
|
||||
1210953061.312379 CNnMIj2QSd84NKf7U3 2001:0:4137:9e50:8000:f12a:b9c8:2815 1286 2001:4860:0:2001::68 80 tcp http 12.810848 1675 10467 S1 - - 0 ShADad 10 2279 12 11191 Ck51lg1bScffFj34Ri
|
||||
1210953076.058333 C1Xkzz2MaGtLrc1Tla 192.168.2.16 1578 75.126.203.78 80 tcp - - - - RSTRH - - 0 ^r 0 0 1 40 -
|
||||
1210953074.055744 C7fIlMZDuRiqjpYbb 192.168.2.16 1577 75.126.203.78 80 tcp - - - - RSTRH - - 0 ^r 0 0 1 40 -
|
||||
1210953052.324629 CmES5u32sYpV7JYN 192.168.2.16 3797 65.55.158.81 3544 udp - - - - SHR - - 0 ^d 0 0 1 137 -
|
||||
1210953052.202579 CtPZjS20MLrsMUOJi2 192.168.2.16 3797 65.55.158.80 3544 udp teredo 8.928880 129 48 SF - - 0 Dd 2 185 1 76 -
|
||||
1210953076.058333 C1Xkzz2MaGtLrc1Tla 192.168.2.16 1578 75.126.203.78 80 tcp - - - - RSTRH - - 0 ^r 0 0 1 40 -
|
||||
1210953061.312379 CNnMIj2QSd84NKf7U3 2001:0:4137:9e50:8000:f12a:b9c8:2815 1286 2001:4860:0:2001::68 80 tcp http 12.810848 1675 10467 S1 - - 0 ShADad 10 2279 12 11191 Ck51lg1bScffFj34Ri
|
||||
1210953058.933954 C9rXSW3KSpTYvPrlI1 0.0.0.0 68 255.255.255.255 67 udp dhcp - - - S0 - - 0 D 1 328 0 0 -
|
||||
1210953052.202579 CtPZjS20MLrsMUOJi2 192.168.2.16 3797 65.55.158.80 3544 udp teredo 8.928880 129 48 SF - - 0 Dd 2 185 1 76 -
|
||||
1210953052.324629 CmES5u32sYpV7JYN 192.168.2.16 3797 65.55.158.81 3544 udp - - - - SHR - - 0 ^d 0 0 1 137 -
|
||||
1210953060.829233 Ck51lg1bScffFj34Ri 192.168.2.16 3797 83.170.1.38 32900 udp teredo 13.293994 2359 11243 SF - - 0 Dd 12 2695 13 11607 -
|
||||
1210953046.591933 CHhAvVGS1DHFjwGM9 192.168.2.16 138 192.168.2.255 138 udp - 28.448321 416 0 S0 - - 0 D 2 472 0 0 -
|
||||
1210953052.324629 CP5puj4I8PtEU4qzYg fe80::8000:f227:bec8:61af 134 fe80::8000:ffff:ffff:fffd 133 icmp - - - - OTH - - 0 - 1 88 0 0 CmES5u32sYpV7JYN
|
||||
1210953060.829303 C9mvWx3ezztgzcexV7 2001:0:4137:9e50:8000:f12a:b9c8:2815 128 2001:4860:0:2001::68 129 icmp - 0.463615 4 4 OTH - - 0 - 1 52 1 52 CtPZjS20MLrsMUOJi2,Ck51lg1bScffFj34Ri
|
||||
1210953052.324629 CP5puj4I8PtEU4qzYg fe80::8000:f227:bec8:61af 134 fe80::8000:ffff:ffff:fffd 133 icmp - - - - OTH - - 0 - 1 88 0 0 CmES5u32sYpV7JYN
|
||||
1210953052.202579 CUM0KZ3MLUfNB0cl11 fe80::8000:ffff:ffff:fffd 133 ff02::2 134 icmp - - - - OTH - - 0 - 1 64 0 0 CtPZjS20MLrsMUOJi2
|
||||
#close 2016-07-13-16-13-14
|
||||
#close 2019-07-31-18-53-28
|
||||
|
|
|
|||
|
|
@ -3,11 +3,11 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path http
|
||||
#open 2019-03-13-20-10-25
|
||||
#open 2019-07-31-18-53-28
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p trans_depth method host uri referrer version user_agent origin request_body_len response_body_len status_code status_msg info_code info_msg tags username password proxied orig_fuids orig_filenames orig_mime_types resp_fuids resp_filenames resp_mime_types
|
||||
#types time string addr port addr port count string string string string string string string count count count string count string set[enum] string string set[string] vector[string] vector[string] vector[string] vector[string] vector[string] vector[string]
|
||||
1210953057.917183 C3eiCBGOLw3VtHfOj 192.168.2.16 1578 75.126.203.78 80 1 POST download913.avast.com /cgi-bin/iavs4stats.cgi - 1.1 Syncer/4.80 (av_pro-1169;f) - 589 0 204 <empty> - - (empty) - - - Fp32SIJztq0Szn5Qc - text/plain - - -
|
||||
1210953061.585996 CNnMIj2QSd84NKf7U3 2001:0:4137:9e50:8000:f12a:b9c8:2815 1286 2001:4860:0:2001::68 80 1 GET ipv6.google.com / - 1.1 Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9b5) Gecko/2008032620 Firefox/3.0b5 - 0 6640 200 OK - - (empty) - - - - - - FNFYdH11h5iQcoD3a2 - text/html
|
||||
1210953073.381474 CNnMIj2QSd84NKf7U3 2001:0:4137:9e50:8000:f12a:b9c8:2815 1286 2001:4860:0:2001::68 80 2 GET ipv6.google.com /search?hl=en&q=Wireshark+!&btnG=Google+Search http://ipv6.google.com/ 1.1 Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9b5) Gecko/2008032620 Firefox/3.0b5 - 0 25119 200 OK - - (empty) - - - - - - FHD5nv1iSVFZVM0aH7 - text/html
|
||||
1210953074.674817 CpmdRlaUoJLN3uIRa 192.168.2.16 1580 67.228.110.120 80 1 GET www.wireshark.org / http://ipv6.google.com/search?hl=en&q=Wireshark+%21&btnG=Google+Search 1.1 Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9b5) Gecko/2008032620 Firefox/3.0b5 - 0 11845 200 OK - - (empty) - - - - - - FS7lUf2cJFAVBCu6w6 - text/html
|
||||
#close 2019-03-13-20-10-25
|
||||
#close 2019-07-31-18-53-28
|
||||
|
|
|
|||
|
|
@ -3,13 +3,13 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path tunnel
|
||||
#open 2016-07-13-16-13-14
|
||||
#open 2019-07-31-18-53-28
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p tunnel_type action
|
||||
#types time string addr port addr port enum enum
|
||||
1210953052.202579 CtPZjS20MLrsMUOJi2 192.168.2.16 3797 65.55.158.80 3544 Tunnel::TEREDO Tunnel::DISCOVER
|
||||
1210953052.324629 CmES5u32sYpV7JYN 192.168.2.16 3797 65.55.158.81 3544 Tunnel::TEREDO Tunnel::DISCOVER
|
||||
1210953061.292918 Ck51lg1bScffFj34Ri 192.168.2.16 3797 83.170.1.38 32900 Tunnel::TEREDO Tunnel::DISCOVER
|
||||
1210953076.058333 CmES5u32sYpV7JYN 192.168.2.16 3797 65.55.158.81 3544 Tunnel::TEREDO Tunnel::CLOSE
|
||||
1210953076.058333 CtPZjS20MLrsMUOJi2 192.168.2.16 3797 65.55.158.80 3544 Tunnel::TEREDO Tunnel::CLOSE
|
||||
1210953076.058333 CmES5u32sYpV7JYN 192.168.2.16 3797 65.55.158.81 3544 Tunnel::TEREDO Tunnel::CLOSE
|
||||
1210953076.058333 Ck51lg1bScffFj34Ri 192.168.2.16 3797 83.170.1.38 32900 Tunnel::TEREDO Tunnel::CLOSE
|
||||
#close 2016-07-13-16-13-14
|
||||
#close 2019-07-31-18-53-28
|
||||
|
|
|
|||
|
|
@ -3,14 +3,14 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path conn
|
||||
#open 2016-07-13-16-13-14
|
||||
#open 2019-07-31-18-53-34
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
||||
#types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
||||
1340127577.354166 CP5puj4I8PtEU4qzYg 2001:0:4137:9e50:8000:f12a:b9c8:2815 1286 2001:4860:0:2001::68 80 tcp http 0.052829 1675 10467 S1 - - 0 ShADad 10 2279 12 11191 CUM0KZ3MLUfNB0cl11
|
||||
1340127577.339015 C4J4Th3PJpwUYZZ6gc 192.168.2.16 3797 65.55.158.81 3544 udp - - - - SHR - - 0 ^d 0 0 1 137 -
|
||||
1340127577.336558 CHhAvVGS1DHFjwGM9 192.168.2.16 3797 65.55.158.80 3544 udp teredo 0.010291 129 52 SF - - 0 Dd 2 185 1 80 -
|
||||
1340127577.339015 C4J4Th3PJpwUYZZ6gc 192.168.2.16 3797 65.55.158.81 3544 udp - - - - SHR - - 0 ^d 0 0 1 137 -
|
||||
1340127577.341510 CUM0KZ3MLUfNB0cl11 192.168.2.16 3797 83.170.1.38 32900 udp teredo 0.065485 2367 11243 SF - - 0 Dd 12 2703 13 11607 -
|
||||
1340127577.339015 CtPZjS20MLrsMUOJi2 fe80::8000:f227:bec8:61af 134 fe80::8000:ffff:ffff:fffd 133 icmp - - - - OTH - - 0 - 1 88 0 0 C4J4Th3PJpwUYZZ6gc
|
||||
1340127577.343969 CmES5u32sYpV7JYN 2001:0:4137:9e50:8000:f12a:b9c8:2815 128 2001:4860:0:2001::68 129 icmp - 0.007778 4 4 OTH - - 0 - 1 52 1 52 CUM0KZ3MLUfNB0cl11,CHhAvVGS1DHFjwGM9
|
||||
1340127577.339015 CtPZjS20MLrsMUOJi2 fe80::8000:f227:bec8:61af 134 fe80::8000:ffff:ffff:fffd 133 icmp - - - - OTH - - 0 - 1 88 0 0 C4J4Th3PJpwUYZZ6gc
|
||||
1340127577.336558 ClEkJM2Vm5giqnMf4h fe80::8000:ffff:ffff:fffd 133 ff02::2 134 icmp - - - - OTH - - 0 - 1 64 0 0 CHhAvVGS1DHFjwGM9
|
||||
#close 2016-07-13-16-13-14
|
||||
#close 2019-07-31-18-53-34
|
||||
|
|
|
|||
|
|
@ -3,9 +3,9 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path http
|
||||
#open 2019-03-13-19-35-20
|
||||
#open 2019-07-31-18-53-34
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p trans_depth method host uri referrer version user_agent origin request_body_len response_body_len status_code status_msg info_code info_msg tags username password proxied orig_fuids orig_filenames orig_mime_types resp_fuids resp_filenames resp_mime_types
|
||||
#types time string addr port addr port count string string string string string string string count count count string count string set[enum] string string set[string] vector[string] vector[string] vector[string] vector[string] vector[string] vector[string]
|
||||
1340127577.361683 CP5puj4I8PtEU4qzYg 2001:0:4137:9e50:8000:f12a:b9c8:2815 1286 2001:4860:0:2001::68 80 1 GET ipv6.google.com / - 1.1 Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9b5) Gecko/2008032620 Firefox/3.0b5 - 0 6640 200 OK - - (empty) - - - - - - FWSTWv4EZLVlc2Zywi - text/html
|
||||
1340127577.379360 CP5puj4I8PtEU4qzYg 2001:0:4137:9e50:8000:f12a:b9c8:2815 1286 2001:4860:0:2001::68 80 2 GET ipv6.google.com /search?hl=en&q=Wireshark+!&btnG=Google+Search http://ipv6.google.com/ 1.1 Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9b5) Gecko/2008032620 Firefox/3.0b5 - 0 25119 200 OK - - (empty) - - - - - - FGKV3B3jz083xhGO13 - text/html
|
||||
#close 2019-03-13-19-35-20
|
||||
#close 2019-07-31-18-53-34
|
||||
|
|
|
|||
|
|
@ -3,13 +3,13 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path tunnel
|
||||
#open 2016-07-13-16-13-14
|
||||
#open 2019-07-31-18-53-34
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p tunnel_type action
|
||||
#types time string addr port addr port enum enum
|
||||
1340127577.336558 CHhAvVGS1DHFjwGM9 192.168.2.16 3797 65.55.158.80 3544 Tunnel::TEREDO Tunnel::DISCOVER
|
||||
1340127577.339015 C4J4Th3PJpwUYZZ6gc 192.168.2.16 3797 65.55.158.81 3544 Tunnel::TEREDO Tunnel::DISCOVER
|
||||
1340127577.351747 CUM0KZ3MLUfNB0cl11 192.168.2.16 3797 83.170.1.38 32900 Tunnel::TEREDO Tunnel::DISCOVER
|
||||
1340127577.406995 C4J4Th3PJpwUYZZ6gc 192.168.2.16 3797 65.55.158.81 3544 Tunnel::TEREDO Tunnel::CLOSE
|
||||
1340127577.406995 CHhAvVGS1DHFjwGM9 192.168.2.16 3797 65.55.158.80 3544 Tunnel::TEREDO Tunnel::CLOSE
|
||||
1340127577.406995 C4J4Th3PJpwUYZZ6gc 192.168.2.16 3797 65.55.158.81 3544 Tunnel::TEREDO Tunnel::CLOSE
|
||||
1340127577.406995 CUM0KZ3MLUfNB0cl11 192.168.2.16 3797 83.170.1.38 32900 Tunnel::TEREDO Tunnel::CLOSE
|
||||
#close 2016-07-13-16-13-14
|
||||
#close 2019-07-31-18-53-34
|
||||
|
|
|
|||
|
|
@ -3,9 +3,9 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path weird
|
||||
#open 2019-06-07-01-59-35
|
||||
#open 2019-07-31-18-53-34
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p name addl notice peer
|
||||
#types time string addr port addr port string string bool string
|
||||
1340127577.341510 CUM0KZ3MLUfNB0cl11 192.168.2.16 3797 83.170.1.38 32900 Teredo_bubble_with_payload - F zeek
|
||||
1340127577.346849 CHhAvVGS1DHFjwGM9 192.168.2.16 3797 65.55.158.80 3544 Teredo_bubble_with_payload - F zeek
|
||||
#close 2019-06-07-01-59-35
|
||||
#close 2019-07-31-18-53-34
|
||||
|
|
|
|||
|
|
@ -3,12 +3,12 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path conn
|
||||
#open 2019-03-12-03-29-46
|
||||
#open 2019-07-31-18-53-40
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
||||
#types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
||||
1467818432.676047 C4J4Th3PJpwUYZZ6gc 192.168.56.11 48134 192.168.56.12 4789 udp vxlan 3.004434 424 0 S0 - - 0 D 4 536 0 0 -
|
||||
1467818432.675392 CHhAvVGS1DHFjwGM9 192.168.56.11 39924 192.168.56.12 4789 udp - - - - S0 - - 0 D 1 78 0 0 -
|
||||
1467818432.675732 ClEkJM2Vm5giqnMf4h 192.168.56.12 40908 192.168.56.11 4789 udp - - - - S0 - - 0 D 1 78 0 0 -
|
||||
1467818432.676385 CUM0KZ3MLUfNB0cl11 192.168.56.12 38071 192.168.56.11 4789 udp vxlan 3.004278 424 0 S0 - - 0 D 4 536 0 0 -
|
||||
1467818432.675732 ClEkJM2Vm5giqnMf4h 192.168.56.12 40908 192.168.56.11 4789 udp - - - - S0 - - 0 D 1 78 0 0 -
|
||||
1467818432.675392 CHhAvVGS1DHFjwGM9 192.168.56.11 39924 192.168.56.12 4789 udp - - - - S0 - - 0 D 1 78 0 0 -
|
||||
1467818432.676047 C4J4Th3PJpwUYZZ6gc 192.168.56.11 48134 192.168.56.12 4789 udp vxlan 3.004434 424 0 S0 - - 0 D 4 536 0 0 -
|
||||
1467818432.676047 CtPZjS20MLrsMUOJi2 10.0.0.1 8 10.0.0.2 0 icmp - 3.004616 224 224 OTH - - 0 - 4 336 4 336 CUM0KZ3MLUfNB0cl11,C4J4Th3PJpwUYZZ6gc
|
||||
#close 2019-03-12-03-29-46
|
||||
#close 2019-07-31-18-53-40
|
||||
|
|
|
|||
|
|
@ -3,11 +3,11 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path tunnel
|
||||
#open 2019-03-12-03-29-46
|
||||
#open 2019-07-31-18-53-40
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p tunnel_type action
|
||||
#types time string addr port addr port enum enum
|
||||
