mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 06:38:20 +00:00
frameworks/dpd: Move to frameworks/analyzer/dpd, load by default
* Because frameworks/analyzer is loaded via init-frameworks-and-bifs the dpd functionality (really just dpd.log and disabling of analyzers) is now enabled even in bare mode. * Not sure we need to keep frameworks/base/dpd/__load__.zeek around or can just remove it right away.
This commit is contained in:
Arne Welzel
parent
b60a4e3a1f
commit
9e7f2a04c1
23 changed files with 323 additions and 318 deletions
|
|
@ -1 +1,2 @@
|
||||||
@load ./main
|
@load ./main
|
||||||
|
@load ./dpd
|
||||||
|
|
|
||||||
|
|
@ -1 +1,3 @@
|
||||||
@load ./main
|
@deprecated "Remove in v6.1 - use @load base/frameworks/analyzer instead";
|
||||||
|
|
||||||
|
@load base/frameworks/analyzer
|
||||||
|
|
|
||||||
|
|
@ -30,7 +30,6 @@
|
||||||
#@load base/frameworks/logging
|
#@load base/frameworks/logging
|
||||||
@load base/frameworks/notice
|
@load base/frameworks/notice
|
||||||
@load base/frameworks/analyzer
|
@load base/frameworks/analyzer
|
||||||
@load base/frameworks/dpd
|
|
||||||
@load base/frameworks/signatures
|
@load base/frameworks/signatures
|
||||||
@load base/frameworks/packet-filter
|
@load base/frameworks/packet-filter
|
||||||
@load base/frameworks/software
|
@load base/frameworks/software
|
||||||
|
|
|
||||||
|
|
@ -4,7 +4,7 @@
|
||||||
##! A caveat to logging packet data is that in some cases, the packet may
|
##! A caveat to logging packet data is that in some cases, the packet may
|
||||||
##! not be the packet that actually caused the protocol violation.
|
##! not be the packet that actually caused the protocol violation.
|
||||||
|
|
||||||
@load base/frameworks/dpd
|
@load base/frameworks/analyzer
|
||||||
|
|
||||||
module DPD;
|
module DPD;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -112,6 +112,7 @@ scripts/base/init-frameworks-and-bifs.zeek
|
||||||
scripts/base/frameworks/input/readers/config.zeek
|
scripts/base/frameworks/input/readers/config.zeek
|
||||||
scripts/base/frameworks/input/readers/sqlite.zeek
|
scripts/base/frameworks/input/readers/sqlite.zeek
|
||||||
scripts/base/frameworks/analyzer/__load__.zeek
|
scripts/base/frameworks/analyzer/__load__.zeek
|
||||||
|
scripts/base/frameworks/analyzer/dpd.zeek
|
||||||
scripts/base/frameworks/files/__load__.zeek
|
scripts/base/frameworks/files/__load__.zeek
|
||||||
scripts/base/frameworks/files/main.zeek
|
scripts/base/frameworks/files/main.zeek
|
||||||
build/scripts/base/bif/file_analysis.bif.zeek
|
build/scripts/base/bif/file_analysis.bif.zeek
|
||||||
|
|
|
||||||
|
|
@ -1,2 +1,3 @@
|
||||||
### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
|
### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
|
||||||
### NOTE: This file has been sorted with diff-sort.
|
### NOTE: This file has been sorted with diff-sort.
|
||||||
|
warning in <...>/__load__.zeek, line 1: deprecated script loaded from command line arguments "Remove in v6.1 - use @load base<...>/analyzer instead";
|
||||||
|
|
|
||||||
|
|
@ -112,6 +112,7 @@ scripts/base/init-frameworks-and-bifs.zeek
|
||||||
scripts/base/frameworks/input/readers/config.zeek
|
scripts/base/frameworks/input/readers/config.zeek
|
||||||
scripts/base/frameworks/input/readers/sqlite.zeek
|
scripts/base/frameworks/input/readers/sqlite.zeek
|
||||||
scripts/base/frameworks/analyzer/__load__.zeek
|
scripts/base/frameworks/analyzer/__load__.zeek
|
||||||
|
scripts/base/frameworks/analyzer/dpd.zeek
|
||||||
scripts/base/frameworks/files/__load__.zeek
|
scripts/base/frameworks/files/__load__.zeek
|
||||||
scripts/base/frameworks/files/main.zeek
|
scripts/base/frameworks/files/main.zeek
|
||||||
build/scripts/base/bif/file_analysis.bif.zeek
|
build/scripts/base/bif/file_analysis.bif.zeek
|
||||||
|
|
@ -279,8 +280,6 @@ scripts/base/init-default.zeek
|
||||||
scripts/base/frameworks/notice/actions/page.zeek
|
scripts/base/frameworks/notice/actions/page.zeek
|
||||||
scripts/base/frameworks/notice/actions/add-geodata.zeek
|
scripts/base/frameworks/notice/actions/add-geodata.zeek
|
||||||
scripts/base/frameworks/notice/actions/pp-alarms.zeek
|
scripts/base/frameworks/notice/actions/pp-alarms.zeek
|
||||||
scripts/base/frameworks/dpd/__load__.zeek
|
|
||||||
scripts/base/frameworks/dpd/main.zeek
|
|
||||||
scripts/base/frameworks/signatures/__load__.zeek
|
scripts/base/frameworks/signatures/__load__.zeek
|
||||||
scripts/base/frameworks/signatures/main.zeek
|
scripts/base/frameworks/signatures/main.zeek
|
||||||
scripts/base/frameworks/packet-filter/__load__.zeek
|
scripts/base/frameworks/packet-filter/__load__.zeek
|
||||||
|
|
|
||||||
|
|
@ -5,6 +5,7 @@
|
||||||
-./frameworks/cluster/nodes/proxy.zeek
|
-./frameworks/cluster/nodes/proxy.zeek
|
||||||
-./frameworks/cluster/nodes/worker.zeek
|
-./frameworks/cluster/nodes/worker.zeek
|
||||||
-./frameworks/cluster/setup-connections.zeek
|
-./frameworks/cluster/setup-connections.zeek
|
||||||
|
-./frameworks/dpd/__load__.zeek
|
||||||
-./frameworks/intel/cluster.zeek
|
-./frameworks/intel/cluster.zeek
|
||||||
-./frameworks/netcontrol/cluster.zeek
|
-./frameworks/netcontrol/cluster.zeek
|
||||||
-./frameworks/openflow/cluster.zeek
|
-./frameworks/openflow/cluster.zeek
|
||||||
|
|
|
||||||
|
|
@ -884,6 +884,7 @@
|
||||||
0.000000 MetaHookPost LoadFile(0, ./data.bif.zeek, <...>/data.bif.zeek) -> -1
|
0.000000 MetaHookPost LoadFile(0, ./data.bif.zeek, <...>/data.bif.zeek) -> -1
|
||||||
0.000000 MetaHookPost LoadFile(0, ./dcc-send, <...>/dcc-send.zeek) -> -1
|
0.000000 MetaHookPost LoadFile(0, ./dcc-send, <...>/dcc-send.zeek) -> -1
|
||||||
0.000000 MetaHookPost LoadFile(0, ./debug, <...>/debug.zeek) -> -1
|
0.000000 MetaHookPost LoadFile(0, ./debug, <...>/debug.zeek) -> -1
|
||||||
|
0.000000 MetaHookPost LoadFile(0, ./dpd, <...>/dpd.zeek) -> -1
|
||||||
0.000000 MetaHookPost LoadFile(0, ./drop, <...>/drop.zeek) -> -1
|
0.000000 MetaHookPost LoadFile(0, ./drop, <...>/drop.zeek) -> -1
|
||||||
0.000000 MetaHookPost LoadFile(0, ./entities, <...>/entities.zeek) -> -1
|
0.000000 MetaHookPost LoadFile(0, ./entities, <...>/entities.zeek) -> -1
|
||||||
0.000000 MetaHookPost LoadFile(0, ./event.bif.zeek, <...>/event.bif.zeek) -> -1
|
0.000000 MetaHookPost LoadFile(0, ./event.bif.zeek, <...>/event.bif.zeek) -> -1
|
||||||
|
|
@ -1000,7 +1001,6 @@
|
||||||
0.000000 MetaHookPost LoadFile(0, base<...>/directions-and-hosts, <...>/directions-and-hosts.zeek) -> -1
|
0.000000 MetaHookPost LoadFile(0, base<...>/directions-and-hosts, <...>/directions-and-hosts.zeek) -> -1
|
||||||
0.000000 MetaHookPost LoadFile(0, base<...>/dnp3, <...>/dnp3) -> -1
|
0.000000 MetaHookPost LoadFile(0, base<...>/dnp3, <...>/dnp3) -> -1
|
||||||
0.000000 MetaHookPost LoadFile(0, base<...>/dns, <...>/dns) -> -1
|
0.000000 MetaHookPost LoadFile(0, base<...>/dns, <...>/dns) -> -1
|
||||||
0.000000 MetaHookPost LoadFile(0, base<...>/dpd, <...>/dpd) -> -1
|
|
||||||
0.000000 MetaHookPost LoadFile(0, base<...>/email, <...>/email.zeek) -> -1
|
0.000000 MetaHookPost LoadFile(0, base<...>/email, <...>/email.zeek) -> -1
|
||||||
0.000000 MetaHookPost LoadFile(0, base<...>/ethernet, <...>/ethernet) -> -1
|
0.000000 MetaHookPost LoadFile(0, base<...>/ethernet, <...>/ethernet) -> -1
|
||||||
0.000000 MetaHookPost LoadFile(0, base<...>/event.bif, <...>/event.bif.zeek) -> -1
|
0.000000 MetaHookPost LoadFile(0, base<...>/event.bif, <...>/event.bif.zeek) -> -1
|
||||||
|
|
@ -1269,6 +1269,7 @@
|
||||||
0.000000 MetaHookPost LoadFileExtended(0, ./data.bif.zeek, <...>/data.bif.zeek) -> (-1, <no content>)
|
0.000000 MetaHookPost LoadFileExtended(0, ./data.bif.zeek, <...>/data.bif.zeek) -> (-1, <no content>)
|
||||||
0.000000 MetaHookPost LoadFileExtended(0, ./dcc-send, <...>/dcc-send.zeek) -> (-1, <no content>)
|
0.000000 MetaHookPost LoadFileExtended(0, ./dcc-send, <...>/dcc-send.zeek) -> (-1, <no content>)
|
||||||
0.000000 MetaHookPost LoadFileExtended(0, ./debug, <...>/debug.zeek) -> (-1, <no content>)
|
0.000000 MetaHookPost LoadFileExtended(0, ./debug, <...>/debug.zeek) -> (-1, <no content>)
|
||||||
|
0.000000 MetaHookPost LoadFileExtended(0, ./dpd, <...>/dpd.zeek) -> (-1, <no content>)
|
||||||
0.000000 MetaHookPost LoadFileExtended(0, ./drop, <...>/drop.zeek) -> (-1, <no content>)
|
0.000000 MetaHookPost LoadFileExtended(0, ./drop, <...>/drop.zeek) -> (-1, <no content>)
|
||||||
0.000000 MetaHookPost LoadFileExtended(0, ./entities, <...>/entities.zeek) -> (-1, <no content>)
|
0.000000 MetaHookPost LoadFileExtended(0, ./entities, <...>/entities.zeek) -> (-1, <no content>)
|
||||||
0.000000 MetaHookPost LoadFileExtended(0, ./event.bif.zeek, <...>/event.bif.zeek) -> (-1, <no content>)
|
0.000000 MetaHookPost LoadFileExtended(0, ./event.bif.zeek, <...>/event.bif.zeek) -> (-1, <no content>)
|
||||||
|
|
@ -1385,7 +1386,6 @@
|
||||||
0.000000 MetaHookPost LoadFileExtended(0, base<...>/directions-and-hosts, <...>/directions-and-hosts.zeek) -> (-1, <no content>)
|
0.000000 MetaHookPost LoadFileExtended(0, base<...>/directions-and-hosts, <...>/directions-and-hosts.zeek) -> (-1, <no content>)
|
||||||
0.000000 MetaHookPost LoadFileExtended(0, base<...>/dnp3, <...>/dnp3) -> (-1, <no content>)
|
0.000000 MetaHookPost LoadFileExtended(0, base<...>/dnp3, <...>/dnp3) -> (-1, <no content>)
|
||||||
0.000000 MetaHookPost LoadFileExtended(0, base<...>/dns, <...>/dns) -> (-1, <no content>)
|
0.000000 MetaHookPost LoadFileExtended(0, base<...>/dns, <...>/dns) -> (-1, <no content>)
|
||||||
0.000000 MetaHookPost LoadFileExtended(0, base<...>/dpd, <...>/dpd) -> (-1, <no content>)
|
|
||||||
0.000000 MetaHookPost LoadFileExtended(0, base<...>/email, <...>/email.zeek) -> (-1, <no content>)
|
0.000000 MetaHookPost LoadFileExtended(0, base<...>/email, <...>/email.zeek) -> (-1, <no content>)
|
||||||
0.000000 MetaHookPost LoadFileExtended(0, base<...>/ethernet, <...>/ethernet) -> (-1, <no content>)
|
0.000000 MetaHookPost LoadFileExtended(0, base<...>/ethernet, <...>/ethernet) -> (-1, <no content>)
|
||||||
0.000000 MetaHookPost LoadFileExtended(0, base<...>/event.bif, <...>/event.bif.zeek) -> (-1, <no content>)
|
0.000000 MetaHookPost LoadFileExtended(0, base<...>/event.bif, <...>/event.bif.zeek) -> (-1, <no content>)
|
||||||
|
|
@ -2397,6 +2397,7 @@
|
||||||
0.000000 MetaHookPre LoadFile(0, ./data.bif.zeek, <...>/data.bif.zeek)
|
0.000000 MetaHookPre LoadFile(0, ./data.bif.zeek, <...>/data.bif.zeek)
|
||||||
0.000000 MetaHookPre LoadFile(0, ./dcc-send, <...>/dcc-send.zeek)
|
0.000000 MetaHookPre LoadFile(0, ./dcc-send, <...>/dcc-send.zeek)
|
||||||
0.000000 MetaHookPre LoadFile(0, ./debug, <...>/debug.zeek)
|
0.000000 MetaHookPre LoadFile(0, ./debug, <...>/debug.zeek)
|
||||||
|
0.000000 MetaHookPre LoadFile(0, ./dpd, <...>/dpd.zeek)
|
||||||
0.000000 MetaHookPre LoadFile(0, ./drop, <...>/drop.zeek)
|
0.000000 MetaHookPre LoadFile(0, ./drop, <...>/drop.zeek)
|
||||||
0.000000 MetaHookPre LoadFile(0, ./entities, <...>/entities.zeek)
|
0.000000 MetaHookPre LoadFile(0, ./entities, <...>/entities.zeek)
|
||||||
0.000000 MetaHookPre LoadFile(0, ./event.bif.zeek, <...>/event.bif.zeek)
|
0.000000 MetaHookPre LoadFile(0, ./event.bif.zeek, <...>/event.bif.zeek)
|
||||||
|
|
@ -2513,7 +2514,6 @@
|
||||||
0.000000 MetaHookPre LoadFile(0, base<...>/directions-and-hosts, <...>/directions-and-hosts.zeek)
|
0.000000 MetaHookPre LoadFile(0, base<...>/directions-and-hosts, <...>/directions-and-hosts.zeek)
|
||||||
0.000000 MetaHookPre LoadFile(0, base<...>/dnp3, <...>/dnp3)
|
0.000000 MetaHookPre LoadFile(0, base<...>/dnp3, <...>/dnp3)
|
||||||
0.000000 MetaHookPre LoadFile(0, base<...>/dns, <...>/dns)
|
0.000000 MetaHookPre LoadFile(0, base<...>/dns, <...>/dns)
|
||||||
0.000000 MetaHookPre LoadFile(0, base<...>/dpd, <...>/dpd)
|
|
||||||
0.000000 MetaHookPre LoadFile(0, base<...>/email, <...>/email.zeek)
|
0.000000 MetaHookPre LoadFile(0, base<...>/email, <...>/email.zeek)
|
||||||
0.000000 MetaHookPre LoadFile(0, base<...>/ethernet, <...>/ethernet)
|
0.000000 MetaHookPre LoadFile(0, base<...>/ethernet, <...>/ethernet)
|
||||||
0.000000 MetaHookPre LoadFile(0, base<...>/event.bif, <...>/event.bif.zeek)
|
0.000000 MetaHookPre LoadFile(0, base<...>/event.bif, <...>/event.bif.zeek)
|
||||||
|
|
@ -2782,6 +2782,7 @@
|
||||||
0.000000 MetaHookPre LoadFileExtended(0, ./data.bif.zeek, <...>/data.bif.zeek)
|
0.000000 MetaHookPre LoadFileExtended(0, ./data.bif.zeek, <...>/data.bif.zeek)
|
||||||
0.000000 MetaHookPre LoadFileExtended(0, ./dcc-send, <...>/dcc-send.zeek)
|
0.000000 MetaHookPre LoadFileExtended(0, ./dcc-send, <...>/dcc-send.zeek)
|
||||||
0.000000 MetaHookPre LoadFileExtended(0, ./debug, <...>/debug.zeek)
|
0.000000 MetaHookPre LoadFileExtended(0, ./debug, <...>/debug.zeek)
|
||||||
|
0.000000 MetaHookPre LoadFileExtended(0, ./dpd, <...>/dpd.zeek)
|
||||||
0.000000 MetaHookPre LoadFileExtended(0, ./drop, <...>/drop.zeek)
|
0.000000 MetaHookPre LoadFileExtended(0, ./drop, <...>/drop.zeek)
|
||||||
0.000000 MetaHookPre LoadFileExtended(0, ./entities, <...>/entities.zeek)
|
0.000000 MetaHookPre LoadFileExtended(0, ./entities, <...>/entities.zeek)
|
||||||
0.000000 MetaHookPre LoadFileExtended(0, ./event.bif.zeek, <...>/event.bif.zeek)
|
0.000000 MetaHookPre LoadFileExtended(0, ./event.bif.zeek, <...>/event.bif.zeek)
|
||||||
|
|
@ -2898,7 +2899,6 @@
|
||||||
0.000000 MetaHookPre LoadFileExtended(0, base<...>/directions-and-hosts, <...>/directions-and-hosts.zeek)
|
0.000000 MetaHookPre LoadFileExtended(0, base<...>/directions-and-hosts, <...>/directions-and-hosts.zeek)
|
||||||
0.000000 MetaHookPre LoadFileExtended(0, base<...>/dnp3, <...>/dnp3)
|
0.000000 MetaHookPre LoadFileExtended(0, base<...>/dnp3, <...>/dnp3)
|
||||||
0.000000 MetaHookPre LoadFileExtended(0, base<...>/dns, <...>/dns)
|
0.000000 MetaHookPre LoadFileExtended(0, base<...>/dns, <...>/dns)
|
||||||
0.000000 MetaHookPre LoadFileExtended(0, base<...>/dpd, <...>/dpd)
|
|
||||||
0.000000 MetaHookPre LoadFileExtended(0, base<...>/email, <...>/email.zeek)
|
0.000000 MetaHookPre LoadFileExtended(0, base<...>/email, <...>/email.zeek)
|
||||||
0.000000 MetaHookPre LoadFileExtended(0, base<...>/ethernet, <...>/ethernet)
|
0.000000 MetaHookPre LoadFileExtended(0, base<...>/ethernet, <...>/ethernet)
|
||||||
0.000000 MetaHookPre LoadFileExtended(0, base<...>/event.bif, <...>/event.bif.zeek)
|
0.000000 MetaHookPre LoadFileExtended(0, base<...>/event.bif, <...>/event.bif.zeek)
|
||||||
|
|
@ -3911,6 +3911,7 @@
|
||||||
0.000000 | HookLoadFile ./data.bif.zeek <...>/data.bif.zeek
|
0.000000 | HookLoadFile ./data.bif.zeek <...>/data.bif.zeek
|
||||||
0.000000 | HookLoadFile ./dcc-send <...>/dcc-send.zeek
|
0.000000 | HookLoadFile ./dcc-send <...>/dcc-send.zeek
|
||||||
0.000000 | HookLoadFile ./debug <...>/debug.zeek
|
0.000000 | HookLoadFile ./debug <...>/debug.zeek
|
||||||
|
0.000000 | HookLoadFile ./dpd <...>/dpd.zeek
|
||||||
0.000000 | HookLoadFile ./dpd.sig <...>/dpd.sig
|
0.000000 | HookLoadFile ./dpd.sig <...>/dpd.sig
|
||||||
0.000000 | HookLoadFile ./drop <...>/drop.zeek
|
0.000000 | HookLoadFile ./drop <...>/drop.zeek
|
||||||
0.000000 | HookLoadFile ./entities <...>/entities.zeek
|
0.000000 | HookLoadFile ./entities <...>/entities.zeek
|
||||||
|
|
@ -4037,7 +4038,6 @@
|
||||||
0.000000 | HookLoadFile base<...>/directions-and-hosts <...>/directions-and-hosts.zeek
|
0.000000 | HookLoadFile base<...>/directions-and-hosts <...>/directions-and-hosts.zeek
|
||||||
0.000000 | HookLoadFile base<...>/dnp3 <...>/dnp3
|
0.000000 | HookLoadFile base<...>/dnp3 <...>/dnp3
|
||||||
0.000000 | HookLoadFile base<...>/dns <...>/dns
|
0.000000 | HookLoadFile base<...>/dns <...>/dns
|
||||||
0.000000 | HookLoadFile base<...>/dpd <...>/dpd
|
|
||||||
0.000000 | HookLoadFile base<...>/email <...>/email.zeek
|
0.000000 | HookLoadFile base<...>/email <...>/email.zeek
|
||||||
0.000000 | HookLoadFile base<...>/ethernet <...>/ethernet
|
0.000000 | HookLoadFile base<...>/ethernet <...>/ethernet
|
||||||
0.000000 | HookLoadFile base<...>/event.bif <...>/event.bif.zeek
|
0.000000 | HookLoadFile base<...>/event.bif <...>/event.bif.zeek
|
||||||
|
|
@ -4296,6 +4296,7 @@
|
||||||
0.000000 | HookLoadFileExtended ./data.bif.zeek <...>/data.bif.zeek
|
0.000000 | HookLoadFileExtended ./data.bif.zeek <...>/data.bif.zeek
|
||||||
0.000000 | HookLoadFileExtended ./dcc-send <...>/dcc-send.zeek
|
0.000000 | HookLoadFileExtended ./dcc-send <...>/dcc-send.zeek
|
||||||
0.000000 | HookLoadFileExtended ./debug <...>/debug.zeek
|
0.000000 | HookLoadFileExtended ./debug <...>/debug.zeek
|
||||||
|
0.000000 | HookLoadFileExtended ./dpd <...>/dpd.zeek
|
||||||
0.000000 | HookLoadFileExtended ./dpd.sig <...>/dpd.sig
|
0.000000 | HookLoadFileExtended ./dpd.sig <...>/dpd.sig
|
||||||
0.000000 | HookLoadFileExtended ./drop <...>/drop.zeek
|
0.000000 | HookLoadFileExtended ./drop <...>/drop.zeek
|
||||||
0.000000 | HookLoadFileExtended ./entities <...>/entities.zeek
|
0.000000 | HookLoadFileExtended ./entities <...>/entities.zeek
|
||||||
|
|
@ -4422,7 +4423,6 @@
|
||||||
0.000000 | HookLoadFileExtended base<...>/directions-and-hosts <...>/directions-and-hosts.zeek
|
0.000000 | HookLoadFileExtended base<...>/directions-and-hosts <...>/directions-and-hosts.zeek
|
||||||
0.000000 | HookLoadFileExtended base<...>/dnp3 <...>/dnp3
|
0.000000 | HookLoadFileExtended base<...>/dnp3 <...>/dnp3
|
||||||
0.000000 | HookLoadFileExtended base<...>/dns <...>/dns
|
0.000000 | HookLoadFileExtended base<...>/dns <...>/dns
|
||||||
0.000000 | HookLoadFileExtended base<...>/dpd <...>/dpd
|
|
||||||
0.000000 | HookLoadFileExtended base<...>/email <...>/email.zeek
|
0.000000 | HookLoadFileExtended base<...>/email <...>/email.zeek
|
||||||
0.000000 | HookLoadFileExtended base<...>/ethernet <...>/ethernet
|
0.000000 | HookLoadFileExtended base<...>/ethernet <...>/ethernet
|
||||||
0.000000 | HookLoadFileExtended base<...>/event.bif <...>/event.bif.zeek
|
0.000000 | HookLoadFileExtended base<...>/event.bif <...>/event.bif.zeek
|
||||||
|
|
|
||||||
|
|
@ -7,38 +7,38 @@
|
||||||
#open XXXX-XX-XX-XX-XX-XX
|
#open XXXX-XX-XX-XX-XX-XX
|
||||||
#fields _write_ts _stream _innerLogged.a _innerLogged.c _innerLogged.d _system_name ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
#fields _write_ts _stream _innerLogged.a _innerLogged.c _innerLogged.d _system_name ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
||||||
#types time string count count set[count] string time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
#types time string count count set[count] string time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
||||||
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX C3eiCBGOLw3VtHfOj 173.192.163.128 80 141.142.220.235 6705 tcp - - - - OTH - - 0 H 1 48 0 0 -
|
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CFLRIC3zaTU1loLGxh 173.192.163.128 80 141.142.220.235 6705 tcp - - - - OTH - - 0 H 1 48 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CwjjYJ2WqgTbAqiHl6 141.142.220.118 32902 141.142.2.2 53 udp - 0.000317 38 89 SF - - 0 Dd 1 66 1 117 -
|
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX Ck51lg1bScffFj34Ri 141.142.220.118 32902 141.142.2.2 53 udp - 0.000317 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||||
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX C0LAHyvtKSQHyJxIl 141.142.220.118 37676 141.142.2.2 53 udp - 0.000420 52 99 SF - - 0 Dd 1 80 1 127 -
|
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX C9mvWx3ezztgzcexV7 141.142.220.118 37676 141.142.2.2 53 udp - 0.000420 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||||
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CFLRIC3zaTU1loLGxh 141.142.220.118 38911 141.142.2.2 53 udp - 0.000335 52 99 SF - - 0 Dd 1 80 1 127 -
|
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CNnMIj2QSd84NKf7U3 141.142.220.118 38911 141.142.2.2 53 udp - 0.000335 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||||
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX C9rXSW3KSpTYvPrlI1 141.142.220.118 40526 141.142.2.2 53 udp - 0.000392 38 183 SF - - 0 Dd 1 66 1 211 -
|
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX C7fIlMZDuRiqjpYbb 141.142.220.118 40526 141.142.2.2 53 udp - 0.000392 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||||
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX Ck51lg1bScffFj34Ri 141.142.220.118 43927 141.142.2.2 53 udp - 0.000435 38 89 SF - - 0 Dd 1 66 1 117 -
|
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CykQaM33ztNt0csB9a 141.142.220.118 43927 141.142.2.2 53 udp - 0.000435 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||||
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX C9mvWx3ezztgzcexV7 141.142.220.118 45000 141.142.2.2 53 udp - 0.000384 38 89 SF - - 0 Dd 1 66 1 117 -
|
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CtxTCR2Yer0FR1tIBg 141.142.220.118 45000 141.142.2.2 53 udp - 0.000384 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||||
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CNnMIj2QSd84NKf7U3 141.142.220.118 48128 141.142.2.2 53 udp - 0.000423 38 183 SF - - 0 Dd 1 66 1 211 -
|
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CpmdRlaUoJLN3uIRa 141.142.220.118 48128 141.142.2.2 53 udp - 0.000423 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||||
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX C7fIlMZDuRiqjpYbb 141.142.220.118 48479 141.142.2.2 53 udp - 0.000317 52 99 SF - - 0 Dd 1 80 1 127 -
|
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX C1Xkzz2MaGtLrc1Tla 141.142.220.118 48479 141.142.2.2 53 udp - 0.000317 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||||
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CykQaM33ztNt0csB9a 141.142.220.118 55092 141.142.2.2 53 udp - 0.000374 36 198 SF - - 0 Dd 1 64 1 226 -
|
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CqlVyW1YwZ15RhTBc4 141.142.220.118 55092 141.142.2.2 53 udp - 0.000374 36 198 SF - - 0 Dd 1 64 1 226 -
|
||||||
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CtxTCR2Yer0FR1tIBg 141.142.220.118 56056 141.142.2.2 53 udp - 0.000402 36 131 SF - - 0 Dd 1 64 1 159 -
|
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CLNN1k2QMum1aexUK7 141.142.220.118 56056 141.142.2.2 53 udp - 0.000402 36 131 SF - - 0 Dd 1 64 1 159 -
|
||||||
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CpmdRlaUoJLN3uIRa 141.142.220.118 58206 141.142.2.2 53 udp - 0.000339 38 89 SF - - 0 Dd 1 66 1 117 -
|
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CBA8792iHmnhPLksKa 141.142.220.118 58206 141.142.2.2 53 udp - 0.000339 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||||
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX C1Xkzz2MaGtLrc1Tla 141.142.220.118 59714 141.142.2.2 53 udp - 0.000375 38 183 SF - - 0 Dd 1 66 1 211 -
|
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CGLPPc35OzDQij1XX8 141.142.220.118 59714 141.142.2.2 53 udp - 0.000375 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||||
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CqlVyW1YwZ15RhTBc4 141.142.220.118 59746 141.142.2.2 53 udp - 0.000421 38 183 SF - - 0 Dd 1 66 1 211 -
|
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CiyBAq1bBLNaTiTAc 141.142.220.118 59746 141.142.2.2 53 udp - 0.000421 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||||
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CLNN1k2QMum1aexUK7 141.142.220.118 59816 141.142.2.2 53 udp - 0.000343 52 99 SF - - 0 Dd 1 80 1 127 -
|
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CFSwNi4CNGxcuffo49 141.142.220.118 59816 141.142.2.2 53 udp - 0.000343 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||||
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CBA8792iHmnhPLksKa 141.142.220.44 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 85 0 0 -
|
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX C9rXSW3KSpTYvPrlI1 141.142.220.44 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 85 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CGLPPc35OzDQij1XX8 141.142.220.50 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 179 0 0 -
|
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX C4J4Th3PJpwUYZZ6gc 141.142.220.50 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 179 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CiyBAq1bBLNaTiTAc 141.142.220.118 35634 208.80.152.2 80 tcp - 0.061329 463 350 OTH - - 0 DdA 2 567 1 402 -