1467818432.676047 C4J4Th3PJpwUYZZ6gc 192.168.56.11 48134 192.168.56.12 4789 Tunnel::VXLAN Tunnel::DISCOVER
|
||||
1467818432.676385 CUM0KZ3MLUfNB0cl11 192.168.56.12 38071 192.168.56.11 4789 Tunnel::VXLAN Tunnel::DISCOVER
|
||||
1467818435.680663 C4J4Th3PJpwUYZZ6gc 192.168.56.11 48134 192.168.56.12 4789 Tunnel::VXLAN Tunnel::CLOSE
|
||||
1467818435.680663 CUM0KZ3MLUfNB0cl11 192.168.56.12 38071 192.168.56.11 4789 Tunnel::VXLAN Tunnel::CLOSE
|
||||
#close 2019-03-12-03-29-46
|
||||
1467818435.680663 C4J4Th3PJpwUYZZ6gc 192.168.56.11 48134 192.168.56.12 4789 Tunnel::VXLAN Tunnel::CLOSE
|
||||
#close 2019-07-31-18-53-40
|
||||
|
|
|
|||
|
|
@ -3,11 +3,11 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path pe
|
||||
#open 2016-07-13-16-14-17
|
||||
#open 2019-07-31-20-22-07
|
||||
#fields ts id machine compile_ts os subsystem is_exe is_64bit uses_aslr uses_dep uses_code_integrity uses_seh has_import_table has_export_table has_cert_table has_debug_data section_names
|
||||
#types time string string time string string bool bool bool bool bool bool bool bool bool bool vector[string]
|
||||
1429466342.201366 Fz2N9x4SAxQiSnI6mk unknown-475 0.000000 - - F T F F F T - - - - -
|
||||
1429466342.225653 Fzysjj1zfjAcgWgm22 I386 1171692517.000000 Windows XP x64 or Server 2003 WINDOWS_GUI T F F F F T T F F T .text,.data,.rsrc
|
||||
1429466342.250474 FOuWFKf04xcHH4ck I386 1210911433.000000 Windows 95 or NT 4.0 WINDOWS_CUI T F F F F T T F T T .text,.rdata,.data,.rsrc
|
||||
1429466342.278998 F5fc4q3zhJHmYSvm8a I386 1402852568.000000 Windows 95 or NT 4.0 WINDOWS_GUI T F F F F T T T F F .text,.Ddata,.data,.rsrc
|
||||
1429466342.225653 Fzysjj1zfjAcgWgm22 I386 1171692517.000000 Windows XP x64 or Server 2003 WINDOWS_GUI T F F F F T T F F T .text,.data,.rsrc
|
||||
#close 2016-07-13-16-14-17
|
||||
#close 2019-07-31-20-22-07
|
||||
|
|
|
|||
|
|
@ -3,41 +3,41 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path conn
|
||||
#open 2016-08-10-20-36-59
|
||||
#open 2019-08-01-00-38-38
|
||||
#fields _write_ts _stream _innerLogged.a _innerLogged.c _innerLogged.d _system_name ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
||||
#types time string count count set[count] string time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475169.780331 C3eiCBGOLw3VtHfOj 173.192.163.128 80 141.142.220.235 6705 tcp - - - - OTH - - 0 H 1 48 0 0 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.892913 CmES5u32sYpV7JYN 141.142.220.118 49999 208.80.152.3 80 tcp - 0.220961 1137 733 S1 - - 0 ShADad 6 1457 4 949 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.724007 CHhAvVGS1DHFjwGM9 141.142.220.118 48649 208.80.152.118 80 tcp - 0.119905 525 232 S1 - - 0 ShADad 4 741 3 396 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.855330 ClEkJM2Vm5giqnMf4h 141.142.220.118 49997 208.80.152.3 80 tcp - 0.219720 1125 734 S1 - - 0 ShADad 6 1445 4 950 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.855305 C4J4Th3PJpwUYZZ6gc 141.142.220.118 49996 208.80.152.3 80 tcp - 0.218501 1171 733 S1 - - 0 ShADad 6 1491 4 949 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.652003 CwjjYJ2WqgTbAqiHl6 141.142.220.118 35634 208.80.152.2 80 tcp - 0.061329 463 350 OTH - - 0 DdA 2 567 1 402 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.902635 C37jN32gN3y3AZzyf6 141.142.220.118 35642 208.80.152.2 80 tcp - 0.120041 534 412 S1 - - 0 ShADad 4 750 3 576 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.855305 C4J4Th3PJpwUYZZ6gc 141.142.220.118 49996 208.80.152.3 80 tcp - 0.218501 1171 733 S1 - - 0 ShADad 6 1491 4 949 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.855330 ClEkJM2Vm5giqnMf4h 141.142.220.118 49997 208.80.152.3 80 tcp - 0.219720 1125 734 S1 - - 0 ShADad 6 1445 4 950 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.859163 CtPZjS20MLrsMUOJi2 141.142.220.118 49998 208.80.152.3 80 tcp - 0.215893 1130 734 S1 - - 0 ShADad 6 1450 4 950 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.892913 CmES5u32sYpV7JYN 141.142.220.118 49999 208.80.152.3 80 tcp - 0.220961 1137 733 S1 - - 0 ShADad 6 1457 4 949 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.892936 CUM0KZ3MLUfNB0cl11 141.142.220.118 50000 208.80.152.3 80 tcp - 0.229603 1148 734 S1 - - 0 ShADad 6 1468 4 950 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.895267 CP5puj4I8PtEU4qzYg 141.142.220.118 50001 208.80.152.3 80 tcp - 0.227284 1178 734 S1 - - 0 ShADad 6 1498 4 950 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.853899 C0LAHyvtKSQHyJxIl 141.142.220.118 43927 141.142.2.2 53 udp - 0.000435 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.901749 CFLRIC3zaTU1loLGxh 141.142.220.118 56056 141.142.2.2 53 udp - 0.000402 36 131 SF - - 0 Dd 1 64 1 159 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.902195 C9rXSW3KSpTYvPrlI1 141.142.220.118 55092 141.142.2.2 53 udp - 0.000374 36 198 SF - - 0 Dd 1 64 1 226 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.858713 Ck51lg1bScffFj34Ri 141.142.220.118 59714 141.142.2.2 53 udp - 0.000375 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475167.099816 C9mvWx3ezztgzcexV7 141.142.220.50 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 179 0 0 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.854837 CNnMIj2QSd84NKf7U3 141.142.220.118 40526 141.142.2.2 53 udp - 0.000392 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.724007 CHhAvVGS1DHFjwGM9 141.142.220.118 48649 208.80.152.118 80 tcp - 0.119905 525 232 S1 - - 0 ShADad 4 741 3 396 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.857956 C0LAHyvtKSQHyJxIl 141.142.220.118 32902 141.142.2.2 53 udp - 0.000317 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.854378 CFLRIC3zaTU1loLGxh 141.142.220.118 37676 141.142.2.2 53 udp - 0.000420 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.892037 C9rXSW3KSpTYvPrlI1 141.142.220.118 38911 141.142.2.2 53 udp - 0.000335 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.854837 Ck51lg1bScffFj34Ri 141.142.220.118 40526 141.142.2.2 53 udp - 0.000392 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.853899 C9mvWx3ezztgzcexV7 141.142.220.118 43927 141.142.2.2 53 udp - 0.000435 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.893988 CNnMIj2QSd84NKf7U3 141.142.220.118 45000 141.142.2.2 53 udp - 0.000384 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.894787 C7fIlMZDuRiqjpYbb 141.142.220.118 48128 141.142.2.2 53 udp - 0.000423 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.894422 CykQaM33ztNt0csB9a 141.142.220.118 48479 141.142.2.2 53 udp - 0.000317 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475169.899438 CtxTCR2Yer0FR1tIBg 141.142.220.44 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 85 0 0 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475170.862384 CpmdRlaUoJLN3uIRa 141.142.220.226 137 141.142.220.255 137 udp - 2.613017 350 0 S0 - - 0 D 7 546 0 0 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.892414 C1Xkzz2MaGtLrc1Tla 141.142.220.118 59746 141.142.2.2 53 udp - 0.000421 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.858306 CqlVyW1YwZ15RhTBc4 141.142.220.118 59816 141.142.2.2 53 udp - 0.000343 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475167.097012 CLNN1k2QMum1aexUK7 fe80::217:f2ff:fed7:cf65 5353 ff02::fb 5353 udp - - - - S0 - - 0 D 1 199 0 0 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475173.117362 CBA8792iHmnhPLksKa 141.142.220.226 55671 224.0.0.252 5355 udp - 0.099849 66 0 S0 - - 0 D 2 122 0 0 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475173.153679 CGLPPc35OzDQij1XX8 141.142.220.238 56641 141.142.220.255 137 udp - - - - S0 - - 0 D 1 78 0 0 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.892037 CiyBAq1bBLNaTiTAc 141.142.220.118 38911 141.142.2.2 53 udp - 0.000335 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475171.675372 CFSwNi4CNGxcuffo49 fe80::3074:17d5:2052:c324 65373 ff02::1:3 5355 udp - 0.100096 66 0 S0 - - 0 D 2 162 0 0 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475167.096535 Cipfzj1BEnhejw8cGf 141.142.220.202 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 73 0 0 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.854378 CV5WJ42jPYbNW9JNWf 141.142.220.118 37676 141.142.2.2 53 udp - 0.000420 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475171.677081 CPhDKt12KQPUVbQz06 141.142.220.226 55131 224.0.0.252 5355 udp - 0.100021 66 0 S0 - - 0 D 2 122 0 0 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475173.116749 CAnFrb2Cvxr5T7quOc fe80::3074:17d5:2052:c324 54213 ff02::1:3 5355 udp - 0.099801 66 0 S0 - - 0 D 2 162 0 0 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.893988 C8rquZ3DjgNW06JGLl 141.142.220.118 45000 141.142.2.2 53 udp - 0.000384 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.857956 CzrZOtXqhwwndQva3 141.142.220.118 32902 141.142.2.2 53 udp - 0.000317 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.891644 CaGCc13FffXe6RkQl9 141.142.220.118 58206 141.142.2.2 53 udp - 0.000339 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
#close 2016-08-10-20-36-59
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.902195 CtxTCR2Yer0FR1tIBg 141.142.220.118 55092 141.142.2.2 53 udp - 0.000374 36 198 SF - - 0 Dd 1 64 1 226 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.901749 CpmdRlaUoJLN3uIRa 141.142.220.118 56056 141.142.2.2 53 udp - 0.000402 36 131 SF - - 0 Dd 1 64 1 159 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.891644 C1Xkzz2MaGtLrc1Tla 141.142.220.118 58206 141.142.2.2 53 udp - 0.000339 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.858713 CqlVyW1YwZ15RhTBc4 141.142.220.118 59714 141.142.2.2 53 udp - 0.000375 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.892414 CLNN1k2QMum1aexUK7 141.142.220.118 59746 141.142.2.2 53 udp - 0.000421 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475168.858306 CBA8792iHmnhPLksKa 141.142.220.118 59816 141.142.2.2 53 udp - 0.000343 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475169.899438 CGLPPc35OzDQij1XX8 141.142.220.44 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 85 0 0 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475167.099816 CiyBAq1bBLNaTiTAc 141.142.220.50 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 179 0 0 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475167.096535 CFSwNi4CNGxcuffo49 141.142.220.202 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 73 0 0 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475170.862384 Cipfzj1BEnhejw8cGf 141.142.220.226 137 141.142.220.255 137 udp - 2.613017 350 0 S0 - - 0 D 7 546 0 0 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475171.677081 CV5WJ42jPYbNW9JNWf 141.142.220.226 55131 224.0.0.252 5355 udp - 0.100021 66 0 S0 - - 0 D 2 122 0 0 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475173.117362 CPhDKt12KQPUVbQz06 141.142.220.226 55671 224.0.0.252 5355 udp - 0.099849 66 0 S0 - - 0 D 2 122 0 0 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475173.153679 CAnFrb2Cvxr5T7quOc 141.142.220.238 56641 141.142.220.255 137 udp - - - - S0 - - 0 D 1 78 0 0 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475167.097012 C8rquZ3DjgNW06JGLl fe80::217:f2ff:fed7:cf65 5353 ff02::fb 5353 udp - - - - S0 - - 0 D 1 199 0 0 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475173.116749 CzrZOtXqhwwndQva3 fe80::3074:17d5:2052:c324 54213 ff02::1:3 5355 udp - 0.099801 66 0 S0 - - 0 D 2 162 0 0 -
|
||||
1300475173.475401 conn 1 3 2,4,1,3 - 1300475171.675372 CaGCc13FffXe6RkQl9 fe80::3074:17d5:2052:c324 65373 ff02::1:3 5355 udp - 0.100096 66 0 S0 - - 0 D 2 162 0 0 -
|
||||
#close 2019-08-01-00-38-38
|
||||
|
|
|
|||
|
|
@ -3,41 +3,41 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path conn
|
||||
#open 2019-06-07-02-20-04
|
||||
#open 2019-08-01-00-38-35
|
||||
#fields _write_ts _system_name _undefined_string ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
||||
#types time string string time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
||||