|
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX Cipfzj1BEnhejw8cGf 141.142.220.118 35634 208.80.152.2 80 tcp - 0.061329 463 350 OTH - - 0 DdA 2 567 1 402 -
|
||||||
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX C37jN32gN3y3AZzyf6 141.142.220.118 35642 208.80.152.2 80 tcp - 0.120041 534 412 S1 - - 0 ShADad 4 750 3 576 -
|
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX C0LAHyvtKSQHyJxIl 141.142.220.118 35642 208.80.152.2 80 tcp - 0.120041 534 412 S1 - - 0 ShADad 4 750 3 576 -
|
||||||
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX C4J4Th3PJpwUYZZ6gc 141.142.220.118 49996 208.80.152.3 80 tcp - 0.218501 1171 733 S1 - - 0 ShADad 6 1491 4 949 -
|
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CmES5u32sYpV7JYN 141.142.220.118 49996 208.80.152.3 80 tcp - 0.218501 1171 733 S1 - - 0 ShADad 6 1491 4 949 -
|
||||||
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX ClEkJM2Vm5giqnMf4h 141.142.220.118 49997 208.80.152.3 80 tcp - 0.219720 1125 734 S1 - - 0 ShADad 6 1445 4 950 -
|
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CUM0KZ3MLUfNB0cl11 141.142.220.118 49997 208.80.152.3 80 tcp - 0.219720 1125 734 S1 - - 0 ShADad 6 1445 4 950 -
|
||||||
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CtPZjS20MLrsMUOJi2 141.142.220.118 49998 208.80.152.3 80 tcp - 0.215893 1130 734 S1 - - 0 ShADad 6 1450 4 950 -
|
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CP5puj4I8PtEU4qzYg 141.142.220.118 49998 208.80.152.3 80 tcp - 0.215893 1130 734 S1 - - 0 ShADad 6 1450 4 950 -
|
||||||
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CmES5u32sYpV7JYN 141.142.220.118 49999 208.80.152.3 80 tcp - 0.220961 1137 733 S1 - - 0 ShADad 6 1457 4 949 -
|
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX C3eiCBGOLw3VtHfOj 141.142.220.118 49999 208.80.152.3 80 tcp - 0.220961 1137 733 S1 - - 0 ShADad 6 1457 4 949 -
|
||||||
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CUM0KZ3MLUfNB0cl11 141.142.220.118 50000 208.80.152.3 80 tcp - 0.229603 1148 734 S1 - - 0 ShADad 6 1468 4 950 -
|
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX C37jN32gN3y3AZzyf6 141.142.220.118 50000 208.80.152.3 80 tcp - 0.229603 1148 734 S1 - - 0 ShADad 6 1468 4 950 -
|
||||||
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CP5puj4I8PtEU4qzYg 141.142.220.118 50001 208.80.152.3 80 tcp - 0.227284 1178 734 S1 - - 0 ShADad 6 1498 4 950 -
|
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CwjjYJ2WqgTbAqiHl6 141.142.220.118 50001 208.80.152.3 80 tcp - 0.227284 1178 734 S1 - - 0 ShADad 6 1498 4 950 -
|
||||||
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 141.142.220.118 48649 208.80.152.118 80 tcp - 0.119905 525 232 S1 - - 0 ShADad 4 741 3 396 -
|
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CtPZjS20MLrsMUOJi2 141.142.220.118 48649 208.80.152.118 80 tcp - 0.119905 525 232 S1 - - 0 ShADad 4 741 3 396 -
|
||||||
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CFSwNi4CNGxcuffo49 141.142.220.202 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 73 0 0 -
|
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 141.142.220.202 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 73 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX Cipfzj1BEnhejw8cGf 141.142.220.226 137 141.142.220.255 137 udp - 2.613017 350 0 S0 - - 0 D 7 546 0 0 -
|
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CV5WJ42jPYbNW9JNWf 141.142.220.226 137 141.142.220.255 137 udp - 2.613017 350 0 S0 - - 0 D 7 546 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CV5WJ42jPYbNW9JNWf 141.142.220.226 55131 224.0.0.252 5355 udp - 0.100021 66 0 S0 - - 0 D 2 122 0 0 -
|
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CPhDKt12KQPUVbQz06 141.142.220.226 55131 224.0.0.252 5355 udp - 0.100021 66 0 S0 - - 0 D 2 122 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CPhDKt12KQPUVbQz06 141.142.220.226 55671 224.0.0.252 5355 udp - 0.099849 66 0 S0 - - 0 D 2 122 0 0 -
|
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CAnFrb2Cvxr5T7quOc 141.142.220.226 55671 224.0.0.252 5355 udp - 0.099849 66 0 S0 - - 0 D 2 122 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CAnFrb2Cvxr5T7quOc 141.142.220.238 56641 141.142.220.255 137 udp - - - - S0 - - 0 D 1 78 0 0 -
|
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX C8rquZ3DjgNW06JGLl 141.142.220.238 56641 141.142.220.255 137 udp - - - - S0 - - 0 D 1 78 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX C8rquZ3DjgNW06JGLl fe80::217:f2ff:fed7:cf65 5353 ff02::fb 5353 udp - - - - S0 - - 0 D 1 199 0 0 -
|
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX ClEkJM2Vm5giqnMf4h fe80::217:f2ff:fed7:cf65 5353 ff02::fb 5353 udp - - - - S0 - - 0 D 1 199 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CzrZOtXqhwwndQva3 fe80::3074:17d5:2052:c324 54213 ff02::1:3 5355 udp - 0.099801 66 0 S0 - - 0 D 2 162 0 0 -
|
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CzrZOtXqhwwndQva3 fe80::3074:17d5:2052:c324 54213 ff02::1:3 5355 udp - 0.099801 66 0 S0 - - 0 D 2 162 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CaGCc13FffXe6RkQl9 fe80::3074:17d5:2052:c324 65373 ff02::1:3 5355 udp - 0.100096 66 0 S0 - - 0 D 2 162 0 0 -
|
XXXXXXXXXX.XXXXXX conn 1 3 4,2,3,1 - XXXXXXXXXX.XXXXXX CaGCc13FffXe6RkQl9 fe80::3074:17d5:2052:c324 65373 ff02::1:3 5355 udp - 0.100096 66 0 S0 - - 0 D 2 162 0 0 -
|
||||||
#close XXXX-XX-XX-XX-XX-XX
|
#close XXXX-XX-XX-XX-XX-XX
|
||||||
|
|
|
||||||
|
|
@ -7,38 +7,38 @@
|
||||||
#open XXXX-XX-XX-XX-XX-XX
|
#open XXXX-XX-XX-XX-XX-XX
|
||||||
#fields _write_ts _stream _system_name ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
#fields _write_ts _stream _system_name ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
||||||
#types time string string time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
#types time string string time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
||||||
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX C3eiCBGOLw3VtHfOj 173.192.163.128 80 141.142.220.235 6705 tcp - - - - OTH - - 0 H 1 48 0 0 -
|
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CFLRIC3zaTU1loLGxh 173.192.163.128 80 141.142.220.235 6705 tcp - - - - OTH - - 0 H 1 48 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CwjjYJ2WqgTbAqiHl6 141.142.220.118 32902 141.142.2.2 53 udp - 0.000317 38 89 SF - - 0 Dd 1 66 1 117 -
|
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX Ck51lg1bScffFj34Ri 141.142.220.118 32902 141.142.2.2 53 udp - 0.000317 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||||
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX C0LAHyvtKSQHyJxIl 141.142.220.118 37676 141.142.2.2 53 udp - 0.000420 52 99 SF - - 0 Dd 1 80 1 127 -
|
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX C9mvWx3ezztgzcexV7 141.142.220.118 37676 141.142.2.2 53 udp - 0.000420 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||||
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CFLRIC3zaTU1loLGxh 141.142.220.118 38911 141.142.2.2 53 udp - 0.000335 52 99 SF - - 0 Dd 1 80 1 127 -
|
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CNnMIj2QSd84NKf7U3 141.142.220.118 38911 141.142.2.2 53 udp - 0.000335 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||||
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX C9rXSW3KSpTYvPrlI1 141.142.220.118 40526 141.142.2.2 53 udp - 0.000392 38 183 SF - - 0 Dd 1 66 1 211 -
|
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX C7fIlMZDuRiqjpYbb 141.142.220.118 40526 141.142.2.2 53 udp - 0.000392 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||||
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX Ck51lg1bScffFj34Ri 141.142.220.118 43927 141.142.2.2 53 udp - 0.000435 38 89 SF - - 0 Dd 1 66 1 117 -
|
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CykQaM33ztNt0csB9a 141.142.220.118 43927 141.142.2.2 53 udp - 0.000435 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||||
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX C9mvWx3ezztgzcexV7 141.142.220.118 45000 141.142.2.2 53 udp - 0.000384 38 89 SF - - 0 Dd 1 66 1 117 -
|
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CtxTCR2Yer0FR1tIBg 141.142.220.118 45000 141.142.2.2 53 udp - 0.000384 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||||
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CNnMIj2QSd84NKf7U3 141.142.220.118 48128 141.142.2.2 53 udp - 0.000423 38 183 SF - - 0 Dd 1 66 1 211 -
|
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CpmdRlaUoJLN3uIRa 141.142.220.118 48128 141.142.2.2 53 udp - 0.000423 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||||
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX C7fIlMZDuRiqjpYbb 141.142.220.118 48479 141.142.2.2 53 udp - 0.000317 52 99 SF - - 0 Dd 1 80 1 127 -
|
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX C1Xkzz2MaGtLrc1Tla 141.142.220.118 48479 141.142.2.2 53 udp - 0.000317 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||||
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CykQaM33ztNt0csB9a 141.142.220.118 55092 141.142.2.2 53 udp - 0.000374 36 198 SF - - 0 Dd 1 64 1 226 -
|
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CqlVyW1YwZ15RhTBc4 141.142.220.118 55092 141.142.2.2 53 udp - 0.000374 36 198 SF - - 0 Dd 1 64 1 226 -
|
||||||
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CtxTCR2Yer0FR1tIBg 141.142.220.118 56056 141.142.2.2 53 udp - 0.000402 36 131 SF - - 0 Dd 1 64 1 159 -
|
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CLNN1k2QMum1aexUK7 141.142.220.118 56056 141.142.2.2 53 udp - 0.000402 36 131 SF - - 0 Dd 1 64 1 159 -
|
||||||
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CpmdRlaUoJLN3uIRa 141.142.220.118 58206 141.142.2.2 53 udp - 0.000339 38 89 SF - - 0 Dd 1 66 1 117 -
|
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CBA8792iHmnhPLksKa 141.142.220.118 58206 141.142.2.2 53 udp - 0.000339 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||||
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX C1Xkzz2MaGtLrc1Tla 141.142.220.118 59714 141.142.2.2 53 udp - 0.000375 38 183 SF - - 0 Dd 1 66 1 211 -
|
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CGLPPc35OzDQij1XX8 141.142.220.118 59714 141.142.2.2 53 udp - 0.000375 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||||
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CqlVyW1YwZ15RhTBc4 141.142.220.118 59746 141.142.2.2 53 udp - 0.000421 38 183 SF - - 0 Dd 1 66 1 211 -
|
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CiyBAq1bBLNaTiTAc 141.142.220.118 59746 141.142.2.2 53 udp - 0.000421 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||||
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CLNN1k2QMum1aexUK7 141.142.220.118 59816 141.142.2.2 53 udp - 0.000343 52 99 SF - - 0 Dd 1 80 1 127 -
|
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CFSwNi4CNGxcuffo49 141.142.220.118 59816 141.142.2.2 53 udp - 0.000343 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||||
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CBA8792iHmnhPLksKa 141.142.220.44 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 85 0 0 -
|
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX C9rXSW3KSpTYvPrlI1 141.142.220.44 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 85 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CGLPPc35OzDQij1XX8 141.142.220.50 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 179 0 0 -
|
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX C4J4Th3PJpwUYZZ6gc 141.142.220.50 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 179 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CiyBAq1bBLNaTiTAc 141.142.220.118 35634 208.80.152.2 80 tcp - 0.061329 463 350 OTH - - 0 DdA 2 567 1 402 -
|
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX Cipfzj1BEnhejw8cGf 141.142.220.118 35634 208.80.152.2 80 tcp - 0.061329 463 350 OTH - - 0 DdA 2 567 1 402 -
|
||||||
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX C37jN32gN3y3AZzyf6 141.142.220.118 35642 208.80.152.2 80 tcp - 0.120041 534 412 S1 - - 0 ShADad 4 750 3 576 -
|
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX C0LAHyvtKSQHyJxIl 141.142.220.118 35642 208.80.152.2 80 tcp - 0.120041 534 412 S1 - - 0 ShADad 4 750 3 576 -
|
||||||
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX C4J4Th3PJpwUYZZ6gc 141.142.220.118 49996 208.80.152.3 80 tcp - 0.218501 1171 733 S1 - - 0 ShADad 6 1491 4 949 -
|
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CmES5u32sYpV7JYN 141.142.220.118 49996 208.80.152.3 80 tcp - 0.218501 1171 733 S1 - - 0 ShADad 6 1491 4 949 -
|
||||||
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX ClEkJM2Vm5giqnMf4h 141.142.220.118 49997 208.80.152.3 80 tcp - 0.219720 1125 734 S1 - - 0 ShADad 6 1445 4 950 -
|
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CUM0KZ3MLUfNB0cl11 141.142.220.118 49997 208.80.152.3 80 tcp - 0.219720 1125 734 S1 - - 0 ShADad 6 1445 4 950 -
|
||||||
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CtPZjS20MLrsMUOJi2 141.142.220.118 49998 208.80.152.3 80 tcp - 0.215893 1130 734 S1 - - 0 ShADad 6 1450 4 950 -
|
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CP5puj4I8PtEU4qzYg 141.142.220.118 49998 208.80.152.3 80 tcp - 0.215893 1130 734 S1 - - 0 ShADad 6 1450 4 950 -
|
||||||
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CmES5u32sYpV7JYN 141.142.220.118 49999 208.80.152.3 80 tcp - 0.220961 1137 733 S1 - - 0 ShADad 6 1457 4 949 -
|
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX C3eiCBGOLw3VtHfOj 141.142.220.118 49999 208.80.152.3 80 tcp - 0.220961 1137 733 S1 - - 0 ShADad 6 1457 4 949 -
|
||||||
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CUM0KZ3MLUfNB0cl11 141.142.220.118 50000 208.80.152.3 80 tcp - 0.229603 1148 734 S1 - - 0 ShADad 6 1468 4 950 -
|
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX C37jN32gN3y3AZzyf6 141.142.220.118 50000 208.80.152.3 80 tcp - 0.229603 1148 734 S1 - - 0 ShADad 6 1468 4 950 -
|
||||||
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CP5puj4I8PtEU4qzYg 141.142.220.118 50001 208.80.152.3 80 tcp - 0.227284 1178 734 S1 - - 0 ShADad 6 1498 4 950 -
|
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CwjjYJ2WqgTbAqiHl6 141.142.220.118 50001 208.80.152.3 80 tcp - 0.227284 1178 734 S1 - - 0 ShADad 6 1498 4 950 -
|
||||||
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 141.142.220.118 48649 208.80.152.118 80 tcp - 0.119905 525 232 S1 - - 0 ShADad 4 741 3 396 -
|
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CtPZjS20MLrsMUOJi2 141.142.220.118 48649 208.80.152.118 80 tcp - 0.119905 525 232 S1 - - 0 ShADad 4 741 3 396 -
|
||||||
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CFSwNi4CNGxcuffo49 141.142.220.202 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 73 0 0 -
|
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 141.142.220.202 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 73 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX Cipfzj1BEnhejw8cGf 141.142.220.226 137 141.142.220.255 137 udp - 2.613017 350 0 S0 - - 0 D 7 546 0 0 -
|
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CV5WJ42jPYbNW9JNWf 141.142.220.226 137 141.142.220.255 137 udp - 2.613017 350 0 S0 - - 0 D 7 546 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CV5WJ42jPYbNW9JNWf 141.142.220.226 55131 224.0.0.252 5355 udp - 0.100021 66 0 S0 - - 0 D 2 122 0 0 -
|
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CPhDKt12KQPUVbQz06 141.142.220.226 55131 224.0.0.252 5355 udp - 0.100021 66 0 S0 - - 0 D 2 122 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CPhDKt12KQPUVbQz06 141.142.220.226 55671 224.0.0.252 5355 udp - 0.099849 66 0 S0 - - 0 D 2 122 0 0 -
|
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CAnFrb2Cvxr5T7quOc 141.142.220.226 55671 224.0.0.252 5355 udp - 0.099849 66 0 S0 - - 0 D 2 122 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CAnFrb2Cvxr5T7quOc 141.142.220.238 56641 141.142.220.255 137 udp - - - - S0 - - 0 D 1 78 0 0 -
|
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX C8rquZ3DjgNW06JGLl 141.142.220.238 56641 141.142.220.255 137 udp - - - - S0 - - 0 D 1 78 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX C8rquZ3DjgNW06JGLl fe80::217:f2ff:fed7:cf65 5353 ff02::fb 5353 udp - - - - S0 - - 0 D 1 199 0 0 -
|
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX ClEkJM2Vm5giqnMf4h fe80::217:f2ff:fed7:cf65 5353 ff02::fb 5353 udp - - - - S0 - - 0 D 1 199 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CzrZOtXqhwwndQva3 fe80::3074:17d5:2052:c324 54213 ff02::1:3 5355 udp - 0.099801 66 0 S0 - - 0 D 2 162 0 0 -
|
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CzrZOtXqhwwndQva3 fe80::3074:17d5:2052:c324 54213 ff02::1:3 5355 udp - 0.099801 66 0 S0 - - 0 D 2 162 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CaGCc13FffXe6RkQl9 fe80::3074:17d5:2052:c324 65373 ff02::1:3 5355 udp - 0.100096 66 0 S0 - - 0 D 2 162 0 0 -
|
XXXXXXXXXX.XXXXXX conn-exc zeek XXXXXXXXXX.XXXXXX CaGCc13FffXe6RkQl9 fe80::3074:17d5:2052:c324 65373 ff02::1:3 5355 udp - 0.100096 66 0 S0 - - 0 D 2 162 0 0 -
|
||||||
#close XXXX-XX-XX-XX-XX-XX
|
#close XXXX-XX-XX-XX-XX-XX
|
||||||
|
|
|
||||||
|
|
@ -7,11 +7,7 @@
|
||||||
#open XXXX-XX-XX-XX-XX-XX
|
#open XXXX-XX-XX-XX-XX-XX
|
||||||
#fields _write_ts _stream _system_name ts uid id.orig_h id.resp_h
|
#fields _write_ts _stream _system_name ts uid id.orig_h id.resp_h
|
||||||
#types time string string time string addr addr
|
#types time string string time string addr addr
|
||||||
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX C3eiCBGOLw3VtHfOj 173.192.163.128 141.142.220.235
|
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CFLRIC3zaTU1loLGxh 173.192.163.128 141.142.220.235
|
||||||
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CwjjYJ2WqgTbAqiHl6 141.142.220.118 141.142.2.2
|
|
||||||
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX C0LAHyvtKSQHyJxIl 141.142.220.118 141.142.2.2
|
|
||||||
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CFLRIC3zaTU1loLGxh 141.142.220.118 141.142.2.2
|
|
||||||
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX C9rXSW3KSpTYvPrlI1 141.142.220.118 141.142.2.2
|
|
||||||
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX Ck51lg1bScffFj34Ri 141.142.220.118 141.142.2.2
|
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX Ck51lg1bScffFj34Ri 141.142.220.118 141.142.2.2
|
||||||
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX C9mvWx3ezztgzcexV7 141.142.220.118 141.142.2.2
|
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX C9mvWx3ezztgzcexV7 141.142.220.118 141.142.2.2
|
||||||
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CNnMIj2QSd84NKf7U3 141.142.220.118 141.142.2.2
|
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CNnMIj2QSd84NKf7U3 141.142.220.118 141.142.2.2
|
||||||
|
|
@ -22,23 +18,27 @@ XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CpmdRlaUoJLN3uIRa 141.142.220.
|
||||||
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX C1Xkzz2MaGtLrc1Tla 141.142.220.118 141.142.2.2
|
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX C1Xkzz2MaGtLrc1Tla 141.142.220.118 141.142.2.2
|
||||||
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CqlVyW1YwZ15RhTBc4 141.142.220.118 141.142.2.2
|
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CqlVyW1YwZ15RhTBc4 141.142.220.118 141.142.2.2
|
||||||
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CLNN1k2QMum1aexUK7 141.142.220.118 141.142.2.2
|
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CLNN1k2QMum1aexUK7 141.142.220.118 141.142.2.2
|
||||||
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CBA8792iHmnhPLksKa 141.142.220.44 224.0.0.251
|
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CBA8792iHmnhPLksKa 141.142.220.118 141.142.2.2
|
||||||
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CGLPPc35OzDQij1XX8 141.142.220.50 224.0.0.251
|
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CGLPPc35OzDQij1XX8 141.142.220.118 141.142.2.2
|
||||||
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CiyBAq1bBLNaTiTAc 141.142.220.118 208.80.152.2
|
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CiyBAq1bBLNaTiTAc 141.142.220.118 141.142.2.2
|
||||||
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX C37jN32gN3y3AZzyf6 141.142.220.118 208.80.152.2
|
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CFSwNi4CNGxcuffo49 141.142.220.118 141.142.2.2
|
||||||
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX C4J4Th3PJpwUYZZ6gc 141.142.220.118 208.80.152.3
|
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX C9rXSW3KSpTYvPrlI1 141.142.220.44 224.0.0.251
|
||||||
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX ClEkJM2Vm5giqnMf4h 141.142.220.118 208.80.152.3
|
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX C4J4Th3PJpwUYZZ6gc 141.142.220.50 224.0.0.251
|
||||||
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CtPZjS20MLrsMUOJi2 141.142.220.118 208.80.152.3
|
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX Cipfzj1BEnhejw8cGf 141.142.220.118 208.80.152.2
|
||||||
|
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX C0LAHyvtKSQHyJxIl 141.142.220.118 208.80.152.2
|
||||||
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CmES5u32sYpV7JYN 141.142.220.118 208.80.152.3
|
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CmES5u32sYpV7JYN 141.142.220.118 208.80.152.3
|
||||||
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CUM0KZ3MLUfNB0cl11 141.142.220.118 208.80.152.3
|
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CUM0KZ3MLUfNB0cl11 141.142.220.118 208.80.152.3
|
||||||
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CP5puj4I8PtEU4qzYg 141.142.220.118 208.80.152.3
|
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CP5puj4I8PtEU4qzYg 141.142.220.118 208.80.152.3
|
||||||
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 141.142.220.118 208.80.152.118
|
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX C3eiCBGOLw3VtHfOj 141.142.220.118 208.80.152.3
|
||||||
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CFSwNi4CNGxcuffo49 141.142.220.202 224.0.0.251
|
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX C37jN32gN3y3AZzyf6 141.142.220.118 208.80.152.3
|
||||||
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX Cipfzj1BEnhejw8cGf 141.142.220.226 141.142.220.255
|
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CwjjYJ2WqgTbAqiHl6 141.142.220.118 208.80.152.3
|
||||||
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CV5WJ42jPYbNW9JNWf 141.142.220.226 224.0.0.252
|
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CtPZjS20MLrsMUOJi2 141.142.220.118 208.80.152.118
|
||||||
|
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 141.142.220.202 224.0.0.251
|
||||||
|
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CV5WJ42jPYbNW9JNWf 141.142.220.226 141.142.220.255
|
||||||
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CPhDKt12KQPUVbQz06 141.142.220.226 224.0.0.252
|
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CPhDKt12KQPUVbQz06 141.142.220.226 224.0.0.252
|
||||||
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CAnFrb2Cvxr5T7quOc 141.142.220.238 141.142.220.255
|
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CAnFrb2Cvxr5T7quOc 141.142.220.226 224.0.0.252
|
||||||
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX C8rquZ3DjgNW06JGLl fe80::217:f2ff:fed7:cf65 ff02::fb
|
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX C8rquZ3DjgNW06JGLl 141.142.220.238 141.142.220.255
|
||||||
|
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX ClEkJM2Vm5giqnMf4h fe80::217:f2ff:fed7:cf65 ff02::fb
|
||||||
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CzrZOtXqhwwndQva3 fe80::3074:17d5:2052:c324 ff02::1:3
|
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CzrZOtXqhwwndQva3 fe80::3074:17d5:2052:c324 ff02::1:3
|
||||||
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CaGCc13FffXe6RkQl9 fe80::3074:17d5:2052:c324 ff02::1:3
|
XXXXXXXXXX.XXXXXX conn-inc zeek XXXXXXXXXX.XXXXXX CaGCc13FffXe6RkQl9 fe80::3074:17d5:2052:c324 ff02::1:3
|
||||||
#close XXXX-XX-XX-XX-XX-XX
|
#close XXXX-XX-XX-XX-XX-XX
|
||||||
|
|
|
||||||
|
|
@ -7,38 +7,38 @@
|
||||||
#open XXXX-XX-XX-XX-XX-XX
|
#open XXXX-XX-XX-XX-XX-XX
|
||||||
#fields _write_ts _system_name _undefined_string ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