1300475173.475401 zeek - 1300475173.475401 C3eiCBGOLw3VtHfOj 173.192.163.128 80 141.142.220.235 6705 tcp - - - - OTH - - 0 H 1 48 0 0 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CmES5u32sYpV7JYN 141.142.220.118 49999 208.80.152.3 80 tcp - 0.220961 1137 733 S1 - - 0 ShADad 6 1457 4 949 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CHhAvVGS1DHFjwGM9 141.142.220.118 48649 208.80.152.118 80 tcp - 0.119905 525 232 S1 - - 0 ShADad 4 741 3 396 -
|
||||
1300475173.475401 zeek - 1300475173.475401 ClEkJM2Vm5giqnMf4h 141.142.220.118 49997 208.80.152.3 80 tcp - 0.219720 1125 734 S1 - - 0 ShADad 6 1445 4 950 -
|
||||
1300475173.475401 zeek - 1300475173.475401 C4J4Th3PJpwUYZZ6gc 141.142.220.118 49996 208.80.152.3 80 tcp - 0.218501 1171 733 S1 - - 0 ShADad 6 1491 4 949 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CwjjYJ2WqgTbAqiHl6 141.142.220.118 35634 208.80.152.2 80 tcp - 0.061329 463 350 OTH - - 0 DdA 2 567 1 402 -
|
||||
1300475173.475401 zeek - 1300475173.475401 C37jN32gN3y3AZzyf6 141.142.220.118 35642 208.80.152.2 80 tcp - 0.120041 534 412 S1 - - 0 ShADad 4 750 3 576 -
|
||||
1300475173.475401 zeek - 1300475173.475401 C4J4Th3PJpwUYZZ6gc 141.142.220.118 49996 208.80.152.3 80 tcp - 0.218501 1171 733 S1 - - 0 ShADad 6 1491 4 949 -
|
||||
1300475173.475401 zeek - 1300475173.475401 ClEkJM2Vm5giqnMf4h 141.142.220.118 49997 208.80.152.3 80 tcp - 0.219720 1125 734 S1 - - 0 ShADad 6 1445 4 950 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CtPZjS20MLrsMUOJi2 141.142.220.118 49998 208.80.152.3 80 tcp - 0.215893 1130 734 S1 - - 0 ShADad 6 1450 4 950 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CmES5u32sYpV7JYN 141.142.220.118 49999 208.80.152.3 80 tcp - 0.220961 1137 733 S1 - - 0 ShADad 6 1457 4 949 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CUM0KZ3MLUfNB0cl11 141.142.220.118 50000 208.80.152.3 80 tcp - 0.229603 1148 734 S1 - - 0 ShADad 6 1468 4 950 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CP5puj4I8PtEU4qzYg 141.142.220.118 50001 208.80.152.3 80 tcp - 0.227284 1178 734 S1 - - 0 ShADad 6 1498 4 950 -
|
||||
1300475173.475401 zeek - 1300475173.475401 C0LAHyvtKSQHyJxIl 141.142.220.118 43927 141.142.2.2 53 udp - 0.000435 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CFLRIC3zaTU1loLGxh 141.142.220.118 56056 141.142.2.2 53 udp - 0.000402 36 131 SF - - 0 Dd 1 64 1 159 -
|
||||
1300475173.475401 zeek - 1300475173.475401 C9rXSW3KSpTYvPrlI1 141.142.220.118 55092 141.142.2.2 53 udp - 0.000374 36 198 SF - - 0 Dd 1 64 1 226 -
|
||||
1300475173.475401 zeek - 1300475173.475401 Ck51lg1bScffFj34Ri 141.142.220.118 59714 141.142.2.2 53 udp - 0.000375 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475173.475401 zeek - 1300475173.475401 C9mvWx3ezztgzcexV7 141.142.220.50 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 179 0 0 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CNnMIj2QSd84NKf7U3 141.142.220.118 40526 141.142.2.2 53 udp - 0.000392 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CHhAvVGS1DHFjwGM9 141.142.220.118 48649 208.80.152.118 80 tcp - 0.119905 525 232 S1 - - 0 ShADad 4 741 3 396 -
|
||||
1300475173.475401 zeek - 1300475173.475401 C0LAHyvtKSQHyJxIl 141.142.220.118 32902 141.142.2.2 53 udp - 0.000317 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CFLRIC3zaTU1loLGxh 141.142.220.118 37676 141.142.2.2 53 udp - 0.000420 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475173.475401 zeek - 1300475173.475401 C9rXSW3KSpTYvPrlI1 141.142.220.118 38911 141.142.2.2 53 udp - 0.000335 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475173.475401 zeek - 1300475173.475401 Ck51lg1bScffFj34Ri 141.142.220.118 40526 141.142.2.2 53 udp - 0.000392 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475173.475401 zeek - 1300475173.475401 C9mvWx3ezztgzcexV7 141.142.220.118 43927 141.142.2.2 53 udp - 0.000435 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CNnMIj2QSd84NKf7U3 141.142.220.118 45000 141.142.2.2 53 udp - 0.000384 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475173.475401 zeek - 1300475173.475401 C7fIlMZDuRiqjpYbb 141.142.220.118 48128 141.142.2.2 53 udp - 0.000423 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CykQaM33ztNt0csB9a 141.142.220.118 48479 141.142.2.2 53 udp - 0.000317 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CtxTCR2Yer0FR1tIBg 141.142.220.44 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 85 0 0 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CpmdRlaUoJLN3uIRa 141.142.220.226 137 141.142.220.255 137 udp - 2.613017 350 0 S0 - - 0 D 7 546 0 0 -
|
||||
1300475173.475401 zeek - 1300475173.475401 C1Xkzz2MaGtLrc1Tla 141.142.220.118 59746 141.142.2.2 53 udp - 0.000421 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CqlVyW1YwZ15RhTBc4 141.142.220.118 59816 141.142.2.2 53 udp - 0.000343 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CLNN1k2QMum1aexUK7 fe80::217:f2ff:fed7:cf65 5353 ff02::fb 5353 udp - - - - S0 - - 0 D 1 199 0 0 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CBA8792iHmnhPLksKa 141.142.220.226 55671 224.0.0.252 5355 udp - 0.099849 66 0 S0 - - 0 D 2 122 0 0 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CGLPPc35OzDQij1XX8 141.142.220.238 56641 141.142.220.255 137 udp - - - - S0 - - 0 D 1 78 0 0 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CiyBAq1bBLNaTiTAc 141.142.220.118 38911 141.142.2.2 53 udp - 0.000335 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CFSwNi4CNGxcuffo49 fe80::3074:17d5:2052:c324 65373 ff02::1:3 5355 udp - 0.100096 66 0 S0 - - 0 D 2 162 0 0 -
|
||||
1300475173.475401 zeek - 1300475173.475401 Cipfzj1BEnhejw8cGf 141.142.220.202 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 73 0 0 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CV5WJ42jPYbNW9JNWf 141.142.220.118 37676 141.142.2.2 53 udp - 0.000420 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CPhDKt12KQPUVbQz06 141.142.220.226 55131 224.0.0.252 5355 udp - 0.100021 66 0 S0 - - 0 D 2 122 0 0 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CAnFrb2Cvxr5T7quOc fe80::3074:17d5:2052:c324 54213 ff02::1:3 5355 udp - 0.099801 66 0 S0 - - 0 D 2 162 0 0 -
|
||||
1300475173.475401 zeek - 1300475173.475401 C8rquZ3DjgNW06JGLl 141.142.220.118 45000 141.142.2.2 53 udp - 0.000384 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CzrZOtXqhwwndQva3 141.142.220.118 32902 141.142.2.2 53 udp - 0.000317 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CaGCc13FffXe6RkQl9 141.142.220.118 58206 141.142.2.2 53 udp - 0.000339 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
#close 2019-06-07-02-20-04
|
||||
1300475173.475401 zeek - 1300475173.475401 CtxTCR2Yer0FR1tIBg 141.142.220.118 55092 141.142.2.2 53 udp - 0.000374 36 198 SF - - 0 Dd 1 64 1 226 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CpmdRlaUoJLN3uIRa 141.142.220.118 56056 141.142.2.2 53 udp - 0.000402 36 131 SF - - 0 Dd 1 64 1 159 -
|
||||
1300475173.475401 zeek - 1300475173.475401 C1Xkzz2MaGtLrc1Tla 141.142.220.118 58206 141.142.2.2 53 udp - 0.000339 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CqlVyW1YwZ15RhTBc4 141.142.220.118 59714 141.142.2.2 53 udp - 0.000375 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CLNN1k2QMum1aexUK7 141.142.220.118 59746 141.142.2.2 53 udp - 0.000421 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CBA8792iHmnhPLksKa 141.142.220.118 59816 141.142.2.2 53 udp - 0.000343 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CGLPPc35OzDQij1XX8 141.142.220.44 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 85 0 0 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CiyBAq1bBLNaTiTAc 141.142.220.50 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 179 0 0 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CFSwNi4CNGxcuffo49 141.142.220.202 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 73 0 0 -
|
||||
1300475173.475401 zeek - 1300475173.475401 Cipfzj1BEnhejw8cGf 141.142.220.226 137 141.142.220.255 137 udp - 2.613017 350 0 S0 - - 0 D 7 546 0 0 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CV5WJ42jPYbNW9JNWf 141.142.220.226 55131 224.0.0.252 5355 udp - 0.100021 66 0 S0 - - 0 D 2 122 0 0 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CPhDKt12KQPUVbQz06 141.142.220.226 55671 224.0.0.252 5355 udp - 0.099849 66 0 S0 - - 0 D 2 122 0 0 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CAnFrb2Cvxr5T7quOc 141.142.220.238 56641 141.142.220.255 137 udp - - - - S0 - - 0 D 1 78 0 0 -
|
||||
1300475173.475401 zeek - 1300475173.475401 C8rquZ3DjgNW06JGLl fe80::217:f2ff:fed7:cf65 5353 ff02::fb 5353 udp - - - - S0 - - 0 D 1 199 0 0 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CzrZOtXqhwwndQva3 fe80::3074:17d5:2052:c324 54213 ff02::1:3 5355 udp - 0.099801 66 0 S0 - - 0 D 2 162 0 0 -
|
||||
1300475173.475401 zeek - 1300475173.475401 CaGCc13FffXe6RkQl9 fe80::3074:17d5:2052:c324 65373 ff02::1:3 5355 udp - 0.100096 66 0 S0 - - 0 D 2 162 0 0 -
|
||||
#close 2019-08-01-00-38-35
|
||||
|
|
|
|||
|
|
@ -3,41 +3,41 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path conn
|
||||
#open 2019-06-07-02-20-03
|
||||
#open 2019-08-01-00-38-32
|
||||
#fields _write_ts _stream _system_name ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
||||
#types time string string time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
||||
1300475173.475401 conn zeek 1300475169.780331 C3eiCBGOLw3VtHfOj 173.192.163.128 80 141.142.220.235 6705 tcp - - - - OTH - - 0 H 1 48 0 0 -
|
||||
1300475173.475401 conn zeek 1300475168.892913 CmES5u32sYpV7JYN 141.142.220.118 49999 208.80.152.3 80 tcp - 0.220961 1137 733 S1 - - 0 ShADad 6 1457 4 949 -
|
||||
1300475173.475401 conn zeek 1300475168.724007 CHhAvVGS1DHFjwGM9 141.142.220.118 48649 208.80.152.118 80 tcp - 0.119905 525 232 S1 - - 0 ShADad 4 741 3 396 -
|
||||
1300475173.475401 conn zeek 1300475168.855330 ClEkJM2Vm5giqnMf4h 141.142.220.118 49997 208.80.152.3 80 tcp - 0.219720 1125 734 S1 - - 0 ShADad 6 1445 4 950 -
|
||||
1300475173.475401 conn zeek 1300475168.855305 C4J4Th3PJpwUYZZ6gc 141.142.220.118 49996 208.80.152.3 80 tcp - 0.218501 1171 733 S1 - - 0 ShADad 6 1491 4 949 -
|
||||
1300475173.475401 conn zeek 1300475168.652003 CwjjYJ2WqgTbAqiHl6 141.142.220.118 35634 208.80.152.2 80 tcp - 0.061329 463 350 OTH - - 0 DdA 2 567 1 402 -
|
||||
1300475173.475401 conn zeek 1300475168.902635 C37jN32gN3y3AZzyf6 141.142.220.118 35642 208.80.152.2 80 tcp - 0.120041 534 412 S1 - - 0 ShADad 4 750 3 576 -
|
||||
1300475173.475401 conn zeek 1300475168.855305 C4J4Th3PJpwUYZZ6gc 141.142.220.118 49996 208.80.152.3 80 tcp - 0.218501 1171 733 S1 - - 0 ShADad 6 1491 4 949 -
|
||||
1300475173.475401 conn zeek 1300475168.855330 ClEkJM2Vm5giqnMf4h 141.142.220.118 49997 208.80.152.3 80 tcp - 0.219720 1125 734 S1 - - 0 ShADad 6 1445 4 950 -
|
||||
1300475173.475401 conn zeek 1300475168.859163 CtPZjS20MLrsMUOJi2 141.142.220.118 49998 208.80.152.3 80 tcp - 0.215893 1130 734 S1 - - 0 ShADad 6 1450 4 950 -
|
||||
1300475173.475401 conn zeek 1300475168.892913 CmES5u32sYpV7JYN 141.142.220.118 49999 208.80.152.3 80 tcp - 0.220961 1137 733 S1 - - 0 ShADad 6 1457 4 949 -
|
||||
1300475173.475401 conn zeek 1300475168.892936 CUM0KZ3MLUfNB0cl11 141.142.220.118 50000 208.80.152.3 80 tcp - 0.229603 1148 734 S1 - - 0 ShADad 6 1468 4 950 -
|
||||
1300475173.475401 conn zeek 1300475168.895267 CP5puj4I8PtEU4qzYg 141.142.220.118 50001 208.80.152.3 80 tcp - 0.227284 1178 734 S1 - - 0 ShADad 6 1498 4 950 -
|
||||
1300475173.475401 conn zeek 1300475168.853899 C0LAHyvtKSQHyJxIl 141.142.220.118 43927 141.142.2.2 53 udp - 0.000435 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475173.475401 conn zeek 1300475168.901749 CFLRIC3zaTU1loLGxh 141.142.220.118 56056 141.142.2.2 53 udp - 0.000402 36 131 SF - - 0 Dd 1 64 1 159 -
|
||||
1300475173.475401 conn zeek 1300475168.902195 C9rXSW3KSpTYvPrlI1 141.142.220.118 55092 141.142.2.2 53 udp - 0.000374 36 198 SF - - 0 Dd 1 64 1 226 -
|
||||
1300475173.475401 conn zeek 1300475168.858713 Ck51lg1bScffFj34Ri 141.142.220.118 59714 141.142.2.2 53 udp - 0.000375 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475173.475401 conn zeek 1300475167.099816 C9mvWx3ezztgzcexV7 141.142.220.50 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 179 0 0 -
|
||||