#fields _write_ts _system_name _undefined_string ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
||||||
#types time string string time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
#types time string string time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
||||||
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX C3eiCBGOLw3VtHfOj 173.192.163.128 80 141.142.220.235 6705 tcp - - - - OTH - - 0 H 1 48 0 0 -
|
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CFLRIC3zaTU1loLGxh 173.192.163.128 80 141.142.220.235 6705 tcp - - - - OTH - - 0 H 1 48 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CwjjYJ2WqgTbAqiHl6 141.142.220.118 32902 141.142.2.2 53 udp - 0.000317 38 89 SF - - 0 Dd 1 66 1 117 -
|
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX Ck51lg1bScffFj34Ri 141.142.220.118 32902 141.142.2.2 53 udp - 0.000317 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||||
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX C0LAHyvtKSQHyJxIl 141.142.220.118 37676 141.142.2.2 53 udp - 0.000420 52 99 SF - - 0 Dd 1 80 1 127 -
|
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX C9mvWx3ezztgzcexV7 141.142.220.118 37676 141.142.2.2 53 udp - 0.000420 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||||
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CFLRIC3zaTU1loLGxh 141.142.220.118 38911 141.142.2.2 53 udp - 0.000335 52 99 SF - - 0 Dd 1 80 1 127 -
|
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CNnMIj2QSd84NKf7U3 141.142.220.118 38911 141.142.2.2 53 udp - 0.000335 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||||
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX C9rXSW3KSpTYvPrlI1 141.142.220.118 40526 141.142.2.2 53 udp - 0.000392 38 183 SF - - 0 Dd 1 66 1 211 -
|
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX C7fIlMZDuRiqjpYbb 141.142.220.118 40526 141.142.2.2 53 udp - 0.000392 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||||
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX Ck51lg1bScffFj34Ri 141.142.220.118 43927 141.142.2.2 53 udp - 0.000435 38 89 SF - - 0 Dd 1 66 1 117 -
|
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CykQaM33ztNt0csB9a 141.142.220.118 43927 141.142.2.2 53 udp - 0.000435 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||||
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX C9mvWx3ezztgzcexV7 141.142.220.118 45000 141.142.2.2 53 udp - 0.000384 38 89 SF - - 0 Dd 1 66 1 117 -
|
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CtxTCR2Yer0FR1tIBg 141.142.220.118 45000 141.142.2.2 53 udp - 0.000384 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||||
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CNnMIj2QSd84NKf7U3 141.142.220.118 48128 141.142.2.2 53 udp - 0.000423 38 183 SF - - 0 Dd 1 66 1 211 -
|
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CpmdRlaUoJLN3uIRa 141.142.220.118 48128 141.142.2.2 53 udp - 0.000423 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||||
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX C7fIlMZDuRiqjpYbb 141.142.220.118 48479 141.142.2.2 53 udp - 0.000317 52 99 SF - - 0 Dd 1 80 1 127 -
|
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX C1Xkzz2MaGtLrc1Tla 141.142.220.118 48479 141.142.2.2 53 udp - 0.000317 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||||
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CykQaM33ztNt0csB9a 141.142.220.118 55092 141.142.2.2 53 udp - 0.000374 36 198 SF - - 0 Dd 1 64 1 226 -
|
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CqlVyW1YwZ15RhTBc4 141.142.220.118 55092 141.142.2.2 53 udp - 0.000374 36 198 SF - - 0 Dd 1 64 1 226 -
|
||||||
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CtxTCR2Yer0FR1tIBg 141.142.220.118 56056 141.142.2.2 53 udp - 0.000402 36 131 SF - - 0 Dd 1 64 1 159 -
|
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CLNN1k2QMum1aexUK7 141.142.220.118 56056 141.142.2.2 53 udp - 0.000402 36 131 SF - - 0 Dd 1 64 1 159 -
|
||||||
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CpmdRlaUoJLN3uIRa 141.142.220.118 58206 141.142.2.2 53 udp - 0.000339 38 89 SF - - 0 Dd 1 66 1 117 -
|
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CBA8792iHmnhPLksKa 141.142.220.118 58206 141.142.2.2 53 udp - 0.000339 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||||
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX C1Xkzz2MaGtLrc1Tla 141.142.220.118 59714 141.142.2.2 53 udp - 0.000375 38 183 SF - - 0 Dd 1 66 1 211 -
|
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CGLPPc35OzDQij1XX8 141.142.220.118 59714 141.142.2.2 53 udp - 0.000375 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||||
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CqlVyW1YwZ15RhTBc4 141.142.220.118 59746 141.142.2.2 53 udp - 0.000421 38 183 SF - - 0 Dd 1 66 1 211 -
|
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CiyBAq1bBLNaTiTAc 141.142.220.118 59746 141.142.2.2 53 udp - 0.000421 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||||
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CLNN1k2QMum1aexUK7 141.142.220.118 59816 141.142.2.2 53 udp - 0.000343 52 99 SF - - 0 Dd 1 80 1 127 -
|
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CFSwNi4CNGxcuffo49 141.142.220.118 59816 141.142.2.2 53 udp - 0.000343 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||||
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CBA8792iHmnhPLksKa 141.142.220.44 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 85 0 0 -
|
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX C9rXSW3KSpTYvPrlI1 141.142.220.44 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 85 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CGLPPc35OzDQij1XX8 141.142.220.50 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 179 0 0 -
|
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX C4J4Th3PJpwUYZZ6gc 141.142.220.50 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 179 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CiyBAq1bBLNaTiTAc 141.142.220.118 35634 208.80.152.2 80 tcp - 0.061329 463 350 OTH - - 0 DdA 2 567 1 402 -
|
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX Cipfzj1BEnhejw8cGf 141.142.220.118 35634 208.80.152.2 80 tcp - 0.061329 463 350 OTH - - 0 DdA 2 567 1 402 -
|
||||||
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX C37jN32gN3y3AZzyf6 141.142.220.118 35642 208.80.152.2 80 tcp - 0.120041 534 412 S1 - - 0 ShADad 4 750 3 576 -
|
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX C0LAHyvtKSQHyJxIl 141.142.220.118 35642 208.80.152.2 80 tcp - 0.120041 534 412 S1 - - 0 ShADad 4 750 3 576 -
|
||||||
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX C4J4Th3PJpwUYZZ6gc 141.142.220.118 49996 208.80.152.3 80 tcp - 0.218501 1171 733 S1 - - 0 ShADad 6 1491 4 949 -
|
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CmES5u32sYpV7JYN 141.142.220.118 49996 208.80.152.3 80 tcp - 0.218501 1171 733 S1 - - 0 ShADad 6 1491 4 949 -
|
||||||
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX ClEkJM2Vm5giqnMf4h 141.142.220.118 49997 208.80.152.3 80 tcp - 0.219720 1125 734 S1 - - 0 ShADad 6 1445 4 950 -
|
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CUM0KZ3MLUfNB0cl11 141.142.220.118 49997 208.80.152.3 80 tcp - 0.219720 1125 734 S1 - - 0 ShADad 6 1445 4 950 -
|
||||||
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CtPZjS20MLrsMUOJi2 141.142.220.118 49998 208.80.152.3 80 tcp - 0.215893 1130 734 S1 - - 0 ShADad 6 1450 4 950 -
|
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CP5puj4I8PtEU4qzYg 141.142.220.118 49998 208.80.152.3 80 tcp - 0.215893 1130 734 S1 - - 0 ShADad 6 1450 4 950 -
|
||||||
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CmES5u32sYpV7JYN 141.142.220.118 49999 208.80.152.3 80 tcp - 0.220961 1137 733 S1 - - 0 ShADad 6 1457 4 949 -
|
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX C3eiCBGOLw3VtHfOj 141.142.220.118 49999 208.80.152.3 80 tcp - 0.220961 1137 733 S1 - - 0 ShADad 6 1457 4 949 -
|
||||||
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CUM0KZ3MLUfNB0cl11 141.142.220.118 50000 208.80.152.3 80 tcp - 0.229603 1148 734 S1 - - 0 ShADad 6 1468 4 950 -
|
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX C37jN32gN3y3AZzyf6 141.142.220.118 50000 208.80.152.3 80 tcp - 0.229603 1148 734 S1 - - 0 ShADad 6 1468 4 950 -
|
||||||
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CP5puj4I8PtEU4qzYg 141.142.220.118 50001 208.80.152.3 80 tcp - 0.227284 1178 734 S1 - - 0 ShADad 6 1498 4 950 -
|
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CwjjYJ2WqgTbAqiHl6 141.142.220.118 50001 208.80.152.3 80 tcp - 0.227284 1178 734 S1 - - 0 ShADad 6 1498 4 950 -
|
||||||
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 141.142.220.118 48649 208.80.152.118 80 tcp - 0.119905 525 232 S1 - - 0 ShADad 4 741 3 396 -
|
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CtPZjS20MLrsMUOJi2 141.142.220.118 48649 208.80.152.118 80 tcp - 0.119905 525 232 S1 - - 0 ShADad 4 741 3 396 -
|
||||||
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CFSwNi4CNGxcuffo49 141.142.220.202 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 73 0 0 -
|
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 141.142.220.202 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 73 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX Cipfzj1BEnhejw8cGf 141.142.220.226 137 141.142.220.255 137 udp - 2.613017 350 0 S0 - - 0 D 7 546 0 0 -
|
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CV5WJ42jPYbNW9JNWf 141.142.220.226 137 141.142.220.255 137 udp - 2.613017 350 0 S0 - - 0 D 7 546 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CV5WJ42jPYbNW9JNWf 141.142.220.226 55131 224.0.0.252 5355 udp - 0.100021 66 0 S0 - - 0 D 2 122 0 0 -
|
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CPhDKt12KQPUVbQz06 141.142.220.226 55131 224.0.0.252 5355 udp - 0.100021 66 0 S0 - - 0 D 2 122 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CPhDKt12KQPUVbQz06 141.142.220.226 55671 224.0.0.252 5355 udp - 0.099849 66 0 S0 - - 0 D 2 122 0 0 -
|
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CAnFrb2Cvxr5T7quOc 141.142.220.226 55671 224.0.0.252 5355 udp - 0.099849 66 0 S0 - - 0 D 2 122 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CAnFrb2Cvxr5T7quOc 141.142.220.238 56641 141.142.220.255 137 udp - - - - S0 - - 0 D 1 78 0 0 -
|
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX C8rquZ3DjgNW06JGLl 141.142.220.238 56641 141.142.220.255 137 udp - - - - S0 - - 0 D 1 78 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX C8rquZ3DjgNW06JGLl fe80::217:f2ff:fed7:cf65 5353 ff02::fb 5353 udp - - - - S0 - - 0 D 1 199 0 0 -
|
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX ClEkJM2Vm5giqnMf4h fe80::217:f2ff:fed7:cf65 5353 ff02::fb 5353 udp - - - - S0 - - 0 D 1 199 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CzrZOtXqhwwndQva3 fe80::3074:17d5:2052:c324 54213 ff02::1:3 5355 udp - 0.099801 66 0 S0 - - 0 D 2 162 0 0 -
|
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CzrZOtXqhwwndQva3 fe80::3074:17d5:2052:c324 54213 ff02::1:3 5355 udp - 0.099801 66 0 S0 - - 0 D 2 162 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CaGCc13FffXe6RkQl9 fe80::3074:17d5:2052:c324 65373 ff02::1:3 5355 udp - 0.100096 66 0 S0 - - 0 D 2 162 0 0 -
|
XXXXXXXXXX.XXXXXX zeek - XXXXXXXXXX.XXXXXX CaGCc13FffXe6RkQl9 fe80::3074:17d5:2052:c324 65373 ff02::1:3 5355 udp - 0.100096 66 0 S0 - - 0 D 2 162 0 0 -
|
||||||
#close XXXX-XX-XX-XX-XX-XX
|
#close XXXX-XX-XX-XX-XX-XX
|
||||||
|
|
|
||||||
|
|
@ -7,38 +7,38 @@
|
||||||
#open XXXX-XX-XX-XX-XX-XX
|
#open XXXX-XX-XX-XX-XX-XX
|
||||||
#fields _write_ts _stream _system_name ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
#fields _write_ts _stream _system_name ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
||||||
#types time string string time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
#types time string string time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
||||||
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX C3eiCBGOLw3VtHfOj 173.192.163.128 80 141.142.220.235 6705 tcp - - - - OTH - - 0 H 1 48 0 0 -
|
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CFLRIC3zaTU1loLGxh 173.192.163.128 80 141.142.220.235 6705 tcp - - - - OTH - - 0 H 1 48 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CwjjYJ2WqgTbAqiHl6 141.142.220.118 32902 141.142.2.2 53 udp - 0.000317 38 89 SF - - 0 Dd 1 66 1 117 -
|
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX Ck51lg1bScffFj34Ri 141.142.220.118 32902 141.142.2.2 53 udp - 0.000317 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||||
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX C0LAHyvtKSQHyJxIl 141.142.220.118 37676 141.142.2.2 53 udp - 0.000420 52 99 SF - - 0 Dd 1 80 1 127 -
|
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX C9mvWx3ezztgzcexV7 141.142.220.118 37676 141.142.2.2 53 udp - 0.000420 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||||
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CFLRIC3zaTU1loLGxh 141.142.220.118 38911 141.142.2.2 53 udp - 0.000335 52 99 SF - - 0 Dd 1 80 1 127 -
|
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CNnMIj2QSd84NKf7U3 141.142.220.118 38911 141.142.2.2 53 udp - 0.000335 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||||
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX C9rXSW3KSpTYvPrlI1 141.142.220.118 40526 141.142.2.2 53 udp - 0.000392 38 183 SF - - 0 Dd 1 66 1 211 -
|
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX C7fIlMZDuRiqjpYbb 141.142.220.118 40526 141.142.2.2 53 udp - 0.000392 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||||
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX Ck51lg1bScffFj34Ri 141.142.220.118 43927 141.142.2.2 53 udp - 0.000435 38 89 SF - - 0 Dd 1 66 1 117 -
|
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CykQaM33ztNt0csB9a 141.142.220.118 43927 141.142.2.2 53 udp - 0.000435 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||||
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX C9mvWx3ezztgzcexV7 141.142.220.118 45000 141.142.2.2 53 udp - 0.000384 38 89 SF - - 0 Dd 1 66 1 117 -
|
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CtxTCR2Yer0FR1tIBg 141.142.220.118 45000 141.142.2.2 53 udp - 0.000384 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||||
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CNnMIj2QSd84NKf7U3 141.142.220.118 48128 141.142.2.2 53 udp - 0.000423 38 183 SF - - 0 Dd 1 66 1 211 -
|
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CpmdRlaUoJLN3uIRa 141.142.220.118 48128 141.142.2.2 53 udp - 0.000423 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||||
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX C7fIlMZDuRiqjpYbb 141.142.220.118 48479 141.142.2.2 53 udp - 0.000317 52 99 SF - - 0 Dd 1 80 1 127 -
|
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX C1Xkzz2MaGtLrc1Tla 141.142.220.118 48479 141.142.2.2 53 udp - 0.000317 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||||
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CykQaM33ztNt0csB9a 141.142.220.118 55092 141.142.2.2 53 udp - 0.000374 36 198 SF - - 0 Dd 1 64 1 226 -
|
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CqlVyW1YwZ15RhTBc4 141.142.220.118 55092 141.142.2.2 53 udp - 0.000374 36 198 SF - - 0 Dd 1 64 1 226 -
|
||||||
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CtxTCR2Yer0FR1tIBg 141.142.220.118 56056 141.142.2.2 53 udp - 0.000402 36 131 SF - - 0 Dd 1 64 1 159 -
|
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CLNN1k2QMum1aexUK7 141.142.220.118 56056 141.142.2.2 53 udp - 0.000402 36 131 SF - - 0 Dd 1 64 1 159 -
|
||||||
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CpmdRlaUoJLN3uIRa 141.142.220.118 58206 141.142.2.2 53 udp - 0.000339 38 89 SF - - 0 Dd 1 66 1 117 -
|
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CBA8792iHmnhPLksKa 141.142.220.118 58206 141.142.2.2 53 udp - 0.000339 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||||
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX C1Xkzz2MaGtLrc1Tla 141.142.220.118 59714 141.142.2.2 53 udp - 0.000375 38 183 SF - - 0 Dd 1 66 1 211 -
|
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CGLPPc35OzDQij1XX8 141.142.220.118 59714 141.142.2.2 53 udp - 0.000375 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||||
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CqlVyW1YwZ15RhTBc4 141.142.220.118 59746 141.142.2.2 53 udp - 0.000421 38 183 SF - - 0 Dd 1 66 1 211 -
|
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CiyBAq1bBLNaTiTAc 141.142.220.118 59746 141.142.2.2 53 udp - 0.000421 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||||
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CLNN1k2QMum1aexUK7 141.142.220.118 59816 141.142.2.2 53 udp - 0.000343 52 99 SF - - 0 Dd 1 80 1 127 -
|
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CFSwNi4CNGxcuffo49 141.142.220.118 59816 141.142.2.2 53 udp - 0.000343 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||||
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CBA8792iHmnhPLksKa 141.142.220.44 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 85 0 0 -
|
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX C9rXSW3KSpTYvPrlI1 141.142.220.44 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 85 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CGLPPc35OzDQij1XX8 141.142.220.50 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 179 0 0 -
|
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX C4J4Th3PJpwUYZZ6gc 141.142.220.50 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 179 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CiyBAq1bBLNaTiTAc 141.142.220.118 35634 208.80.152.2 80 tcp - 0.061329 463 350 OTH - - 0 DdA 2 567 1 402 -
|
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX Cipfzj1BEnhejw8cGf 141.142.220.118 35634 208.80.152.2 80 tcp - 0.061329 463 350 OTH - - 0 DdA 2 567 1 402 -
|
||||||
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX C37jN32gN3y3AZzyf6 141.142.220.118 35642 208.80.152.2 80 tcp - 0.120041 534 412 S1 - - 0 ShADad 4 750 3 576 -
|
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX C0LAHyvtKSQHyJxIl 141.142.220.118 35642 208.80.152.2 80 tcp - 0.120041 534 412 S1 - - 0 ShADad 4 750 3 576 -
|
||||||
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX C4J4Th3PJpwUYZZ6gc 141.142.220.118 49996 208.80.152.3 80 tcp - 0.218501 1171 733 S1 - - 0 ShADad 6 1491 4 949 -
|
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CmES5u32sYpV7JYN 141.142.220.118 49996 208.80.152.3 80 tcp - 0.218501 1171 733 S1 - - 0 ShADad 6 1491 4 949 -
|
||||||
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX ClEkJM2Vm5giqnMf4h 141.142.220.118 49997 208.80.152.3 80 tcp - 0.219720 1125 734 S1 - - 0 ShADad 6 1445 4 950 -
|
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CUM0KZ3MLUfNB0cl11 141.142.220.118 49997 208.80.152.3 80 tcp - 0.219720 1125 734 S1 - - 0 ShADad 6 1445 4 950 -
|
||||||
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CtPZjS20MLrsMUOJi2 141.142.220.118 49998 208.80.152.3 80 tcp - 0.215893 1130 734 S1 - - 0 ShADad 6 1450 4 950 -
|
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CP5puj4I8PtEU4qzYg 141.142.220.118 49998 208.80.152.3 80 tcp - 0.215893 1130 734 S1 - - 0 ShADad 6 1450 4 950 -
|
||||||
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CmES5u32sYpV7JYN 141.142.220.118 49999 208.80.152.3 80 tcp - 0.220961 1137 733 S1 - - 0 ShADad 6 1457 4 949 -
|
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX C3eiCBGOLw3VtHfOj 141.142.220.118 49999 208.80.152.3 80 tcp - 0.220961 1137 733 S1 - - 0 ShADad 6 1457 4 949 -
|
||||||
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CUM0KZ3MLUfNB0cl11 141.142.220.118 50000 208.80.152.3 80 tcp - 0.229603 1148 734 S1 - - 0 ShADad 6 1468 4 950 -
|
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX C37jN32gN3y3AZzyf6 141.142.220.118 50000 208.80.152.3 80 tcp - 0.229603 1148 734 S1 - - 0 ShADad 6 1468 4 950 -
|
||||||
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CP5puj4I8PtEU4qzYg 141.142.220.118 50001 208.80.152.3 80 tcp - 0.227284 1178 734 S1 - - 0 ShADad 6 1498 4 950 -
|
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CwjjYJ2WqgTbAqiHl6 141.142.220.118 50001 208.80.152.3 80 tcp - 0.227284 1178 734 S1 - - 0 ShADad 6 1498 4 950 -
|
||||||
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 141.142.220.118 48649 208.80.152.118 80 tcp - 0.119905 525 232 S1 - - 0 ShADad 4 741 3 396 -
|
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CtPZjS20MLrsMUOJi2 141.142.220.118 48649 208.80.152.118 80 tcp - 0.119905 525 232 S1 - - 0 ShADad 4 741 3 396 -
|
||||||
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CFSwNi4CNGxcuffo49 141.142.220.202 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 73 0 0 -
|
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 141.142.220.202 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 73 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX Cipfzj1BEnhejw8cGf 141.142.220.226 137 141.142.220.255 137 udp - 2.613017 350 0 S0 - - 0 D 7 546 0 0 -
|
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CV5WJ42jPYbNW9JNWf 141.142.220.226 137 141.142.220.255 137 udp - 2.613017 350 0 S0 - - 0 D 7 546 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CV5WJ42jPYbNW9JNWf 141.142.220.226 55131 224.0.0.252 5355 udp - 0.100021 66 0 S0 - - 0 D 2 122 0 0 -
|
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CPhDKt12KQPUVbQz06 141.142.220.226 55131 224.0.0.252 5355 udp - 0.100021 66 0 S0 - - 0 D 2 122 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CPhDKt12KQPUVbQz06 141.142.220.226 55671 224.0.0.252 5355 udp - 0.099849 66 0 S0 - - 0 D 2 122 0 0 -
|
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CAnFrb2Cvxr5T7quOc 141.142.220.226 55671 224.0.0.252 5355 udp - 0.099849 66 0 S0 - - 0 D 2 122 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CAnFrb2Cvxr5T7quOc 141.142.220.238 56641 141.142.220.255 137 udp - - - - S0 - - 0 D 1 78 0 0 -
|
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX C8rquZ3DjgNW06JGLl 141.142.220.238 56641 141.142.220.255 137 udp - - - - S0 - - 0 D 1 78 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX C8rquZ3DjgNW06JGLl fe80::217:f2ff:fed7:cf65 5353 ff02::fb 5353 udp - - - - S0 - - 0 D 1 199 0 0 -
|
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX ClEkJM2Vm5giqnMf4h fe80::217:f2ff:fed7:cf65 5353 ff02::fb 5353 udp - - - - S0 - - 0 D 1 199 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CzrZOtXqhwwndQva3 fe80::3074:17d5:2052:c324 54213 ff02::1:3 5355 udp - 0.099801 66 0 S0 - - 0 D 2 162 0 0 -
|
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CzrZOtXqhwwndQva3 fe80::3074:17d5:2052:c324 54213 ff02::1:3 5355 udp - 0.099801 66 0 S0 - - 0 D 2 162 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CaGCc13FffXe6RkQl9 fe80::3074:17d5:2052:c324 65373 ff02::1:3 5355 udp - 0.100096 66 0 S0 - - 0 D 2 162 0 0 -
|
XXXXXXXXXX.XXXXXX conn zeek XXXXXXXXXX.XXXXXX CaGCc13FffXe6RkQl9 fe80::3074:17d5:2052:c324 65373 ff02::1:3 5355 udp - 0.100096 66 0 S0 - - 0 D 2 162 0 0 -
|
||||||
#close XXXX-XX-XX-XX-XX-XX
|
#close XXXX-XX-XX-XX-XX-XX
|
||||||
|
|
|
||||||
|
|
@ -7,38 +7,38 @@
|
||||||
#open XXXX-XX-XX-XX-XX-XX
|
#open XXXX-XX-XX-XX-XX-XX
|
||||||
#fields ts uid src src_port dst dst_port proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
#fields ts uid src src_port dst dst_port proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
||||||
#types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
#types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
||||||
XXXXXXXXXX.XXXXXX C3eiCBGOLw3VtHfOj 173.192.163.128 80 141.142.220.235 6705 tcp - - - - OTH - - 0 H 1 48 0 0 -
|
XXXXXXXXXX.XXXXXX CFLRIC3zaTU1loLGxh 173.192.163.128 80 141.142.220.235 6705 tcp - - - - OTH - - 0 H 1 48 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX CwjjYJ2WqgTbAqiHl6 141.142.220.118 32902 141.142.2.2 53 udp - 0.000317 38 89 SF - - 0 Dd 1 66 1 117 -
|
XXXXXXXXXX.XXXXXX Ck51lg1bScffFj34Ri 141.142.220.118 32902 141.142.2.2 53 udp - 0.000317 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||||
XXXXXXXXXX.XXXXXX C0LAHyvtKSQHyJxIl 141.142.220.118 37676 141.142.2.2 53 udp - 0.000420 52 99 SF - - 0 Dd 1 80 1 127 -
|
XXXXXXXXXX.XXXXXX C9mvWx3ezztgzcexV7 141.142.220.118 37676 141.142.2.2 53 udp - 0.000420 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||||