1300475173.475401 conn zeek 1300475168.854837 CNnMIj2QSd84NKf7U3 141.142.220.118 40526 141.142.2.2 53 udp - 0.000392 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475173.475401 conn zeek 1300475168.724007 CHhAvVGS1DHFjwGM9 141.142.220.118 48649 208.80.152.118 80 tcp - 0.119905 525 232 S1 - - 0 ShADad 4 741 3 396 -
|
||||
1300475173.475401 conn zeek 1300475168.857956 C0LAHyvtKSQHyJxIl 141.142.220.118 32902 141.142.2.2 53 udp - 0.000317 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475173.475401 conn zeek 1300475168.854378 CFLRIC3zaTU1loLGxh 141.142.220.118 37676 141.142.2.2 53 udp - 0.000420 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475173.475401 conn zeek 1300475168.892037 C9rXSW3KSpTYvPrlI1 141.142.220.118 38911 141.142.2.2 53 udp - 0.000335 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475173.475401 conn zeek 1300475168.854837 Ck51lg1bScffFj34Ri 141.142.220.118 40526 141.142.2.2 53 udp - 0.000392 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475173.475401 conn zeek 1300475168.853899 C9mvWx3ezztgzcexV7 141.142.220.118 43927 141.142.2.2 53 udp - 0.000435 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475173.475401 conn zeek 1300475168.893988 CNnMIj2QSd84NKf7U3 141.142.220.118 45000 141.142.2.2 53 udp - 0.000384 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475173.475401 conn zeek 1300475168.894787 C7fIlMZDuRiqjpYbb 141.142.220.118 48128 141.142.2.2 53 udp - 0.000423 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475173.475401 conn zeek 1300475168.894422 CykQaM33ztNt0csB9a 141.142.220.118 48479 141.142.2.2 53 udp - 0.000317 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475173.475401 conn zeek 1300475169.899438 CtxTCR2Yer0FR1tIBg 141.142.220.44 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 85 0 0 -
|
||||
1300475173.475401 conn zeek 1300475170.862384 CpmdRlaUoJLN3uIRa 141.142.220.226 137 141.142.220.255 137 udp - 2.613017 350 0 S0 - - 0 D 7 546 0 0 -
|
||||
1300475173.475401 conn zeek 1300475168.892414 C1Xkzz2MaGtLrc1Tla 141.142.220.118 59746 141.142.2.2 53 udp - 0.000421 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475173.475401 conn zeek 1300475168.858306 CqlVyW1YwZ15RhTBc4 141.142.220.118 59816 141.142.2.2 53 udp - 0.000343 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475173.475401 conn zeek 1300475167.097012 CLNN1k2QMum1aexUK7 fe80::217:f2ff:fed7:cf65 5353 ff02::fb 5353 udp - - - - S0 - - 0 D 1 199 0 0 -
|
||||
1300475173.475401 conn zeek 1300475173.117362 CBA8792iHmnhPLksKa 141.142.220.226 55671 224.0.0.252 5355 udp - 0.099849 66 0 S0 - - 0 D 2 122 0 0 -
|
||||
1300475173.475401 conn zeek 1300475173.153679 CGLPPc35OzDQij1XX8 141.142.220.238 56641 141.142.220.255 137 udp - - - - S0 - - 0 D 1 78 0 0 -
|
||||
1300475173.475401 conn zeek 1300475168.892037 CiyBAq1bBLNaTiTAc 141.142.220.118 38911 141.142.2.2 53 udp - 0.000335 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475173.475401 conn zeek 1300475171.675372 CFSwNi4CNGxcuffo49 fe80::3074:17d5:2052:c324 65373 ff02::1:3 5355 udp - 0.100096 66 0 S0 - - 0 D 2 162 0 0 -
|
||||
1300475173.475401 conn zeek 1300475167.096535 Cipfzj1BEnhejw8cGf 141.142.220.202 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 73 0 0 -
|
||||
1300475173.475401 conn zeek 1300475168.854378 CV5WJ42jPYbNW9JNWf 141.142.220.118 37676 141.142.2.2 53 udp - 0.000420 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475173.475401 conn zeek 1300475171.677081 CPhDKt12KQPUVbQz06 141.142.220.226 55131 224.0.0.252 5355 udp - 0.100021 66 0 S0 - - 0 D 2 122 0 0 -
|
||||
1300475173.475401 conn zeek 1300475173.116749 CAnFrb2Cvxr5T7quOc fe80::3074:17d5:2052:c324 54213 ff02::1:3 5355 udp - 0.099801 66 0 S0 - - 0 D 2 162 0 0 -
|
||||
1300475173.475401 conn zeek 1300475168.893988 C8rquZ3DjgNW06JGLl 141.142.220.118 45000 141.142.2.2 53 udp - 0.000384 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475173.475401 conn zeek 1300475168.857956 CzrZOtXqhwwndQva3 141.142.220.118 32902 141.142.2.2 53 udp - 0.000317 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475173.475401 conn zeek 1300475168.891644 CaGCc13FffXe6RkQl9 141.142.220.118 58206 141.142.2.2 53 udp - 0.000339 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
#close 2019-06-07-02-20-03
|
||||
1300475173.475401 conn zeek 1300475168.902195 CtxTCR2Yer0FR1tIBg 141.142.220.118 55092 141.142.2.2 53 udp - 0.000374 36 198 SF - - 0 Dd 1 64 1 226 -
|
||||
1300475173.475401 conn zeek 1300475168.901749 CpmdRlaUoJLN3uIRa 141.142.220.118 56056 141.142.2.2 53 udp - 0.000402 36 131 SF - - 0 Dd 1 64 1 159 -
|
||||
1300475173.475401 conn zeek 1300475168.891644 C1Xkzz2MaGtLrc1Tla 141.142.220.118 58206 141.142.2.2 53 udp - 0.000339 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475173.475401 conn zeek 1300475168.858713 CqlVyW1YwZ15RhTBc4 141.142.220.118 59714 141.142.2.2 53 udp - 0.000375 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475173.475401 conn zeek 1300475168.892414 CLNN1k2QMum1aexUK7 141.142.220.118 59746 141.142.2.2 53 udp - 0.000421 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475173.475401 conn zeek 1300475168.858306 CBA8792iHmnhPLksKa 141.142.220.118 59816 141.142.2.2 53 udp - 0.000343 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475173.475401 conn zeek 1300475169.899438 CGLPPc35OzDQij1XX8 141.142.220.44 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 85 0 0 -
|
||||
1300475173.475401 conn zeek 1300475167.099816 CiyBAq1bBLNaTiTAc 141.142.220.50 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 179 0 0 -
|
||||
1300475173.475401 conn zeek 1300475167.096535 CFSwNi4CNGxcuffo49 141.142.220.202 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 73 0 0 -
|
||||
1300475173.475401 conn zeek 1300475170.862384 Cipfzj1BEnhejw8cGf 141.142.220.226 137 141.142.220.255 137 udp - 2.613017 350 0 S0 - - 0 D 7 546 0 0 -
|
||||
1300475173.475401 conn zeek 1300475171.677081 CV5WJ42jPYbNW9JNWf 141.142.220.226 55131 224.0.0.252 5355 udp - 0.100021 66 0 S0 - - 0 D 2 122 0 0 -
|
||||
1300475173.475401 conn zeek 1300475173.117362 CPhDKt12KQPUVbQz06 141.142.220.226 55671 224.0.0.252 5355 udp - 0.099849 66 0 S0 - - 0 D 2 122 0 0 -
|
||||
1300475173.475401 conn zeek 1300475173.153679 CAnFrb2Cvxr5T7quOc 141.142.220.238 56641 141.142.220.255 137 udp - - - - S0 - - 0 D 1 78 0 0 -
|
||||
1300475173.475401 conn zeek 1300475167.097012 C8rquZ3DjgNW06JGLl fe80::217:f2ff:fed7:cf65 5353 ff02::fb 5353 udp - - - - S0 - - 0 D 1 199 0 0 -
|
||||
1300475173.475401 conn zeek 1300475173.116749 CzrZOtXqhwwndQva3 fe80::3074:17d5:2052:c324 54213 ff02::1:3 5355 udp - 0.099801 66 0 S0 - - 0 D 2 162 0 0 -
|
||||
1300475173.475401 conn zeek 1300475171.675372 CaGCc13FffXe6RkQl9 fe80::3074:17d5:2052:c324 65373 ff02::1:3 5355 udp - 0.100096 66 0 S0 - - 0 D 2 162 0 0 -
|
||||
#close 2019-08-01-00-38-32
|
||||
|
|
|
|||
|
|
@ -3,41 +3,41 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path conn
|
||||
#open 2016-08-10-16-51-09
|
||||
#open 2019-08-01-00-38-43
|
||||
#fields ts uid src src_port dst dst_port proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
||||
#types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
||||
1300475169.780331 C3eiCBGOLw3VtHfOj 173.192.163.128 80 141.142.220.235 6705 tcp - - - - OTH - - 0 H 1 48 0 0 -
|
||||
1300475168.892913 CmES5u32sYpV7JYN 141.142.220.118 49999 208.80.152.3 80 tcp - 0.220961 1137 733 S1 - - 0 ShADad 6 1457 4 949 -
|
||||
1300475168.724007 CHhAvVGS1DHFjwGM9 141.142.220.118 48649 208.80.152.118 80 tcp - 0.119905 525 232 S1 - - 0 ShADad 4 741 3 396 -
|
||||
1300475168.855330 ClEkJM2Vm5giqnMf4h 141.142.220.118 49997 208.80.152.3 80 tcp - 0.219720 1125 734 S1 - - 0 ShADad 6 1445 4 950 -
|
||||
1300475168.855305 C4J4Th3PJpwUYZZ6gc 141.142.220.118 49996 208.80.152.3 80 tcp - 0.218501 1171 733 S1 - - 0 ShADad 6 1491 4 949 -
|
||||
1300475168.652003 CwjjYJ2WqgTbAqiHl6 141.142.220.118 35634 208.80.152.2 80 tcp - 0.061329 463 350 OTH - - 0 DdA 2 567 1 402 -
|
||||
1300475168.902635 C37jN32gN3y3AZzyf6 141.142.220.118 35642 208.80.152.2 80 tcp - 0.120041 534 412 S1 - - 0 ShADad 4 750 3 576 -
|
||||
1300475168.855305 C4J4Th3PJpwUYZZ6gc 141.142.220.118 49996 208.80.152.3 80 tcp - 0.218501 1171 733 S1 - - 0 ShADad 6 1491 4 949 -
|
||||
1300475168.855330 ClEkJM2Vm5giqnMf4h 141.142.220.118 49997 208.80.152.3 80 tcp - 0.219720 1125 734 S1 - - 0 ShADad 6 1445 4 950 -
|
||||
1300475168.859163 CtPZjS20MLrsMUOJi2 141.142.220.118 49998 208.80.152.3 80 tcp - 0.215893 1130 734 S1 - - 0 ShADad 6 1450 4 950 -
|
||||
1300475168.892913 CmES5u32sYpV7JYN 141.142.220.118 49999 208.80.152.3 80 tcp - 0.220961 1137 733 S1 - - 0 ShADad 6 1457 4 949 -
|
||||
1300475168.892936 CUM0KZ3MLUfNB0cl11 141.142.220.118 50000 208.80.152.3 80 tcp - 0.229603 1148 734 S1 - - 0 ShADad 6 1468 4 950 -
|
||||
1300475168.895267 CP5puj4I8PtEU4qzYg 141.142.220.118 50001 208.80.152.3 80 tcp - 0.227284 1178 734 S1 - - 0 ShADad 6 1498 4 950 -
|
||||
1300475168.853899 C0LAHyvtKSQHyJxIl 141.142.220.118 43927 141.142.2.2 53 udp - 0.000435 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475168.901749 CFLRIC3zaTU1loLGxh 141.142.220.118 56056 141.142.2.2 53 udp - 0.000402 36 131 SF - - 0 Dd 1 64 1 159 -
|
||||
1300475168.902195 C9rXSW3KSpTYvPrlI1 141.142.220.118 55092 141.142.2.2 53 udp - 0.000374 36 198 SF - - 0 Dd 1 64 1 226 -
|
||||
1300475168.858713 Ck51lg1bScffFj34Ri 141.142.220.118 59714 141.142.2.2 53 udp - 0.000375 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475167.099816 C9mvWx3ezztgzcexV7 141.142.220.50 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 179 0 0 -
|
||||
1300475168.854837 CNnMIj2QSd84NKf7U3 141.142.220.118 40526 141.142.2.2 53 udp - 0.000392 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475168.724007 CHhAvVGS1DHFjwGM9 141.142.220.118 48649 208.80.152.118 80 tcp - 0.119905 525 232 S1 - - 0 ShADad 4 741 3 396 -
|
||||
1300475168.857956 C0LAHyvtKSQHyJxIl 141.142.220.118 32902 141.142.2.2 53 udp - 0.000317 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475168.854378 CFLRIC3zaTU1loLGxh 141.142.220.118 37676 141.142.2.2 53 udp - 0.000420 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475168.892037 C9rXSW3KSpTYvPrlI1 141.142.220.118 38911 141.142.2.2 53 udp - 0.000335 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475168.854837 Ck51lg1bScffFj34Ri 141.142.220.118 40526 141.142.2.2 53 udp - 0.000392 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475168.853899 C9mvWx3ezztgzcexV7 141.142.220.118 43927 141.142.2.2 53 udp - 0.000435 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475168.893988 CNnMIj2QSd84NKf7U3 141.142.220.118 45000 141.142.2.2 53 udp - 0.000384 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475168.894787 C7fIlMZDuRiqjpYbb 141.142.220.118 48128 141.142.2.2 53 udp - 0.000423 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475168.894422 CykQaM33ztNt0csB9a 141.142.220.118 48479 141.142.2.2 53 udp - 0.000317 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475169.899438 CtxTCR2Yer0FR1tIBg 141.142.220.44 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 85 0 0 -
|
||||
1300475170.862384 CpmdRlaUoJLN3uIRa 141.142.220.226 137 141.142.220.255 137 udp - 2.613017 350 0 S0 - - 0 D 7 546 0 0 -
|
||||
1300475168.892414 C1Xkzz2MaGtLrc1Tla 141.142.220.118 59746 141.142.2.2 53 udp - 0.000421 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475168.858306 CqlVyW1YwZ15RhTBc4 141.142.220.118 59816 141.142.2.2 53 udp - 0.000343 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475167.097012 CLNN1k2QMum1aexUK7 fe80::217:f2ff:fed7:cf65 5353 ff02::fb 5353 udp - - - - S0 - - 0 D 1 199 0 0 -
|
||||
1300475173.117362 CBA8792iHmnhPLksKa 141.142.220.226 55671 224.0.0.252 5355 udp - 0.099849 66 0 S0 - - 0 D 2 122 0 0 -
|
||||
1300475173.153679 CGLPPc35OzDQij1XX8 141.142.220.238 56641 141.142.220.255 137 udp - - - - S0 - - 0 D 1 78 0 0 -
|
||||
1300475168.892037 CiyBAq1bBLNaTiTAc 141.142.220.118 38911 141.142.2.2 53 udp - 0.000335 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475171.675372 CFSwNi4CNGxcuffo49 fe80::3074:17d5:2052:c324 65373 ff02::1:3 5355 udp - 0.100096 66 0 S0 - - 0 D 2 162 0 0 -
|
||||
1300475167.096535 Cipfzj1BEnhejw8cGf 141.142.220.202 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 73 0 0 -