XXXXXXXXXX.XXXXXX CFLRIC3zaTU1loLGxh 141.142.220.118 38911 141.142.2.2 53 udp - 0.000335 52 99 SF - - 0 Dd 1 80 1 127 -
|
XXXXXXXXXX.XXXXXX CNnMIj2QSd84NKf7U3 141.142.220.118 38911 141.142.2.2 53 udp - 0.000335 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||||
XXXXXXXXXX.XXXXXX C9rXSW3KSpTYvPrlI1 141.142.220.118 40526 141.142.2.2 53 udp - 0.000392 38 183 SF - - 0 Dd 1 66 1 211 -
|
XXXXXXXXXX.XXXXXX C7fIlMZDuRiqjpYbb 141.142.220.118 40526 141.142.2.2 53 udp - 0.000392 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||||
XXXXXXXXXX.XXXXXX Ck51lg1bScffFj34Ri 141.142.220.118 43927 141.142.2.2 53 udp - 0.000435 38 89 SF - - 0 Dd 1 66 1 117 -
|
XXXXXXXXXX.XXXXXX CykQaM33ztNt0csB9a 141.142.220.118 43927 141.142.2.2 53 udp - 0.000435 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||||
XXXXXXXXXX.XXXXXX C9mvWx3ezztgzcexV7 141.142.220.118 45000 141.142.2.2 53 udp - 0.000384 38 89 SF - - 0 Dd 1 66 1 117 -
|
XXXXXXXXXX.XXXXXX CtxTCR2Yer0FR1tIBg 141.142.220.118 45000 141.142.2.2 53 udp - 0.000384 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||||
XXXXXXXXXX.XXXXXX CNnMIj2QSd84NKf7U3 141.142.220.118 48128 141.142.2.2 53 udp - 0.000423 38 183 SF - - 0 Dd 1 66 1 211 -
|
XXXXXXXXXX.XXXXXX CpmdRlaUoJLN3uIRa 141.142.220.118 48128 141.142.2.2 53 udp - 0.000423 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||||
XXXXXXXXXX.XXXXXX C7fIlMZDuRiqjpYbb 141.142.220.118 48479 141.142.2.2 53 udp - 0.000317 52 99 SF - - 0 Dd 1 80 1 127 -
|
XXXXXXXXXX.XXXXXX C1Xkzz2MaGtLrc1Tla 141.142.220.118 48479 141.142.2.2 53 udp - 0.000317 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||||
XXXXXXXXXX.XXXXXX CykQaM33ztNt0csB9a 141.142.220.118 55092 141.142.2.2 53 udp - 0.000374 36 198 SF - - 0 Dd 1 64 1 226 -
|
XXXXXXXXXX.XXXXXX CqlVyW1YwZ15RhTBc4 141.142.220.118 55092 141.142.2.2 53 udp - 0.000374 36 198 SF - - 0 Dd 1 64 1 226 -
|
||||||
XXXXXXXXXX.XXXXXX CtxTCR2Yer0FR1tIBg 141.142.220.118 56056 141.142.2.2 53 udp - 0.000402 36 131 SF - - 0 Dd 1 64 1 159 -
|
XXXXXXXXXX.XXXXXX CLNN1k2QMum1aexUK7 141.142.220.118 56056 141.142.2.2 53 udp - 0.000402 36 131 SF - - 0 Dd 1 64 1 159 -
|
||||||
XXXXXXXXXX.XXXXXX CpmdRlaUoJLN3uIRa 141.142.220.118 58206 141.142.2.2 53 udp - 0.000339 38 89 SF - - 0 Dd 1 66 1 117 -
|
XXXXXXXXXX.XXXXXX CBA8792iHmnhPLksKa 141.142.220.118 58206 141.142.2.2 53 udp - 0.000339 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||||
XXXXXXXXXX.XXXXXX C1Xkzz2MaGtLrc1Tla 141.142.220.118 59714 141.142.2.2 53 udp - 0.000375 38 183 SF - - 0 Dd 1 66 1 211 -
|
XXXXXXXXXX.XXXXXX CGLPPc35OzDQij1XX8 141.142.220.118 59714 141.142.2.2 53 udp - 0.000375 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||||
XXXXXXXXXX.XXXXXX CqlVyW1YwZ15RhTBc4 141.142.220.118 59746 141.142.2.2 53 udp - 0.000421 38 183 SF - - 0 Dd 1 66 1 211 -
|
XXXXXXXXXX.XXXXXX CiyBAq1bBLNaTiTAc 141.142.220.118 59746 141.142.2.2 53 udp - 0.000421 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||||
XXXXXXXXXX.XXXXXX CLNN1k2QMum1aexUK7 141.142.220.118 59816 141.142.2.2 53 udp - 0.000343 52 99 SF - - 0 Dd 1 80 1 127 -
|
XXXXXXXXXX.XXXXXX CFSwNi4CNGxcuffo49 141.142.220.118 59816 141.142.2.2 53 udp - 0.000343 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||||
XXXXXXXXXX.XXXXXX CBA8792iHmnhPLksKa 141.142.220.44 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 85 0 0 -
|
XXXXXXXXXX.XXXXXX C9rXSW3KSpTYvPrlI1 141.142.220.44 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 85 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX CGLPPc35OzDQij1XX8 141.142.220.50 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 179 0 0 -
|
XXXXXXXXXX.XXXXXX C4J4Th3PJpwUYZZ6gc 141.142.220.50 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 179 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX CiyBAq1bBLNaTiTAc 141.142.220.118 35634 208.80.152.2 80 tcp - 0.061329 463 350 OTH - - 0 DdA 2 567 1 402 -
|
XXXXXXXXXX.XXXXXX Cipfzj1BEnhejw8cGf 141.142.220.118 35634 208.80.152.2 80 tcp - 0.061329 463 350 OTH - - 0 DdA 2 567 1 402 -
|
||||||
XXXXXXXXXX.XXXXXX C37jN32gN3y3AZzyf6 141.142.220.118 35642 208.80.152.2 80 tcp - 0.120041 534 412 S1 - - 0 ShADad 4 750 3 576 -
|
XXXXXXXXXX.XXXXXX C0LAHyvtKSQHyJxIl 141.142.220.118 35642 208.80.152.2 80 tcp - 0.120041 534 412 S1 - - 0 ShADad 4 750 3 576 -
|
||||||
XXXXXXXXXX.XXXXXX C4J4Th3PJpwUYZZ6gc 141.142.220.118 49996 208.80.152.3 80 tcp - 0.218501 1171 733 S1 - - 0 ShADad 6 1491 4 949 -
|
XXXXXXXXXX.XXXXXX CmES5u32sYpV7JYN 141.142.220.118 49996 208.80.152.3 80 tcp - 0.218501 1171 733 S1 - - 0 ShADad 6 1491 4 949 -
|
||||||
XXXXXXXXXX.XXXXXX ClEkJM2Vm5giqnMf4h 141.142.220.118 49997 208.80.152.3 80 tcp - 0.219720 1125 734 S1 - - 0 ShADad 6 1445 4 950 -
|
XXXXXXXXXX.XXXXXX CUM0KZ3MLUfNB0cl11 141.142.220.118 49997 208.80.152.3 80 tcp - 0.219720 1125 734 S1 - - 0 ShADad 6 1445 4 950 -
|
||||||
XXXXXXXXXX.XXXXXX CtPZjS20MLrsMUOJi2 141.142.220.118 49998 208.80.152.3 80 tcp - 0.215893 1130 734 S1 - - 0 ShADad 6 1450 4 950 -
|
XXXXXXXXXX.XXXXXX CP5puj4I8PtEU4qzYg 141.142.220.118 49998 208.80.152.3 80 tcp - 0.215893 1130 734 S1 - - 0 ShADad 6 1450 4 950 -
|
||||||
XXXXXXXXXX.XXXXXX CmES5u32sYpV7JYN 141.142.220.118 49999 208.80.152.3 80 tcp - 0.220961 1137 733 S1 - - 0 ShADad 6 1457 4 949 -
|
XXXXXXXXXX.XXXXXX C3eiCBGOLw3VtHfOj 141.142.220.118 49999 208.80.152.3 80 tcp - 0.220961 1137 733 S1 - - 0 ShADad 6 1457 4 949 -
|
||||||
XXXXXXXXXX.XXXXXX CUM0KZ3MLUfNB0cl11 141.142.220.118 50000 208.80.152.3 80 tcp - 0.229603 1148 734 S1 - - 0 ShADad 6 1468 4 950 -
|
XXXXXXXXXX.XXXXXX C37jN32gN3y3AZzyf6 141.142.220.118 50000 208.80.152.3 80 tcp - 0.229603 1148 734 S1 - - 0 ShADad 6 1468 4 950 -
|
||||||
XXXXXXXXXX.XXXXXX CP5puj4I8PtEU4qzYg 141.142.220.118 50001 208.80.152.3 80 tcp - 0.227284 1178 734 S1 - - 0 ShADad 6 1498 4 950 -
|
XXXXXXXXXX.XXXXXX CwjjYJ2WqgTbAqiHl6 141.142.220.118 50001 208.80.152.3 80 tcp - 0.227284 1178 734 S1 - - 0 ShADad 6 1498 4 950 -
|
||||||
XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 141.142.220.118 48649 208.80.152.118 80 tcp - 0.119905 525 232 S1 - - 0 ShADad 4 741 3 396 -
|
XXXXXXXXXX.XXXXXX CtPZjS20MLrsMUOJi2 141.142.220.118 48649 208.80.152.118 80 tcp - 0.119905 525 232 S1 - - 0 ShADad 4 741 3 396 -
|
||||||
XXXXXXXXXX.XXXXXX CFSwNi4CNGxcuffo49 141.142.220.202 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 73 0 0 -
|
XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 141.142.220.202 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 73 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX Cipfzj1BEnhejw8cGf 141.142.220.226 137 141.142.220.255 137 udp - 2.613017 350 0 S0 - - 0 D 7 546 0 0 -
|
XXXXXXXXXX.XXXXXX CV5WJ42jPYbNW9JNWf 141.142.220.226 137 141.142.220.255 137 udp - 2.613017 350 0 S0 - - 0 D 7 546 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX CV5WJ42jPYbNW9JNWf 141.142.220.226 55131 224.0.0.252 5355 udp - 0.100021 66 0 S0 - - 0 D 2 122 0 0 -
|
XXXXXXXXXX.XXXXXX CPhDKt12KQPUVbQz06 141.142.220.226 55131 224.0.0.252 5355 udp - 0.100021 66 0 S0 - - 0 D 2 122 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX CPhDKt12KQPUVbQz06 141.142.220.226 55671 224.0.0.252 5355 udp - 0.099849 66 0 S0 - - 0 D 2 122 0 0 -
|
XXXXXXXXXX.XXXXXX CAnFrb2Cvxr5T7quOc 141.142.220.226 55671 224.0.0.252 5355 udp - 0.099849 66 0 S0 - - 0 D 2 122 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX CAnFrb2Cvxr5T7quOc 141.142.220.238 56641 141.142.220.255 137 udp - - - - S0 - - 0 D 1 78 0 0 -
|
XXXXXXXXXX.XXXXXX C8rquZ3DjgNW06JGLl 141.142.220.238 56641 141.142.220.255 137 udp - - - - S0 - - 0 D 1 78 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX C8rquZ3DjgNW06JGLl fe80::217:f2ff:fed7:cf65 5353 ff02::fb 5353 udp - - - - S0 - - 0 D 1 199 0 0 -
|
XXXXXXXXXX.XXXXXX ClEkJM2Vm5giqnMf4h fe80::217:f2ff:fed7:cf65 5353 ff02::fb 5353 udp - - - - S0 - - 0 D 1 199 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX CzrZOtXqhwwndQva3 fe80::3074:17d5:2052:c324 54213 ff02::1:3 5355 udp - 0.099801 66 0 S0 - - 0 D 2 162 0 0 -
|
XXXXXXXXXX.XXXXXX CzrZOtXqhwwndQva3 fe80::3074:17d5:2052:c324 54213 ff02::1:3 5355 udp - 0.099801 66 0 S0 - - 0 D 2 162 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX CaGCc13FffXe6RkQl9 fe80::3074:17d5:2052:c324 65373 ff02::1:3 5355 udp - 0.100096 66 0 S0 - - 0 D 2 162 0 0 -
|
XXXXXXXXXX.XXXXXX CaGCc13FffXe6RkQl9 fe80::3074:17d5:2052:c324 65373 ff02::1:3 5355 udp - 0.100096 66 0 S0 - - 0 D 2 162 0 0 -
|
||||||
#close XXXX-XX-XX-XX-XX-XX
|
#close XXXX-XX-XX-XX-XX-XX
|
||||||
|
|
|
||||||
|
|
@ -5,3 +5,4 @@ foo
|
||||||
Log::log_stream_policy
|
Log::log_stream_policy
|
||||||
bar
|
bar
|
||||||
bar
|
bar
|
||||||
|
Log::log_stream_policy
|
||||||
|
|
|
||||||
|
|
@ -7,38 +7,38 @@
|
||||||
#open XXXX-XX-XX-XX-XX-XX
|
#open XXXX-XX-XX-XX-XX-XX
|
||||||
#fields ts uid id_orig_h id_orig_p id_resp_h id_resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
#fields ts uid id_orig_h id_orig_p id_resp_h id_resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
||||||
#types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
#types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
||||||
XXXXXXXXXX.XXXXXX C3eiCBGOLw3VtHfOj 173.192.163.128 80 141.142.220.235 6705 tcp - - - - OTH - - 0 H 1 48 0 0 -
|
XXXXXXXXXX.XXXXXX CFLRIC3zaTU1loLGxh 173.192.163.128 80 141.142.220.235 6705 tcp - - - - OTH - - 0 H 1 48 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX CwjjYJ2WqgTbAqiHl6 141.142.220.118 32902 141.142.2.2 53 udp - 0.000317 38 89 SF - - 0 Dd 1 66 1 117 -
|
XXXXXXXXXX.XXXXXX Ck51lg1bScffFj34Ri 141.142.220.118 32902 141.142.2.2 53 udp - 0.000317 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||||
XXXXXXXXXX.XXXXXX C0LAHyvtKSQHyJxIl 141.142.220.118 37676 141.142.2.2 53 udp - 0.000420 52 99 SF - - 0 Dd 1 80 1 127 -
|
XXXXXXXXXX.XXXXXX C9mvWx3ezztgzcexV7 141.142.220.118 37676 141.142.2.2 53 udp - 0.000420 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||||
XXXXXXXXXX.XXXXXX CFLRIC3zaTU1loLGxh 141.142.220.118 38911 141.142.2.2 53 udp - 0.000335 52 99 SF - - 0 Dd 1 80 1 127 -
|
XXXXXXXXXX.XXXXXX CNnMIj2QSd84NKf7U3 141.142.220.118 38911 141.142.2.2 53 udp - 0.000335 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||||
XXXXXXXXXX.XXXXXX C9rXSW3KSpTYvPrlI1 141.142.220.118 40526 141.142.2.2 53 udp - 0.000392 38 183 SF - - 0 Dd 1 66 1 211 -
|
XXXXXXXXXX.XXXXXX C7fIlMZDuRiqjpYbb 141.142.220.118 40526 141.142.2.2 53 udp - 0.000392 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||||
XXXXXXXXXX.XXXXXX Ck51lg1bScffFj34Ri 141.142.220.118 43927 141.142.2.2 53 udp - 0.000435 38 89 SF - - 0 Dd 1 66 1 117 -
|
XXXXXXXXXX.XXXXXX CykQaM33ztNt0csB9a 141.142.220.118 43927 141.142.2.2 53 udp - 0.000435 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||||
XXXXXXXXXX.XXXXXX C9mvWx3ezztgzcexV7 141.142.220.118 45000 141.142.2.2 53 udp - 0.000384 38 89 SF - - 0 Dd 1 66 1 117 -
|
XXXXXXXXXX.XXXXXX CtxTCR2Yer0FR1tIBg 141.142.220.118 45000 141.142.2.2 53 udp - 0.000384 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||||
XXXXXXXXXX.XXXXXX CNnMIj2QSd84NKf7U3 141.142.220.118 48128 141.142.2.2 53 udp - 0.000423 38 183 SF - - 0 Dd 1 66 1 211 -
|
XXXXXXXXXX.XXXXXX CpmdRlaUoJLN3uIRa 141.142.220.118 48128 141.142.2.2 53 udp - 0.000423 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||||
XXXXXXXXXX.XXXXXX C7fIlMZDuRiqjpYbb 141.142.220.118 48479 141.142.2.2 53 udp - 0.000317 52 99 SF - - 0 Dd 1 80 1 127 -
|
XXXXXXXXXX.XXXXXX C1Xkzz2MaGtLrc1Tla 141.142.220.118 48479 141.142.2.2 53 udp - 0.000317 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||||
XXXXXXXXXX.XXXXXX CykQaM33ztNt0csB9a 141.142.220.118 55092 141.142.2.2 53 udp - 0.000374 36 198 SF - - 0 Dd 1 64 1 226 -
|
XXXXXXXXXX.XXXXXX CqlVyW1YwZ15RhTBc4 141.142.220.118 55092 141.142.2.2 53 udp - 0.000374 36 198 SF - - 0 Dd 1 64 1 226 -
|
||||||
XXXXXXXXXX.XXXXXX CtxTCR2Yer0FR1tIBg 141.142.220.118 56056 141.142.2.2 53 udp - 0.000402 36 131 SF - - 0 Dd 1 64 1 159 -
|
XXXXXXXXXX.XXXXXX CLNN1k2QMum1aexUK7 141.142.220.118 56056 141.142.2.2 53 udp - 0.000402 36 131 SF - - 0 Dd 1 64 1 159 -
|
||||||
XXXXXXXXXX.XXXXXX CpmdRlaUoJLN3uIRa 141.142.220.118 58206 141.142.2.2 53 udp - 0.000339 38 89 SF - - 0 Dd 1 66 1 117 -
|