|
||||
1300475168.854378 CV5WJ42jPYbNW9JNWf 141.142.220.118 37676 141.142.2.2 53 udp - 0.000420 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475171.677081 CPhDKt12KQPUVbQz06 141.142.220.226 55131 224.0.0.252 5355 udp - 0.100021 66 0 S0 - - 0 D 2 122 0 0 -
|
||||
1300475173.116749 CAnFrb2Cvxr5T7quOc fe80::3074:17d5:2052:c324 54213 ff02::1:3 5355 udp - 0.099801 66 0 S0 - - 0 D 2 162 0 0 -
|
||||
1300475168.893988 C8rquZ3DjgNW06JGLl 141.142.220.118 45000 141.142.2.2 53 udp - 0.000384 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475168.857956 CzrZOtXqhwwndQva3 141.142.220.118 32902 141.142.2.2 53 udp - 0.000317 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475168.891644 CaGCc13FffXe6RkQl9 141.142.220.118 58206 141.142.2.2 53 udp - 0.000339 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
#close 2016-08-10-16-51-09
|
||||
1300475168.902195 CtxTCR2Yer0FR1tIBg 141.142.220.118 55092 141.142.2.2 53 udp - 0.000374 36 198 SF - - 0 Dd 1 64 1 226 -
|
||||
1300475168.901749 CpmdRlaUoJLN3uIRa 141.142.220.118 56056 141.142.2.2 53 udp - 0.000402 36 131 SF - - 0 Dd 1 64 1 159 -
|
||||
1300475168.891644 C1Xkzz2MaGtLrc1Tla 141.142.220.118 58206 141.142.2.2 53 udp - 0.000339 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475168.858713 CqlVyW1YwZ15RhTBc4 141.142.220.118 59714 141.142.2.2 53 udp - 0.000375 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475168.892414 CLNN1k2QMum1aexUK7 141.142.220.118 59746 141.142.2.2 53 udp - 0.000421 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475168.858306 CBA8792iHmnhPLksKa 141.142.220.118 59816 141.142.2.2 53 udp - 0.000343 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475169.899438 CGLPPc35OzDQij1XX8 141.142.220.44 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 85 0 0 -
|
||||
1300475167.099816 CiyBAq1bBLNaTiTAc 141.142.220.50 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 179 0 0 -
|
||||
1300475167.096535 CFSwNi4CNGxcuffo49 141.142.220.202 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 73 0 0 -
|
||||
1300475170.862384 Cipfzj1BEnhejw8cGf 141.142.220.226 137 141.142.220.255 137 udp - 2.613017 350 0 S0 - - 0 D 7 546 0 0 -
|
||||
1300475171.677081 CV5WJ42jPYbNW9JNWf 141.142.220.226 55131 224.0.0.252 5355 udp - 0.100021 66 0 S0 - - 0 D 2 122 0 0 -
|
||||
1300475173.117362 CPhDKt12KQPUVbQz06 141.142.220.226 55671 224.0.0.252 5355 udp - 0.099849 66 0 S0 - - 0 D 2 122 0 0 -
|
||||
1300475173.153679 CAnFrb2Cvxr5T7quOc 141.142.220.238 56641 141.142.220.255 137 udp - - - - S0 - - 0 D 1 78 0 0 -
|
||||
1300475167.097012 C8rquZ3DjgNW06JGLl fe80::217:f2ff:fed7:cf65 5353 ff02::fb 5353 udp - - - - S0 - - 0 D 1 199 0 0 -
|
||||
1300475173.116749 CzrZOtXqhwwndQva3 fe80::3074:17d5:2052:c324 54213 ff02::1:3 5355 udp - 0.099801 66 0 S0 - - 0 D 2 162 0 0 -
|
||||
1300475171.675372 CaGCc13FffXe6RkQl9 fe80::3074:17d5:2052:c324 65373 ff02::1:3 5355 udp - 0.100096 66 0 S0 - - 0 D 2 162 0 0 -
|
||||
#close 2019-08-01-00-38-43
|
||||
|
|
|
|||
|
|
@ -3,37 +3,37 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path local
|
||||
#open 2016-07-13-16-15-14
|
||||
#open 2019-08-01-00-38-50
|
||||
#fields ts id.orig_h
|
||||
#types time addr
|
||||
1300475168.892913 141.142.220.118
|
||||
1300475168.724007 141.142.220.118
|
||||
1300475168.855330 141.142.220.118
|
||||
1300475168.855305 141.142.220.118
|
||||
1300475168.652003 141.142.220.118
|
||||
1300475168.902635 141.142.220.118
|
||||
1300475168.855305 141.142.220.118
|
||||
1300475168.855330 141.142.220.118
|
||||
1300475168.859163 141.142.220.118
|
||||
1300475168.892913 141.142.220.118
|
||||
1300475168.892936 141.142.220.118
|
||||
1300475168.895267 141.142.220.118
|
||||
1300475168.853899 141.142.220.118
|
||||
1300475168.901749 141.142.220.118
|
||||
1300475168.902195 141.142.220.118
|
||||
1300475168.858713 141.142.220.118
|
||||
1300475167.099816 141.142.220.50
|
||||
1300475168.724007 141.142.220.118
|
||||
1300475168.857956 141.142.220.118
|
||||
1300475168.854378 141.142.220.118
|
||||
1300475168.892037 141.142.220.118
|
||||
1300475168.854837 141.142.220.118
|
||||
1300475168.853899 141.142.220.118
|
||||
1300475168.893988 141.142.220.118
|
||||
1300475168.894787 141.142.220.118
|
||||
1300475168.894422 141.142.220.118
|
||||
1300475169.899438 141.142.220.44
|
||||
1300475170.862384 141.142.220.226
|
||||
1300475168.902195 141.142.220.118
|
||||
1300475168.901749 141.142.220.118
|
||||
1300475168.891644 141.142.220.118
|
||||
1300475168.858713 141.142.220.118
|
||||
1300475168.892414 141.142.220.118
|
||||
1300475168.858306 141.142.220.118
|
||||
1300475169.899438 141.142.220.44
|
||||
1300475167.099816 141.142.220.50
|
||||
1300475167.096535 141.142.220.202
|
||||
1300475170.862384 141.142.220.226
|
||||
1300475171.677081 141.142.220.226
|
||||
1300475173.117362 141.142.220.226
|
||||
1300475173.153679 141.142.220.238
|
||||
1300475168.892037 141.142.220.118
|
||||
1300475167.096535 141.142.220.202
|
||||
1300475168.854378 141.142.220.118
|
||||
1300475171.677081 141.142.220.226
|
||||
1300475168.893988 141.142.220.118
|
||||
1300475168.857956 141.142.220.118
|
||||
1300475168.891644 141.142.220.118
|
||||
#close 2016-07-13-16-15-14
|
||||
#close 2019-08-01-00-38-50
|
||||
|
|
|
|||
|
|
@ -3,11 +3,11 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path remote
|
||||
#open 2016-07-13-16-15-14
|
||||
#open 2019-08-01-00-38-50
|
||||
#fields ts id.orig_h
|
||||
#types time addr
|
||||
1300475169.780331 173.192.163.128
|
||||
1300475167.097012 fe80::217:f2ff:fed7:cf65
|
||||
1300475171.675372 fe80::3074:17d5:2052:c324
|
||||
1300475173.116749 fe80::3074:17d5:2052:c324
|
||||
#close 2016-07-13-16-15-14
|
||||
1300475171.675372 fe80::3074:17d5:2052:c324
|
||||
#close 2019-08-01-00-38-50
|
||||
|
|
|
|||
|
|
@ -3,41 +3,41 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path conn
|
||||
#open 2016-08-10-16-53-04
|
||||
#open 2019-07-31-23-54-13
|
||||
#fields ts uid id_orig_h id_orig_p id_resp_h id_resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
||||
#types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
||||
1300475169.780331 C3eiCBGOLw3VtHfOj 173.192.163.128 80 141.142.220.235 6705 tcp - - - - OTH - - 0 H 1 48 0 0 -
|
||||
1300475168.892913 CmES5u32sYpV7JYN 141.142.220.118 49999 208.80.152.3 80 tcp - 0.220961 1137 733 S1 - - 0 ShADad 6 1457 4 949 -
|
||||
1300475168.724007 CHhAvVGS1DHFjwGM9 141.142.220.118 48649 208.80.152.118 80 tcp - 0.119905 525 232 S1 - - 0 ShADad 4 741 3 396 -
|
||||
1300475168.855330 ClEkJM2Vm5giqnMf4h 141.142.220.118 49997 208.80.152.3 80 tcp - 0.219720 1125 734 S1 - - 0 ShADad 6 1445 4 950 -
|
||||
1300475168.855305 C4J4Th3PJpwUYZZ6gc 141.142.220.118 49996 208.80.152.3 80 tcp - 0.218501 1171 733 S1 - - 0 ShADad 6 1491 4 949 -
|
||||
1300475168.652003 CwjjYJ2WqgTbAqiHl6 141.142.220.118 35634 208.80.152.2 80 tcp - 0.061329 463 350 OTH - - 0 DdA 2 567 1 402 -
|
||||
1300475168.902635 C37jN32gN3y3AZzyf6 141.142.220.118 35642 208.80.152.2 80 tcp - 0.120041 534 412 S1 - - 0 ShADad 4 750 3 576 -
|
||||
1300475168.855305 C4J4Th3PJpwUYZZ6gc 141.142.220.118 49996 208.80.152.3 80 tcp - 0.218501 1171 733 S1 - - 0 ShADad 6 1491 4 949 -
|
||||
1300475168.855330 ClEkJM2Vm5giqnMf4h 141.142.220.118 49997 208.80.152.3 80 tcp - 0.219720 1125 734 S1 - - 0 ShADad 6 1445 4 950 -
|
||||
1300475168.859163 CtPZjS20MLrsMUOJi2 141.142.220.118 49998 208.80.152.3 80 tcp - 0.215893 1130 734 S1 - - 0 ShADad 6 1450 4 950 -
|
||||
1300475168.892913 CmES5u32sYpV7JYN 141.142.220.118 49999 208.80.152.3 80 tcp - 0.220961 1137 733 S1 - - 0 ShADad 6 1457 4 949 -
|
||||
1300475168.892936 CUM0KZ3MLUfNB0cl11 141.142.220.118 50000 208.80.152.3 80 tcp - 0.229603 1148 734 S1 - - 0 ShADad 6 1468 4 950 -
|
||||
1300475168.895267 CP5puj4I8PtEU4qzYg 141.142.220.118 50001 208.80.152.3 80 tcp - 0.227284 1178 734 S1 - - 0 ShADad 6 1498 4 950 -
|
||||
1300475168.853899 C0LAHyvtKSQHyJxIl 141.142.220.118 43927 141.142.2.2 53 udp - 0.000435 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475168.901749 CFLRIC3zaTU1loLGxh 141.142.220.118 56056 141.142.2.2 53 udp - 0.000402 36 131 SF - - 0 Dd 1 64 1 159 -
|
||||
1300475168.902195 C9rXSW3KSpTYvPrlI1 141.142.220.118 55092 141.142.2.2 53 udp - 0.000374 36 198 SF - - 0 Dd 1 64 1 226 -
|
||||
1300475168.858713 Ck51lg1bScffFj34Ri 141.142.220.118 59714 141.142.2.2 53 udp - 0.000375 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475167.099816 C9mvWx3ezztgzcexV7 141.142.220.50 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 179 0 0 -
|
||||
1300475168.854837 CNnMIj2QSd84NKf7U3 141.142.220.118 40526 141.142.2.2 53 udp - 0.000392 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475168.724007 CHhAvVGS1DHFjwGM9 141.142.220.118 48649 208.80.152.118 80 tcp - 0.119905 525 232 S1 - - 0 ShADad 4 741 3 396 -
|
||||
1300475168.857956 C0LAHyvtKSQHyJxIl 141.142.220.118 32902 141.142.2.2 53 udp - 0.000317 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475168.854378 CFLRIC3zaTU1loLGxh 141.142.220.118 37676 141.142.2.2 53 udp - 0.000420 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475168.892037 C9rXSW3KSpTYvPrlI1 141.142.220.118 38911 141.142.2.2 53 udp - 0.000335 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475168.854837 Ck51lg1bScffFj34Ri 141.142.220.118 40526 141.142.2.2 53 udp - 0.000392 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475168.853899 C9mvWx3ezztgzcexV7 141.142.220.118 43927 141.142.2.2 53 udp - 0.000435 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475168.893988 CNnMIj2QSd84NKf7U3 141.142.220.118 45000 141.142.2.2 53 udp - 0.000384 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475168.894787 C7fIlMZDuRiqjpYbb 141.142.220.118 48128 141.142.2.2 53 udp - 0.000423 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475168.894422 CykQaM33ztNt0csB9a 141.142.220.118 48479 141.142.2.2 53 udp - 0.000317 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475169.899438 CtxTCR2Yer0FR1tIBg 141.142.220.44 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 85 0 0 -
|
||||
1300475170.862384 CpmdRlaUoJLN3uIRa 141.142.220.226 137 141.142.220.255 137 udp - 2.613017 350 0 S0 - - 0 D 7 546 0 0 -
|
||||
1300475168.892414 C1Xkzz2MaGtLrc1Tla 141.142.220.118 59746 141.142.2.2 53 udp - 0.000421 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475168.858306 CqlVyW1YwZ15RhTBc4 141.142.220.118 59816 141.142.2.2 53 udp - 0.000343 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475167.097012 CLNN1k2QMum1aexUK7 fe80::217:f2ff:fed7:cf65 5353 ff02::fb 5353 udp - - - - S0 - - 0 D 1 199 0 0 -
|
||||
1300475173.117362 CBA8792iHmnhPLksKa 141.142.220.226 55671 224.0.0.252 5355 udp - 0.099849 66 0 S0 - - 0 D 2 122 0 0 -
|
||||
1300475173.153679 CGLPPc35OzDQij1XX8 141.142.220.238 56641 141.142.220.255 137 udp - - - - S0 - - 0 D 1 78 0 0 -
|
||||
1300475168.892037 CiyBAq1bBLNaTiTAc 141.142.220.118 38911 141.142.2.2 53 udp - 0.000335 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475171.675372 CFSwNi4CNGxcuffo49 fe80::3074:17d5:2052:c324 65373 ff02::1:3 5355 udp - 0.100096 66 0 S0 - - 0 D 2 162 0 0 -
|
||||
1300475167.096535 Cipfzj1BEnhejw8cGf 141.142.220.202 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 73 0 0 -
|
||||
1300475168.854378 CV5WJ42jPYbNW9JNWf 141.142.220.118 37676 141.142.2.2 53 udp - 0.000420 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475171.677081 CPhDKt12KQPUVbQz06 141.142.220.226 55131 224.0.0.252 5355 udp - 0.100021 66 0 S0 - - 0 D 2 122 0 0 -
|
||||
1300475173.116749 CAnFrb2Cvxr5T7quOc fe80::3074:17d5:2052:c324 54213 ff02::1:3 5355 udp - 0.099801 66 0 S0 - - 0 D 2 162 0 0 -
|
||||
1300475168.893988 C8rquZ3DjgNW06JGLl 141.142.220.118 45000 141.142.2.2 53 udp - 0.000384 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475168.857956 CzrZOtXqhwwndQva3 141.142.220.118 32902 141.142.2.2 53 udp - 0.000317 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475168.891644 CaGCc13FffXe6RkQl9 141.142.220.118 58206 141.142.2.2 53 udp - 0.000339 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
#close 2016-08-10-16-53-04
|
||||
1300475168.902195 CtxTCR2Yer0FR1tIBg 141.142.220.118 55092 141.142.2.2 53 udp - 0.000374 36 198 SF - - 0 Dd 1 64 1 226 -
|
||||
1300475168.901749 CpmdRlaUoJLN3uIRa 141.142.220.118 56056 141.142.2.2 53 udp - 0.000402 36 131 SF - - 0 Dd 1 64 1 159 -
|
||||
1300475168.891644 C1Xkzz2MaGtLrc1Tla 141.142.220.118 58206 141.142.2.2 53 udp - 0.000339 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475168.858713 CqlVyW1YwZ15RhTBc4 141.142.220.118 59714 141.142.2.2 53 udp - 0.000375 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475168.892414 CLNN1k2QMum1aexUK7 141.142.220.118 59746 141.142.2.2 53 udp - 0.000421 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475168.858306 CBA8792iHmnhPLksKa 141.142.220.118 59816 141.142.2.2 53 udp - 0.000343 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475169.899438 CGLPPc35OzDQij1XX8 141.142.220.44 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 85 0 0 -
|
||||
1300475167.099816 CiyBAq1bBLNaTiTAc 141.142.220.50 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 179 0 0 -
|
||||
1300475167.096535 CFSwNi4CNGxcuffo49 141.142.220.202 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 73 0 0 -
|
||||
1300475170.862384 Cipfzj1BEnhejw8cGf 141.142.220.226 137 141.142.220.255 137 udp - 2.613017 350 0 S0 - - 0 D 7 546 0 0 -
|
||||
1300475171.677081 CV5WJ42jPYbNW9JNWf 141.142.220.226 55131 224.0.0.252 5355 udp - 0.100021 66 0 S0 - - 0 D 2 122 0 0 -
|
||||
1300475173.117362 CPhDKt12KQPUVbQz06 141.142.220.226 55671 224.0.0.252 5355 udp - 0.099849 66 0 S0 - - 0 D 2 122 0 0 -
|
||||
1300475173.153679 CAnFrb2Cvxr5T7quOc 141.142.220.238 56641 141.142.220.255 137 udp - - - - S0 - - 0 D 1 78 0 0 -
|
||||
1300475167.097012 C8rquZ3DjgNW06JGLl fe80::217:f2ff:fed7:cf65 5353 ff02::fb 5353 udp - - - - S0 - - 0 D 1 199 0 0 -
|
||||
1300475173.116749 CzrZOtXqhwwndQva3 fe80::3074:17d5:2052:c324 54213 ff02::1:3 5355 udp - 0.099801 66 0 S0 - - 0 D 2 162 0 0 -
|
||||
1300475171.675372 CaGCc13FffXe6RkQl9 fe80::3074:17d5:2052:c324 65373 ff02::1:3 5355 udp - 0.100096 66 0 S0 - - 0 D 2 162 0 0 -
|
||||
#close 2019-07-31-23-54-13
|
||||
|
|
|
|||
|
|
@ -3,41 +3,41 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path conn
|
||||
#open 2016-08-10-16-53-37
|
||||
#open 2019-07-31-23-54-16
|
||||
#fields ts uid src src_port dst dst_port proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
||||
#types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
||||
1300475169.780331 C3eiCBGOLw3VtHfOj 173.192.163.128 80 141.142.220.235 6705 tcp - - - - OTH - - 0 H 1 48 0 0 -
|
||||
1300475168.892913 CmES5u32sYpV7JYN 141.142.220.118 49999 208.80.152.3 80 tcp - 0.220961 1137 733 S1 - - 0 ShADad 6 1457 4 949 -
|
||||
1300475168.724007 CHhAvVGS1DHFjwGM9 141.142.220.118 48649 208.80.152.118 80 tcp - 0.119905 525 232 S1 - - 0 ShADad 4 741 3 396 -
|
||||
1300475168.855330 ClEkJM2Vm5giqnMf4h 141.142.220.118 49997 208.80.152.3 80 tcp - 0.219720 1125 734 S1 - - 0 ShADad 6 1445 4 950 -
|
||||
1300475168.855305 C4J4Th3PJpwUYZZ6gc 141.142.220.118 49996 208.80.152.3 80 tcp - 0.218501 1171 733 S1 - - 0 ShADad 6 1491 4 949 -
|
||||
1300475168.652003 CwjjYJ2WqgTbAqiHl6 141.142.220.118 35634 208.80.152.2 80 tcp - 0.061329 463 350 OTH - - 0 DdA 2 567 1 402 -
|
||||
1300475168.902635 C37jN32gN3y3AZzyf6 141.142.220.118 35642 208.80.152.2 80 tcp - 0.120041 534 412 S1 - - 0 ShADad 4 750 3 576 -
|
||||
1300475168.855305 C4J4Th3PJpwUYZZ6gc 141.142.220.118 49996 208.80.152.3 80 tcp - 0.218501 1171 733 S1 - - 0 ShADad 6 1491 4 949 -
|
||||
1300475168.855330 ClEkJM2Vm5giqnMf4h 141.142.220.118 49997 208.80.152.3 80 tcp - 0.219720 1125 734 S1 - - 0 ShADad 6 1445 4 950 -
|
||||
1300475168.859163 CtPZjS20MLrsMUOJi2 141.142.220.118 49998 208.80.152.3 80 tcp - 0.215893 1130 734 S1 - - 0 ShADad 6 1450 4 950 -
|
||||
1300475168.892913 CmES5u32sYpV7JYN 141.142.220.118 49999 208.80.152.3 80 tcp - 0.220961 1137 733 S1 - - 0 ShADad 6 1457 4 949 -
|
||||
1300475168.892936 CUM0KZ3MLUfNB0cl11 141.142.220.118 50000 208.80.152.3 80 tcp - 0.229603 1148 734 S1 - - 0 ShADad 6 1468 4 950 -
|
||||
1300475168.895267 CP5puj4I8PtEU4qzYg 141.142.220.118 50001 208.80.152.3 80 tcp - 0.227284 1178 734 S1 - - 0 ShADad 6 1498 4 950 -
|
||||
1300475168.853899 C0LAHyvtKSQHyJxIl 141.142.220.118 43927 141.142.2.2 53 udp - 0.000435 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475168.901749 CFLRIC3zaTU1loLGxh 141.142.220.118 56056 141.142.2.2 53 udp - 0.000402 36 131 SF - - 0 Dd 1 64 1 159 -
|
||||
1300475168.902195 C9rXSW3KSpTYvPrlI1 141.142.220.118 55092 141.142.2.2 53 udp - 0.000374 36 198 SF - - 0 Dd 1 64 1 226 -
|
||||
1300475168.858713 Ck51lg1bScffFj34Ri 141.142.220.118 59714 141.142.2.2 53 udp - 0.000375 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475167.099816 C9mvWx3ezztgzcexV7 141.142.220.50 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 179 0 0 -
|
||||
1300475168.854837 CNnMIj2QSd84NKf7U3 141.142.220.118 40526 141.142.2.2 53 udp - 0.000392 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475168.724007 CHhAvVGS1DHFjwGM9 141.142.220.118 48649 208.80.152.118 80 tcp - 0.119905 525 232 S1 - - 0 ShADad 4 741 3 396 -
|
||||
1300475168.857956 C0LAHyvtKSQHyJxIl 141.142.220.118 32902 141.142.2.2 53 udp - 0.000317 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475168.854378 CFLRIC3zaTU1loLGxh 141.142.220.118 37676 141.142.2.2 53 udp - 0.000420 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475168.892037 C9rXSW3KSpTYvPrlI1 141.142.220.118 38911 141.142.2.2 53 udp - 0.000335 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475168.854837 Ck51lg1bScffFj34Ri 141.142.220.118 40526 141.142.2.2 53 udp - 0.000392 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475168.853899 C9mvWx3ezztgzcexV7 141.142.220.118 43927 141.142.2.2 53 udp - 0.000435 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475168.893988 CNnMIj2QSd84NKf7U3 141.142.220.118 45000 141.142.2.2 53 udp - 0.000384 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475168.894787 C7fIlMZDuRiqjpYbb 141.142.220.118 48128 141.142.2.2 53 udp - 0.000423 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475168.894422 CykQaM33ztNt0csB9a 141.142.220.118 48479 141.142.2.2 53 udp - 0.000317 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475169.899438 CtxTCR2Yer0FR1tIBg 141.142.220.44 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 85 0 0 -
|
||||
1300475170.862384 CpmdRlaUoJLN3uIRa 141.142.220.226 137 141.142.220.255 137 udp - 2.613017 350 0 S0 - - 0 D 7 546 0 0 -
|
||||
1300475168.892414 C1Xkzz2MaGtLrc1Tla 141.142.220.118 59746 141.142.2.2 53 udp - 0.000421 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475168.858306 CqlVyW1YwZ15RhTBc4 141.142.220.118 59816 141.142.2.2 53 udp - 0.000343 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475167.097012 CLNN1k2QMum1aexUK7 fe80::217:f2ff:fed7:cf65 5353 ff02::fb 5353 udp - - - - S0 - - 0 D 1 199 0 0 -
|
||||
1300475173.117362 CBA8792iHmnhPLksKa 141.142.220.226 55671 224.0.0.252 5355 udp - 0.099849 66 0 S0 - - 0 D 2 122 0 0 -
|
||||
1300475173.153679 CGLPPc35OzDQij1XX8 141.142.220.238 56641 141.142.220.255 137 udp - - - - S0 - - 0 D 1 78 0 0 -
|
||||
1300475168.892037 CiyBAq1bBLNaTiTAc 141.142.220.118 38911 141.142.2.2 53 udp - 0.000335 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475171.675372 CFSwNi4CNGxcuffo49 fe80::3074:17d5:2052:c324 65373 ff02::1:3 5355 udp - 0.100096 66 0 S0 - - 0 D 2 162 0 0 -
|
||||
1300475167.096535 Cipfzj1BEnhejw8cGf 141.142.220.202 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 73 0 0 -
|
||||
1300475168.854378 CV5WJ42jPYbNW9JNWf 141.142.220.118 37676 141.142.2.2 53 udp - 0.000420 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475171.677081 CPhDKt12KQPUVbQz06 141.142.220.226 55131 224.0.0.252 5355 udp - 0.100021 66 0 S0 - - 0 D 2 122 0 0 -
|
||||
1300475173.116749 CAnFrb2Cvxr5T7quOc fe80::3074:17d5:2052:c324 54213 ff02::1:3 5355 udp - 0.099801 66 0 S0 - - 0 D 2 162 0 0 -
|
||||
1300475168.893988 C8rquZ3DjgNW06JGLl 141.142.220.118 45000 141.142.2.2 53 udp - 0.000384 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475168.857956 CzrZOtXqhwwndQva3 141.142.220.118 32902 141.142.2.2 53 udp - 0.000317 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475168.891644 CaGCc13FffXe6RkQl9 141.142.220.118 58206 141.142.2.2 53 udp - 0.000339 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
#close 2016-08-10-16-53-37
|
||||
1300475168.902195 CtxTCR2Yer0FR1tIBg 141.142.220.118 55092 141.142.2.2 53 udp - 0.000374 36 198 SF - - 0 Dd 1 64 1 226 -
|
||||
1300475168.901749 CpmdRlaUoJLN3uIRa 141.142.220.118 56056 141.142.2.2 53 udp - 0.000402 36 131 SF - - 0 Dd 1 64 1 159 -
|
||||
1300475168.891644 C1Xkzz2MaGtLrc1Tla 141.142.220.118 58206 141.142.2.2 53 udp - 0.000339 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||
1300475168.858713 CqlVyW1YwZ15RhTBc4 141.142.220.118 59714 141.142.2.2 53 udp - 0.000375 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475168.892414 CLNN1k2QMum1aexUK7 141.142.220.118 59746 141.142.2.2 53 udp - 0.000421 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||
1300475168.858306 CBA8792iHmnhPLksKa 141.142.220.118 59816 141.142.2.2 53 udp - 0.000343 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||
1300475169.899438 CGLPPc35OzDQij1XX8 141.142.220.44 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 85 0 0 -
|
||||
1300475167.099816 CiyBAq1bBLNaTiTAc 141.142.220.50 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 179 0 0 -
|
||||
1300475167.096535 CFSwNi4CNGxcuffo49 141.142.220.202 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 73 0 0 -
|
||||
1300475170.862384 Cipfzj1BEnhejw8cGf 141.142.220.226 137 141.142.220.255 137 udp - 2.613017 350 0 S0 - - 0 D 7 546 0 0 -
|
||||
1300475171.677081 CV5WJ42jPYbNW9JNWf 141.142.220.226 55131 224.0.0.252 5355 udp - 0.100021 66 0 S0 - - 0 D 2 122 0 0 -
|
||||
1300475173.117362 CPhDKt12KQPUVbQz06 141.142.220.226 55671 224.0.0.252 5355 udp - 0.099849 66 0 S0 - - 0 D 2 122 0 0 -
|
||||
1300475173.153679 CAnFrb2Cvxr5T7quOc 141.142.220.238 56641 141.142.220.255 137 udp - - - - S0 - - 0 D 1 78 0 0 -
|
||||
1300475167.097012 C8rquZ3DjgNW06JGLl fe80::217:f2ff:fed7:cf65 5353 ff02::fb 5353 udp - - - - S0 - - 0 D 1 199 0 0 -
|
||||
1300475173.116749 CzrZOtXqhwwndQva3 fe80::3074:17d5:2052:c324 54213 ff02::1:3 5355 udp - 0.099801 66 0 S0 - - 0 D 2 162 0 0 -
|
||||
1300475171.675372 CaGCc13FffXe6RkQl9 fe80::3074:17d5:2052:c324 65373 ff02::1:3 5355 udp - 0.100096 66 0 S0 - - 0 D 2 162 0 0 -
|
||||
#close 2019-07-31-23-54-16
|
||||
|
|
|
|||
|
|
@ -3,13 +3,13 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path conn
|
||||
#open 2019-04-17-21-00-04
|
||||
#open 2019-07-31-22-25-32
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
||||
#types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
||||
1254722767.492060 CHhAvVGS1DHFjwGM9 10.10.1.4 56166 10.10.1.1 53 udp dns 0.034025 34 100 SF - - 0 Dd 1 62 1 128 -
|
||||
1254722776.690444 C4J4Th3PJpwUYZZ6gc 10.10.1.20 138 10.10.1.255 138 udp - - - - S0 - - 0 D 1 229 0 0 -
|
||||
1254722767.529046 ClEkJM2Vm5giqnMf4h 10.10.1.4 1470 74.53.140.153 25 tcp - 0.346950 0 0 S1 - - 0 Sh 1 48 1 48 -
|
||||
1437831776.764391 CtPZjS20MLrsMUOJi2 192.168.133.100 49285 66.196.121.26 5050 tcp - 0.343008 41 0 OTH - - 0 Da 1 93 1 52 -
|
||||
1437831787.856895 CUM0KZ3MLUfNB0cl11 192.168.133.100 49648 192.168.133.102 25 tcp - 0.048043 162 154 S1 - - 154 ShDgA 3 192 1 60 -
|
||||
1437831798.533765 CmES5u32sYpV7JYN 192.168.133.100 49336 74.125.71.189 443 tcp - - - - OTH - - 0 A 1 52 0 0 -
|
||||
#close 2019-04-17-21-00-04
|
||||
1437831787.856895 CUM0KZ3MLUfNB0cl11 192.168.133.100 49648 192.168.133.102 25 tcp - 0.048043 162 154 S1 - - 154 ShDgA 3 192 1 60 -
|
||||
#close 2019-07-31-22-25-32
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path dce_rpc
|
||||
#open 2018-09-04-21-14-51
|
||||
#open 2019-07-31-20-23-16
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p rtt named_pipe endpoint operation
|
||||
#types time string addr port addr port interval string string string
|
||||
1056991898.891148 CmES5u32sYpV7JYN 192.168.0.173 1066 192.168.0.2 135 0.000375 135 epmapper ept_map
|
||||
|
|