XXXXXXXXXX.XXXXXX CBA8792iHmnhPLksKa 141.142.220.118 58206 141.142.2.2 53 udp - 0.000339 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||||
XXXXXXXXXX.XXXXXX C1Xkzz2MaGtLrc1Tla 141.142.220.118 59714 141.142.2.2 53 udp - 0.000375 38 183 SF - - 0 Dd 1 66 1 211 -
|
XXXXXXXXXX.XXXXXX CGLPPc35OzDQij1XX8 141.142.220.118 59714 141.142.2.2 53 udp - 0.000375 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||||
XXXXXXXXXX.XXXXXX CqlVyW1YwZ15RhTBc4 141.142.220.118 59746 141.142.2.2 53 udp - 0.000421 38 183 SF - - 0 Dd 1 66 1 211 -
|
XXXXXXXXXX.XXXXXX CiyBAq1bBLNaTiTAc 141.142.220.118 59746 141.142.2.2 53 udp - 0.000421 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||||
XXXXXXXXXX.XXXXXX CLNN1k2QMum1aexUK7 141.142.220.118 59816 141.142.2.2 53 udp - 0.000343 52 99 SF - - 0 Dd 1 80 1 127 -
|
XXXXXXXXXX.XXXXXX CFSwNi4CNGxcuffo49 141.142.220.118 59816 141.142.2.2 53 udp - 0.000343 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||||
XXXXXXXXXX.XXXXXX CBA8792iHmnhPLksKa 141.142.220.44 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 85 0 0 -
|
XXXXXXXXXX.XXXXXX C9rXSW3KSpTYvPrlI1 141.142.220.44 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 85 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX CGLPPc35OzDQij1XX8 141.142.220.50 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 179 0 0 -
|
XXXXXXXXXX.XXXXXX C4J4Th3PJpwUYZZ6gc 141.142.220.50 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 179 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX CiyBAq1bBLNaTiTAc 141.142.220.118 35634 208.80.152.2 80 tcp - 0.061329 463 350 OTH - - 0 DdA 2 567 1 402 -
|
XXXXXXXXXX.XXXXXX Cipfzj1BEnhejw8cGf 141.142.220.118 35634 208.80.152.2 80 tcp - 0.061329 463 350 OTH - - 0 DdA 2 567 1 402 -
|
||||||
XXXXXXXXXX.XXXXXX C37jN32gN3y3AZzyf6 141.142.220.118 35642 208.80.152.2 80 tcp - 0.120041 534 412 S1 - - 0 ShADad 4 750 3 576 -
|
XXXXXXXXXX.XXXXXX C0LAHyvtKSQHyJxIl 141.142.220.118 35642 208.80.152.2 80 tcp - 0.120041 534 412 S1 - - 0 ShADad 4 750 3 576 -
|
||||||
XXXXXXXXXX.XXXXXX C4J4Th3PJpwUYZZ6gc 141.142.220.118 49996 208.80.152.3 80 tcp - 0.218501 1171 733 S1 - - 0 ShADad 6 1491 4 949 -
|
XXXXXXXXXX.XXXXXX CmES5u32sYpV7JYN 141.142.220.118 49996 208.80.152.3 80 tcp - 0.218501 1171 733 S1 - - 0 ShADad 6 1491 4 949 -
|
||||||
XXXXXXXXXX.XXXXXX ClEkJM2Vm5giqnMf4h 141.142.220.118 49997 208.80.152.3 80 tcp - 0.219720 1125 734 S1 - - 0 ShADad 6 1445 4 950 -
|
XXXXXXXXXX.XXXXXX CUM0KZ3MLUfNB0cl11 141.142.220.118 49997 208.80.152.3 80 tcp - 0.219720 1125 734 S1 - - 0 ShADad 6 1445 4 950 -
|
||||||
XXXXXXXXXX.XXXXXX CtPZjS20MLrsMUOJi2 141.142.220.118 49998 208.80.152.3 80 tcp - 0.215893 1130 734 S1 - - 0 ShADad 6 1450 4 950 -
|
XXXXXXXXXX.XXXXXX CP5puj4I8PtEU4qzYg 141.142.220.118 49998 208.80.152.3 80 tcp - 0.215893 1130 734 S1 - - 0 ShADad 6 1450 4 950 -
|
||||||
XXXXXXXXXX.XXXXXX CmES5u32sYpV7JYN 141.142.220.118 49999 208.80.152.3 80 tcp - 0.220961 1137 733 S1 - - 0 ShADad 6 1457 4 949 -
|
XXXXXXXXXX.XXXXXX C3eiCBGOLw3VtHfOj 141.142.220.118 49999 208.80.152.3 80 tcp - 0.220961 1137 733 S1 - - 0 ShADad 6 1457 4 949 -
|
||||||
XXXXXXXXXX.XXXXXX CUM0KZ3MLUfNB0cl11 141.142.220.118 50000 208.80.152.3 80 tcp - 0.229603 1148 734 S1 - - 0 ShADad 6 1468 4 950 -
|
XXXXXXXXXX.XXXXXX C37jN32gN3y3AZzyf6 141.142.220.118 50000 208.80.152.3 80 tcp - 0.229603 1148 734 S1 - - 0 ShADad 6 1468 4 950 -
|
||||||
XXXXXXXXXX.XXXXXX CP5puj4I8PtEU4qzYg 141.142.220.118 50001 208.80.152.3 80 tcp - 0.227284 1178 734 S1 - - 0 ShADad 6 1498 4 950 -
|
XXXXXXXXXX.XXXXXX CwjjYJ2WqgTbAqiHl6 141.142.220.118 50001 208.80.152.3 80 tcp - 0.227284 1178 734 S1 - - 0 ShADad 6 1498 4 950 -
|
||||||
XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 141.142.220.118 48649 208.80.152.118 80 tcp - 0.119905 525 232 S1 - - 0 ShADad 4 741 3 396 -
|
XXXXXXXXXX.XXXXXX CtPZjS20MLrsMUOJi2 141.142.220.118 48649 208.80.152.118 80 tcp - 0.119905 525 232 S1 - - 0 ShADad 4 741 3 396 -
|
||||||
XXXXXXXXXX.XXXXXX CFSwNi4CNGxcuffo49 141.142.220.202 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 73 0 0 -
|
XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 141.142.220.202 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 73 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX Cipfzj1BEnhejw8cGf 141.142.220.226 137 141.142.220.255 137 udp - 2.613017 350 0 S0 - - 0 D 7 546 0 0 -
|
XXXXXXXXXX.XXXXXX CV5WJ42jPYbNW9JNWf 141.142.220.226 137 141.142.220.255 137 udp - 2.613017 350 0 S0 - - 0 D 7 546 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX CV5WJ42jPYbNW9JNWf 141.142.220.226 55131 224.0.0.252 5355 udp - 0.100021 66 0 S0 - - 0 D 2 122 0 0 -
|
XXXXXXXXXX.XXXXXX CPhDKt12KQPUVbQz06 141.142.220.226 55131 224.0.0.252 5355 udp - 0.100021 66 0 S0 - - 0 D 2 122 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX CPhDKt12KQPUVbQz06 141.142.220.226 55671 224.0.0.252 5355 udp - 0.099849 66 0 S0 - - 0 D 2 122 0 0 -
|
XXXXXXXXXX.XXXXXX CAnFrb2Cvxr5T7quOc 141.142.220.226 55671 224.0.0.252 5355 udp - 0.099849 66 0 S0 - - 0 D 2 122 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX CAnFrb2Cvxr5T7quOc 141.142.220.238 56641 141.142.220.255 137 udp - - - - S0 - - 0 D 1 78 0 0 -
|
XXXXXXXXXX.XXXXXX C8rquZ3DjgNW06JGLl 141.142.220.238 56641 141.142.220.255 137 udp - - - - S0 - - 0 D 1 78 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX C8rquZ3DjgNW06JGLl fe80::217:f2ff:fed7:cf65 5353 ff02::fb 5353 udp - - - - S0 - - 0 D 1 199 0 0 -
|
XXXXXXXXXX.XXXXXX ClEkJM2Vm5giqnMf4h fe80::217:f2ff:fed7:cf65 5353 ff02::fb 5353 udp - - - - S0 - - 0 D 1 199 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX CzrZOtXqhwwndQva3 fe80::3074:17d5:2052:c324 54213 ff02::1:3 5355 udp - 0.099801 66 0 S0 - - 0 D 2 162 0 0 -
|
XXXXXXXXXX.XXXXXX CzrZOtXqhwwndQva3 fe80::3074:17d5:2052:c324 54213 ff02::1:3 5355 udp - 0.099801 66 0 S0 - - 0 D 2 162 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX CaGCc13FffXe6RkQl9 fe80::3074:17d5:2052:c324 65373 ff02::1:3 5355 udp - 0.100096 66 0 S0 - - 0 D 2 162 0 0 -
|
XXXXXXXXXX.XXXXXX CaGCc13FffXe6RkQl9 fe80::3074:17d5:2052:c324 65373 ff02::1:3 5355 udp - 0.100096 66 0 S0 - - 0 D 2 162 0 0 -
|
||||||
#close XXXX-XX-XX-XX-XX-XX
|
#close XXXX-XX-XX-XX-XX-XX
|
||||||
|
|
|
||||||
|
|
@ -7,38 +7,38 @@
|
||||||
#open XXXX-XX-XX-XX-XX-XX
|
#open XXXX-XX-XX-XX-XX-XX
|
||||||
#fields ts uid src src_port dst dst_port proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
#fields ts uid src src_port dst dst_port proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
||||||
#types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
#types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
||||||
XXXXXXXXXX.XXXXXX C3eiCBGOLw3VtHfOj 173.192.163.128 80 141.142.220.235 6705 tcp - - - - OTH - - 0 H 1 48 0 0 -
|
XXXXXXXXXX.XXXXXX CFLRIC3zaTU1loLGxh 173.192.163.128 80 141.142.220.235 6705 tcp - - - - OTH - - 0 H 1 48 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX CwjjYJ2WqgTbAqiHl6 141.142.220.118 32902 141.142.2.2 53 udp - 0.000317 38 89 SF - - 0 Dd 1 66 1 117 -
|
XXXXXXXXXX.XXXXXX Ck51lg1bScffFj34Ri 141.142.220.118 32902 141.142.2.2 53 udp - 0.000317 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||||
XXXXXXXXXX.XXXXXX C0LAHyvtKSQHyJxIl 141.142.220.118 37676 141.142.2.2 53 udp - 0.000420 52 99 SF - - 0 Dd 1 80 1 127 -
|
XXXXXXXXXX.XXXXXX C9mvWx3ezztgzcexV7 141.142.220.118 37676 141.142.2.2 53 udp - 0.000420 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||||
XXXXXXXXXX.XXXXXX CFLRIC3zaTU1loLGxh 141.142.220.118 38911 141.142.2.2 53 udp - 0.000335 52 99 SF - - 0 Dd 1 80 1 127 -
|
XXXXXXXXXX.XXXXXX CNnMIj2QSd84NKf7U3 141.142.220.118 38911 141.142.2.2 53 udp - 0.000335 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||||
XXXXXXXXXX.XXXXXX C9rXSW3KSpTYvPrlI1 141.142.220.118 40526 141.142.2.2 53 udp - 0.000392 38 183 SF - - 0 Dd 1 66 1 211 -
|
XXXXXXXXXX.XXXXXX C7fIlMZDuRiqjpYbb 141.142.220.118 40526 141.142.2.2 53 udp - 0.000392 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||||
XXXXXXXXXX.XXXXXX Ck51lg1bScffFj34Ri 141.142.220.118 43927 141.142.2.2 53 udp - 0.000435 38 89 SF - - 0 Dd 1 66 1 117 -
|
XXXXXXXXXX.XXXXXX CykQaM33ztNt0csB9a 141.142.220.118 43927 141.142.2.2 53 udp - 0.000435 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||||
XXXXXXXXXX.XXXXXX C9mvWx3ezztgzcexV7 141.142.220.118 45000 141.142.2.2 53 udp - 0.000384 38 89 SF - - 0 Dd 1 66 1 117 -
|
XXXXXXXXXX.XXXXXX CtxTCR2Yer0FR1tIBg 141.142.220.118 45000 141.142.2.2 53 udp - 0.000384 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||||
XXXXXXXXXX.XXXXXX CNnMIj2QSd84NKf7U3 141.142.220.118 48128 141.142.2.2 53 udp - 0.000423 38 183 SF - - 0 Dd 1 66 1 211 -
|
XXXXXXXXXX.XXXXXX CpmdRlaUoJLN3uIRa 141.142.220.118 48128 141.142.2.2 53 udp - 0.000423 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||||
XXXXXXXXXX.XXXXXX C7fIlMZDuRiqjpYbb 141.142.220.118 48479 141.142.2.2 53 udp - 0.000317 52 99 SF - - 0 Dd 1 80 1 127 -
|
XXXXXXXXXX.XXXXXX C1Xkzz2MaGtLrc1Tla 141.142.220.118 48479 141.142.2.2 53 udp - 0.000317 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||||
XXXXXXXXXX.XXXXXX CykQaM33ztNt0csB9a 141.142.220.118 55092 141.142.2.2 53 udp - 0.000374 36 198 SF - - 0 Dd 1 64 1 226 -
|
XXXXXXXXXX.XXXXXX CqlVyW1YwZ15RhTBc4 141.142.220.118 55092 141.142.2.2 53 udp - 0.000374 36 198 SF - - 0 Dd 1 64 1 226 -
|
||||||
XXXXXXXXXX.XXXXXX CtxTCR2Yer0FR1tIBg 141.142.220.118 56056 141.142.2.2 53 udp - 0.000402 36 131 SF - - 0 Dd 1 64 1 159 -
|
XXXXXXXXXX.XXXXXX CLNN1k2QMum1aexUK7 141.142.220.118 56056 141.142.2.2 53 udp - 0.000402 36 131 SF - - 0 Dd 1 64 1 159 -
|
||||||
XXXXXXXXXX.XXXXXX CpmdRlaUoJLN3uIRa 141.142.220.118 58206 141.142.2.2 53 udp - 0.000339 38 89 SF - - 0 Dd 1 66 1 117 -
|
XXXXXXXXXX.XXXXXX CBA8792iHmnhPLksKa 141.142.220.118 58206 141.142.2.2 53 udp - 0.000339 38 89 SF - - 0 Dd 1 66 1 117 -
|
||||||
XXXXXXXXXX.XXXXXX C1Xkzz2MaGtLrc1Tla 141.142.220.118 59714 141.142.2.2 53 udp - 0.000375 38 183 SF - - 0 Dd 1 66 1 211 -
|
XXXXXXXXXX.XXXXXX CGLPPc35OzDQij1XX8 141.142.220.118 59714 141.142.2.2 53 udp - 0.000375 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||||
XXXXXXXXXX.XXXXXX CqlVyW1YwZ15RhTBc4 141.142.220.118 59746 141.142.2.2 53 udp - 0.000421 38 183 SF - - 0 Dd 1 66 1 211 -
|
XXXXXXXXXX.XXXXXX CiyBAq1bBLNaTiTAc 141.142.220.118 59746 141.142.2.2 53 udp - 0.000421 38 183 SF - - 0 Dd 1 66 1 211 -
|
||||||
XXXXXXXXXX.XXXXXX CLNN1k2QMum1aexUK7 141.142.220.118 59816 141.142.2.2 53 udp - 0.000343 52 99 SF - - 0 Dd 1 80 1 127 -
|
XXXXXXXXXX.XXXXXX CFSwNi4CNGxcuffo49 141.142.220.118 59816 141.142.2.2 53 udp - 0.000343 52 99 SF - - 0 Dd 1 80 1 127 -
|
||||||
XXXXXXXXXX.XXXXXX CBA8792iHmnhPLksKa 141.142.220.44 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 85 0 0 -
|
XXXXXXXXXX.XXXXXX C9rXSW3KSpTYvPrlI1 141.142.220.44 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 85 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX CGLPPc35OzDQij1XX8 141.142.220.50 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 179 0 0 -
|
XXXXXXXXXX.XXXXXX C4J4Th3PJpwUYZZ6gc 141.142.220.50 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 179 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX CiyBAq1bBLNaTiTAc 141.142.220.118 35634 208.80.152.2 80 tcp - 0.061329 463 350 OTH - - 0 DdA 2 567 1 402 -
|
XXXXXXXXXX.XXXXXX Cipfzj1BEnhejw8cGf 141.142.220.118 35634 208.80.152.2 80 tcp - 0.061329 463 350 OTH - - 0 DdA 2 567 1 402 -
|
||||||
XXXXXXXXXX.XXXXXX C37jN32gN3y3AZzyf6 141.142.220.118 35642 208.80.152.2 80 tcp - 0.120041 534 412 S1 - - 0 ShADad 4 750 3 576 -
|
XXXXXXXXXX.XXXXXX C0LAHyvtKSQHyJxIl 141.142.220.118 35642 208.80.152.2 80 tcp - 0.120041 534 412 S1 - - 0 ShADad 4 750 3 576 -
|
||||||
XXXXXXXXXX.XXXXXX C4J4Th3PJpwUYZZ6gc 141.142.220.118 49996 208.80.152.3 80 tcp - 0.218501 1171 733 S1 - - 0 ShADad 6 1491 4 949 -
|
XXXXXXXXXX.XXXXXX CmES5u32sYpV7JYN 141.142.220.118 49996 208.80.152.3 80 tcp - 0.218501 1171 733 S1 - - 0 ShADad 6 1491 4 949 -
|
||||||
XXXXXXXXXX.XXXXXX ClEkJM2Vm5giqnMf4h 141.142.220.118 49997 208.80.152.3 80 tcp - 0.219720 1125 734 S1 - - 0 ShADad 6 1445 4 950 -
|
XXXXXXXXXX.XXXXXX CUM0KZ3MLUfNB0cl11 141.142.220.118 49997 208.80.152.3 80 tcp - 0.219720 1125 734 S1 - - 0 ShADad 6 1445 4 950 -
|
||||||
XXXXXXXXXX.XXXXXX CtPZjS20MLrsMUOJi2 141.142.