@ -18,4 +18,4 @@
|
|||
1056991899.658670 CFLRIC3zaTU1loLGxh 192.168.0.173 1073 192.168.0.2 1032 0.001624 1032 exchange_mapi EcDoRpc
|
||||
1056991899.660794 CFLRIC3zaTU1loLGxh 192.168.0.173 1073 192.168.0.2 1032 0.003998 1032 exchange_mapi EcRRegisterPushNotification
|
||||
1056991899.707516 CFLRIC3zaTU1loLGxh 192.168.0.173 1073 192.168.0.2 1032 0.003998 1032 exchange_mapi EcRRegisterPushNotification
|
||||
#close 2018-09-04-21-14-51
|
||||
#close 2019-07-31-20-23-16
|
||||
|
|
|
|||
|
|
@ -3,9 +3,9 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path ntlm
|
||||
#open 2018-09-04-21-59-48
|
||||
#open 2019-07-31-20-23-16
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p username hostname domainname server_nb_computer_name server_dns_computer_name server_tree_name success
|
||||
#types time string addr port addr port string string string string string string bool
|
||||
1056991898.900518 C37jN32gN3y3AZzyf6 192.168.0.173 1068 192.168.0.2 4997 ALeonard ALEONARD-XP CNAMIS SATURN - - -
|
||||
1056991899.591337 CFLRIC3zaTU1loLGxh 192.168.0.173 1073 192.168.0.2 1032 ALeonard ALEONARD-XP CNAMIS SATURN - - -
|
||||
#close 2018-09-04-21-59-48
|
||||
1056991898.900518 C37jN32gN3y3AZzyf6 192.168.0.173 1068 192.168.0.2 4997 ALeonard ALEONARD-XP CNAMIS SATURN - - -
|
||||
#close 2019-07-31-20-23-16
|
||||
|
|
|
|||
|
|
@ -3,9 +3,9 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path conn
|
||||
#open 2018-02-18-22-12-45
|
||||
#open 2019-07-31-20-23-20
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
||||
#types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
||||
1348168976.546371 ClEkJM2Vm5giqnMf4h 192.168.57.103 35391 192.168.57.101 55968 tcp ssl,gridftp-data 0.010760 2109 3196 S1 - - 0 ShADad 7 2481 6 3516 -
|
||||
1348168976.274919 CHhAvVGS1DHFjwGM9 192.168.57.103 60108 192.168.57.101 2811 tcp ftp,gridftp,ssl 0.294743 4491 6659 SF - - 0 ShAdDaFf 22 5643 21 7759 -
|
||||
#close 2018-02-18-22-12-45
|
||||
1348168976.546371 ClEkJM2Vm5giqnMf4h 192.168.57.103 35391 192.168.57.101 55968 tcp ssl,gridftp-data 0.010760 2109 3196 S1 - - 0 ShADad 7 2481 6 3516 -
|
||||
#close 2019-07-31-20-23-21
|
||||
|
|
|
|||
|
|
@ -3,8 +3,8 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path notice
|
||||
#open 2019-06-05-19-31-25
|
||||
#open 2019-07-31-20-23-20
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p fuid file_mime_type file_desc proto note msg sub src dst p n peer_descr actions suppress_for remote_location.country_code remote_location.region remote_location.city remote_location.latitude remote_location.longitude
|
||||
#types time string addr port addr port string string string enum enum string string addr addr port count string set[enum] interval string string string double double
|
||||
1348168976.557131 ClEkJM2Vm5giqnMf4h 192.168.57.103 35391 192.168.57.101 55968 - - - tcp GridFTP::Data_Channel GridFTP data channel over threshold 2 bytes - 192.168.57.103 192.168.57.101 55968 - - Notice::ACTION_LOG 3600.000000 - - - - -
|
||||
#close 2019-06-05-19-31-25
|
||||
#close 2019-07-31-20-23-21
|
||||
|
|
|
|||
|
|
@ -3,9 +3,9 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path ssl
|
||||
#open 2017-12-21-02-27-54
|
||||
#open 2019-07-31-20-23-20
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p version cipher curve server_name resumed last_alert next_protocol established cert_chain_fuids client_cert_chain_fuids subject issuer client_subject client_issuer
|
||||
#types time string addr port addr port string string string string bool string string bool vector[string] vector[string] string string string string
|
||||
1348168976.508038 CHhAvVGS1DHFjwGM9 192.168.57.103 60108 192.168.57.101 2811 TLSv10 TLS_RSA_WITH_AES_256_CBC_SHA - - F - - T FBtbj87tgpyeDSj31,F8TfgZ31c1dFu8Kt2k FVNYOh2BeQBb7MpCPe,FwjBou1e5DbpE0eOgk,FbYQmk4x4M4Bx3PZme CN=host/alpha,OU=simpleCA-alpha,OU=GlobusTest,O=Grid CN=Globus Simple CA,OU=simpleCA-alpha,OU=GlobusTest,O=Grid CN=917532944,CN=Jon Siwek,OU=local,OU=simpleCA-alpha,OU=GlobusTest,O=Grid CN=Jon Siwek,OU=local,OU=simpleCA-alpha,OU=GlobusTest,O=Grid
|
||||
1348168976.551422 ClEkJM2Vm5giqnMf4h 192.168.57.103 35391 192.168.57.101 55968 TLSv10 TLS_RSA_WITH_NULL_SHA - - F - - T F4SSqN31HDIrrH5Q8h,FJHp5Pf6VLQsRQK3,FHACqa3dX9BXRV2av,FNnDVT1NURRWeoLLN3 FFWYVj4BcvQb35WIaf,Fj16G835fnJgnVlKU6,FGONoc1Nj0Ka5zlxDa CN=932373381,CN=917532944,CN=Jon Siwek,OU=local,OU=simpleCA-alpha,OU=GlobusTest,O=Grid CN=917532944,CN=Jon Siwek,OU=local,OU=simpleCA-alpha,OU=GlobusTest,O=Grid CN=917532944,CN=Jon Siwek,OU=local,OU=simpleCA-alpha,OU=GlobusTest,O=Grid CN=Jon Siwek,OU=local,OU=simpleCA-alpha,OU=GlobusTest,O=Grid
|
||||
#close 2017-12-21-02-27-54
|
||||
#close 2019-07-31-20-23-21
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path x509
|
||||
#open 2017-12-21-02-27-54
|
||||
#open 2019-07-31-20-23-20
|
||||
#fields ts id certificate.version certificate.serial certificate.subject certificate.issuer certificate.not_valid_before certificate.not_valid_after certificate.key_alg certificate.sig_alg certificate.key_type certificate.key_length certificate.exponent certificate.curve san.dns san.uri san.email san.ip basic_constraints.ca basic_constraints.path_len
|
||||
#types time string count string string string time time string string string count string string vector[string] vector[string] vector[string] vector[addr] bool count
|
||||
1348168976.510615 FBtbj87tgpyeDSj31 3 01 CN=host/alpha,OU=simpleCA-alpha,OU=GlobusTest,O=Grid CN=Globus Simple CA,OU=simpleCA-alpha,OU=GlobusTest,O=Grid 1348161979.000000 1379697979.000000 rsaEncryption sha1WithRSAEncryption rsa 1024 65537 - - - - - - -
|
||||
|
|
@ -18,4 +18,4 @@
|
|||
1348168976.554445 FFWYVj4BcvQb35WIaf 3 36B07110 CN=917532944,CN=Jon Siwek,OU=local,OU=simpleCA-alpha,OU=GlobusTest,O=Grid CN=Jon Siwek,OU=local,OU=simpleCA-alpha,OU=GlobusTest,O=Grid 1348162941.000000 1348206441.000000 rsaEncryption sha1WithRSAEncryption rsa 512 65537 - - - - - - -
|
||||
1348168976.554445 Fj16G835fnJgnVlKU6 3 02 CN=Jon Siwek,OU=local,OU=simpleCA-alpha,OU=GlobusTest,O=Grid CN=Globus Simple CA,OU=simpleCA-alpha,OU=GlobusTest,O=Grid 1348162263.000000 1379698263.000000 rsaEncryption sha1WithRSAEncryption rsa 1024 65537 - - - - - - -
|
||||
1348168976.554445 FGONoc1Nj0Ka5zlxDa 3 EA83D17188B68E4D CN=Globus Simple CA,OU=simpleCA-alpha,OU=GlobusTest,O=Grid CN=Globus Simple CA,OU=simpleCA-alpha,OU=GlobusTest,O=Grid 1348161502.000000 1505841502.000000 rsaEncryption sha1WithRSAEncryption rsa 1024 65537 - - - - - T -
|
||||
#close 2017-12-21-02-27-54
|
||||
#close 2019-07-31-20-23-21
|
||||
|
|
|
|||
|
|
@ -3,62 +3,62 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path ssl
|
||||
#open 2019-06-03-04-33-19
|
||||
#open 2019-07-31-20-23-25
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p version cipher curve server_name resumed last_alert next_protocol established cert_chain_fuids client_cert_chain_fuids subject issuer client_subject client_issuer
|
||||
#types time string addr port addr port string string string string bool string string bool vector[string] vector[string] string string string string
|
||||
1475791805.525848 ClEkJM2Vm5giqnMf4h 192.168.6.203 53227 52.32.149.186 443 - - - tls13.crypto.mozilla.org F protocol_version - F - - - - - -
|
||||
1475791805.468951 CHhAvVGS1DHFjwGM9 192.168.6.203 53226 52.32.149.186 443 - - - tls13.crypto.mozilla.org F protocol_version - F - - - - - -
|
||||
#close 2019-06-03-04-33-19
|
||||
1475791805.525848 ClEkJM2Vm5giqnMf4h 192.168.6.203 53227 52.32.149.186 443 - - - tls13.crypto.mozilla.org F protocol_version - F - - - - - -
|
||||
#close 2019-07-31-20-23-25
|
||||
#separator \x09
|
||||
#set_separator ,
|
||||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path ssl
|
||||
#open 2019-06-03-04-33-20
|
||||
#open 2019-07-31-20-23-26
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p version cipher curve server_name resumed last_alert next_protocol established cert_chain_fuids client_cert_chain_fuids subject issuer client_subject client_issuer
|
||||
#types time string addr port addr port string string string string bool string string bool vector[string] vector[string] string string string string
|
||||
1475794630.046060 CHhAvVGS1DHFjwGM9 192.168.6.203 53994 138.68.41.77 443 TLSv13-draft14 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 x25519 - F - - F - - - - - -
|
||||
1475794635.195006 ClEkJM2Vm5giqnMf4h 192.168.6.203 53996 138.68.41.77 443 TLSv13-draft14 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 x25519 - F - - T - - - - - -
|
||||
#close 2019-06-03-04-33-20
|
||||
#close 2019-07-31-20-23-26
|
||||
#separator \x09
|
||||
#set_separator ,
|
||||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path ssl
|
||||
#open 2019-06-03-04-33-20
|
||||
#open 2019-07-31-20-23-26
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p version cipher curve server_name resumed last_alert next_protocol established cert_chain_fuids client_cert_chain_fuids subject issuer client_subject client_issuer
|
||||
#types time string addr port addr port string string string string bool string string bool vector[string] vector[string] string string string string
|
||||
1475787575.867992 CHhAvVGS1DHFjwGM9 192.150.187.20 54980 52.32.149.186 443 - - - tls13.crypto.mozilla.org F protocol_version - F - - - - - -
|
||||
1475787575.922474 ClEkJM2Vm5giqnMf4h 192.150.187.20 54982 52.32.149.186 443 - - - tls13.crypto.mozilla.org F protocol_version - F - - - - - -
|
||||
#close 2019-06-03-04-33-20
|
||||
#close 2019-07-31-20-23-26
|
||||
#separator \x09
|
||||
#set_separator ,
|
||||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path ssl
|
||||
#open 2019-06-03-04-33-21
|
||||
#open 2019-07-31-20-23-27
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p version cipher curve server_name resumed last_alert next_protocol established cert_chain_fuids client_cert_chain_fuids subject issuer client_subject client_issuer
|
||||
#types time string addr port addr port string string string string bool string string bool vector[string] vector[string] string string string string
|
||||
1475795116.906579 CHhAvVGS1DHFjwGM9 192.150.187.20 36778 138.68.41.77 443 TLSv13-draft16 TLS_CHACHA20_POLY1305_SHA256 secp384r1 - F unknown_ca - F - - - - - -
|
||||
1475795124.328003 ClEkJM2Vm5giqnMf4h 192.150.187.20 36782 138.68.41.77 443 TLSv13-draft16 TLS_CHACHA20_POLY1305_SHA256 secp384r1 - F - - T - - - - - -
|
||||
#close 2019-06-03-04-33-21
|
||||
#close 2019-07-31-20-23-27
|
||||
#separator \x09
|
||||
#set_separator ,
|
||||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path ssl
|
||||
#open 2019-06-03-04-33-22
|
||||
#open 2019-07-31-20-23-27
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p version cipher curve server_name resumed last_alert next_protocol established cert_chain_fuids client_cert_chain_fuids subject issuer client_subject client_issuer
|
||||
#types time string addr port addr port string string string string bool string string bool vector[string] vector[string] string string string string
|
||||
1555610808.383902 CHhAvVGS1DHFjwGM9 192.168.178.80 54220 174.138.9.219 443 TLSv13 TLS_CHACHA20_POLY1305_SHA256 x25519 - T - - T - - - - - -
|
||||
#close 2019-06-03-04-33-22
|
||||
#close 2019-07-31-20-23-27
|
||||
#separator \x09
|
||||
#set_separator ,
|
||||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path ssl
|
||||
#open 2019-06-03-04-33-22
|
||||
#open 2019-07-31-20-23-27
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p version cipher curve server_name resumed last_alert next_protocol established cert_chain_fuids client_cert_chain_fuids subject issuer client_subject client_issuer
|
||||
#types time string addr port addr port string string string string bool string string bool vector[string] vector[string] string string string string
|
||||
1556554523.016311 CHhAvVGS1DHFjwGM9 10.192.48.168 63564 64.233.185.139 443 TLSv13 TLS_AES_256_GCM_SHA384 secp256r1 - T - - T - - - - - -
|
||||
#close 2019-06-03-04-33-22
|
||||
#close 2019-07-31-20-23-27
|
||||
|
|
|
|||
File diff suppressed because one or more lines are too long
|
|
@ -3,41 +3,41 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path conn
|
||||
#open 2018-01-12-21-44-59
|
||||
#open 2019-08-01-00-38-59
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents orig_l2_addr resp_l2_addr
|
||||
#types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string] string string
|
||||
1300475169.780331 C3eiCBGOLw3VtHfOj 173.192.163.128 80 141.142.220.235 6705 tcp - - - - OTH - - 0 H 1 48 0 0 - 00:13:7f:be:8c:ff 00:e0:db:01:cf:4b
|
||||
1300475168.892913 CmES5u32sYpV7JYN 141.142.220.118 49999 208.80.152.3 80 tcp - 0.220961 1137 733 S1 - - 0 ShADad 6 1457 4 949 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475168.724007 CHhAvVGS1DHFjwGM9 141.142.220.118 48649 208.80.152.118 80 tcp - 0.119905 525 232 S1 - - 0 ShADad 4 741 3 396 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475168.855330 ClEkJM2Vm5giqnMf4h 141.142.220.118 49997 208.80.152.3 80 tcp - 0.219720 1125 734 S1 - - 0 ShADad 6 1445 4 950 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475168.855305 C4J4Th3PJpwUYZZ6gc 141.142.220.118 49996 208.80.152.3 80 tcp - 0.218501 1171 733 S1 - - 0 ShADad 6 1491 4 949 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475168.652003 CwjjYJ2WqgTbAqiHl6 141.142.220.118 35634 208.80.152.2 80 tcp - 0.061329 463 350 OTH - - 0 DdA 2 567 1 402 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475168.902635 C37jN32gN3y3AZzyf6 141.142.220.118 35642 208.80.152.2 80 tcp - 0.120041 534 412 S1 - - 0 ShADad 4 750 3 576 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475168.855305 C4J4Th3PJpwUYZZ6gc 141.142.220.118 49996 208.80.152.3 80 tcp - 0.218501 1171 733 S1 - - 0 ShADad 6 1491 4 949 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475168.855330 ClEkJM2Vm5giqnMf4h 141.142.220.118 49997 208.80.152.3 80 tcp - 0.219720 1125 734 S1 - - 0 ShADad 6 1445 4 950 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475168.859163 CtPZjS20MLrsMUOJi2 141.142.220.118 49998 208.80.152.3 80 tcp - 0.215893 1130 734 S1 - - 0 ShADad 6 1450 4 950 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475168.892913 CmES5u32sYpV7JYN 141.142.220.118 49999 208.80.152.3 80 tcp - 0.220961 1137 733 S1 - - 0 ShADad 6 1457 4 949 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475168.892936 CUM0KZ3MLUfNB0cl11 141.142.220.118 50000 208.80.152.3 80 tcp - 0.229603 1148 734 S1 - - 0 ShADad 6 1468 4 950 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475168.895267 CP5puj4I8PtEU4qzYg 141.142.220.118 50001 208.80.152.3 80 tcp - 0.227284 1178 734 S1 - - 0 ShADad 6 1498 4 950 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475168.853899 C0LAHyvtKSQHyJxIl 141.142.220.118 43927 141.142.2.2 53 udp - 0.000435 38 89 SF - - 0 Dd 1 66 1 117 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475168.901749 CFLRIC3zaTU1loLGxh 141.142.220.118 56056 141.142.2.2 53 udp - 0.000402 36 131 SF - - 0 Dd 1 64 1 159 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475168.902195 C9rXSW3KSpTYvPrlI1 141.142.220.118 55092 141.142.2.2 53 udp - 0.000374 36 198 SF - - 0 Dd 1 64 1 226 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475168.858713 Ck51lg1bScffFj34Ri 141.142.220.118 59714 141.142.2.2 53 udp - 0.000375 38 183 SF - - 0 Dd 1 66 1 211 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475167.099816 C9mvWx3ezztgzcexV7 141.142.220.50 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 179 0 0 - 00:17:f2:d7:cf:65 01:00:5e:00:00:fb
|
||||
1300475168.854837 CNnMIj2QSd84NKf7U3 141.142.220.118 40526 141.142.2.2 53 udp - 0.000392 38 183 SF - - 0 Dd 1 66 1 211 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475168.724007 CHhAvVGS1DHFjwGM9 141.142.220.118 48649 208.80.152.118 80 tcp - 0.119905 525 232 S1 - - 0 ShADad 4 741 3 396 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475168.857956 C0LAHyvtKSQHyJxIl 141.142.220.118 32902 141.142.2.2 53 udp - 0.000317 38 89 SF - - 0 Dd 1 66 1 117 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475168.854378 CFLRIC3zaTU1loLGxh 141.142.220.118 37676 141.142.2.2 53 udp - 0.000420 52 99 SF - - 0 Dd 1 80 1 127 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475168.892037 C9rXSW3KSpTYvPrlI1 141.142.220.118 38911 141.142.2.2 53 udp - 0.000335 52 99 SF - - 0 Dd 1 80 1 127 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475168.854837 Ck51lg1bScffFj34Ri 141.142.220.118 40526 141.142.2.2 53 udp - 0.000392 38 183 SF - - 0 Dd 1 66 1 211 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475168.853899 C9mvWx3ezztgzcexV7 141.142.220.118 43927 141.142.2.2 53 udp - 0.000435 38 89 SF - - 0 Dd 1 66 1 117 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475168.893988 CNnMIj2QSd84NKf7U3 141.142.220.118 45000 141.142.2.2 53 udp - 0.000384 38 89 SF - - 0 Dd 1 66 1 117 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475168.894787 C7fIlMZDuRiqjpYbb 141.142.220.118 48128 141.142.2.2 53 udp - 0.000423 38 183 SF - - 0 Dd 1 66 1 211 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475168.894422 CykQaM33ztNt0csB9a 141.142.220.118 48479 141.142.2.2 53 udp - 0.000317 52 99 SF - - 0 Dd 1 80 1 127 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475169.899438 CtxTCR2Yer0FR1tIBg 141.142.220.44 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 85 0 0 - 00:16:76:23:d9:e3 01:00:5e:00:00:fb
|
||||
1300475170.862384 CpmdRlaUoJLN3uIRa 141.142.220.226 137 141.142.220.255 137 udp - 2.613017 350 0 S0 - - 0 D 7 546 0 0 - f0:4d:a2:47:ba:25 ff:ff:ff:ff:ff:ff
|
||||
1300475168.892414 C1Xkzz2MaGtLrc1Tla 141.142.220.118 59746 141.142.2.2 53 udp - 0.000421 38 183 SF - - 0 Dd 1 66 1 211 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475168.858306 CqlVyW1YwZ15RhTBc4 141.142.220.118 59816 141.142.2.2 53 udp - 0.000343 52 99 SF - - 0 Dd 1 80 1 127 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475167.097012 CLNN1k2QMum1aexUK7 fe80::217:f2ff:fed7:cf65 5353 ff02::fb 5353 udp - - - - S0 - - 0 D 1 199 0 0 - 00:17:f2:d7:cf:65 33:33:00:00:00:fb
|
||||
1300475173.117362 CBA8792iHmnhPLksKa 141.142.220.226 55671 224.0.0.252 5355 udp - 0.099849 66 0 S0 - - 0 D 2 122 0 0 - f0:4d:a2:47:ba:25 01:00:5e:00:00:fc
|
||||
1300475173.153679 CGLPPc35OzDQij1XX8 141.142.220.238 56641 141.142.220.255 137 udp - - - - S0 - - 0 D 1 78 0 0 - 00:23:32:b6:0c:46 ff:ff:ff:ff:ff:ff
|
||||
1300475168.892037 CiyBAq1bBLNaTiTAc 141.142.220.118 38911 141.142.2.2 53 udp - 0.000335 52 99 SF - - 0 Dd 1 80 1 127 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475171.675372 CFSwNi4CNGxcuffo49 fe80::3074:17d5:2052:c324 65373 ff02::1:3 5355 udp - 0.100096 66 0 S0 - - 0 D 2 162 0 0 - f0:4d:a2:47:ba:25 33:33:00:01:00:03
|
||||
1300475167.096535 Cipfzj1BEnhejw8cGf 141.142.220.202 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 73 0 0 - 00:30:48:bd:3e:c4 01:00:5e:00:00:fb
|
||||
1300475168.854378 CV5WJ42jPYbNW9JNWf 141.142.220.118 37676 141.142.2.2 53 udp - 0.000420 52 99 SF - - 0 Dd 1 80 1 127 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475171.677081 CPhDKt12KQPUVbQz06 141.142.220.226 55131 224.0.0.252 5355 udp - 0.100021 66 0 S0 - - 0 D 2 122 0 0 - f0:4d:a2:47:ba:25 01:00:5e:00:00:fc
|
||||
1300475173.116749 CAnFrb2Cvxr5T7quOc fe80::3074:17d5:2052:c324 54213 ff02::1:3 5355 udp - 0.099801 66 0 S0 - - 0 D 2 162 0 0 - f0:4d:a2:47:ba:25 33:33:00:01:00:03
|
||||
1300475168.893988 C8rquZ3DjgNW06JGLl 141.142.220.118 45000 141.142.2.2 53 udp - 0.000384 38 89 SF - - 0 Dd 1 66 1 117 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475168.857956 CzrZOtXqhwwndQva3 141.142.220.118 32902 141.142.2.2 53 udp - 0.000317 38 89 SF - - 0 Dd 1 66 1 117 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475168.891644 CaGCc13FffXe6RkQl9 141.142.220.118 58206 141.142.2.2 53 udp - 0.000339 38 89 SF - - 0 Dd 1 66 1 117 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
#close 2018-01-12-21-44-59
|
||||
1300475168.902195 CtxTCR2Yer0FR1tIBg 141.142.220.118 55092 141.142.2.2 53 udp - 0.000374 36 198 SF - - 0 Dd 1 64 1 226 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475168.901749 CpmdRlaUoJLN3uIRa 141.142.220.118 56056 141.142.2.2 53 udp - 0.000402 36 131 SF - - 0 Dd 1 64 1 159 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475168.891644 C1Xkzz2MaGtLrc1Tla 141.142.220.118 58206 141.142.2.2 53 udp - 0.000339 38 89 SF - - 0 Dd 1 66 1 117 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475168.858713 CqlVyW1YwZ15RhTBc4 141.142.220.118 59714 141.142.2.2 53 udp - 0.000375 38 183 SF - - 0 Dd 1 66 1 211 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475168.892414 CLNN1k2QMum1aexUK7 141.142.220.118 59746 141.142.2.2 53 udp - 0.000421 38 183 SF - - 0 Dd 1 66 1 211 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475168.858306 CBA8792iHmnhPLksKa 141.142.220.118 59816 141.142.2.2 53 udp - 0.000343 52 99 SF - - 0 Dd 1 80 1 127 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||
1300475169.899438 CGLPPc35OzDQij1XX8 141.142.220.44 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 85 0 0 - 00:16:76:23:d9:e3 01:00:5e:00:00:fb
|
||||
1300475167.099816 CiyBAq1bBLNaTiTAc 141.142.220.50 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 179 0 0 - 00:17:f2:d7:cf:65 01:00:5e:00:00:fb
|
||||
1300475167.096535 CFSwNi4CNGxcuffo49 141.142.220.202 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 73 0 0 - 00:30:48:bd:3e:c4 01:00:5e:00:00:fb
|
||||
1300475170.862384 Cipfzj1BEnhejw8cGf 141.142.220.226 137 141.142.220.255 137 udp - 2.613017 350 0 S0 - - 0 D 7 546 0 0 - f0:4d:a2:47:ba:25 ff:ff:ff:ff:ff:ff
|
||||
1300475171.677081 CV5WJ42jPYbNW9JNWf 141.142.220.226 55131 224.0.0.252 5355 udp - 0.100021 66 0 S0 - - 0 D 2 122 0 0 - f0:4d:a2:47:ba:25 01:00:5e:00:00:fc
|
||||
1300475173.117362 CPhDKt12KQPUVbQz06 141.142.220.226 55671 224.0.0.252 5355 udp - 0.099849 66 0 S0 - - 0 D 2 122 0 0 - f0:4d:a2:47:ba:25 01:00:5e:00:00:fc
|
||||
1300475173.153679 CAnFrb2Cvxr5T7quOc 141.142.220.238 56641 141.142.220.255 137 udp - - - - S0 - - 0 D 1 78 0 0 - 00:23:32:b6:0c:46 ff:ff:ff:ff:ff:ff
|
||||
1300475167.097012 C8rquZ3DjgNW06JGLl fe80::217:f2ff:fed7:cf65 5353 ff02::fb 5353 udp - - - - S0 - - 0 D 1 199 0 0 - 00:17:f2:d7:cf:65 33:33:00:00:00:fb
|
||||
1300475173.116749 CzrZOtXqhwwndQva3 fe80::3074:17d5:2052:c324 54213 ff02::1:3 5355 udp - 0.099801 66 0 S0 - - 0 D 2 162 0 0 - f0:4d:a2:47:ba:25 33:33:00:01:00:03
|
||||
1300475171.675372 CaGCc13FffXe6RkQl9 fe80::3074:17d5:2052:c324 65373 ff02::1:3 5355 udp - 0.100096 66 0 S0 - - 0 D 2 162 0 0 - f0:4d:a2:47:ba:25 33:33:00:01:00:03
|
||||
#close 2019-08-01-00-38-59
|
||||
|
|
|
|||
|
|
@ -3,9 +3,9 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path conn
|
||||
#open 2018-01-12-21-45-00
|
||||
#open 2019-08-01-00-38-59
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents orig_l2_addr resp_l2_addr
|
||||
#types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string] string string
|
||||
1439902891.705224 CHhAvVGS1DHFjwGM9 172.17.156.76 61738 208.67.220.220 53 udp - 0.041654 35 128 SF - - 0 Dd 1 63 1 156 - 90:72:40:97:b6:f5 44:2b:03:aa:ab:8d
|
||||
1439903050.580632 ClEkJM2Vm5giqnMf4h fe80::a667:6ff:fef7:ec54 5353 ff02::fb 5353 udp - - - - S0 - - 0 D 1 328 0 0 - a4:67:06:f7:ec:54 33:33:00:00:00:fb
|
||||
#close 2018-01-12-21-45-00
|
||||
#close 2019-08-01-00-38-59
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path conn
|
||||
#open 2018-01-12-21-45-00
|
||||
#open 2019-08-01-00-39-00
|
||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents orig_l2_addr resp_l2_addr
|
||||
#types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string] string string
|
||||
826191058.128321 CHhAvVGS1DHFjwGM9 128.3.140.132 2035 194.140.136.34 80 tcp - - - - RSTOS0 - - 0 R 1 40 0 0 - - -
|
||||
|
|
@ -1339,4 +1339,4 @@
|
|||
826277279.235554 CBP3Hu4RKc79x58Y2 128.3.140.132 2035 194.140.136.34 80 tcp - - - - RSTOS0 - - 0 R 1 40 0 0 - - -
|
||||
826277339.221727 CUbAnm2k9C1iEtTmgd 128.3.140.132 2035 194.140.136.34 80 tcp - - - - RSTOS0 - - 0 R 1 40 0 0 - - -
|
||||
826277399.202051 CkWokd3nscpygp5lIc 128.3.140.132 2035 194.140.136.34 80 tcp - - - - RSTOS0 - - 0 R 1 40 0 0 - - -
|
||||
#close 2018-01-12-21-45-00
|
||||
#close 2019-08-01-00-39-00
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue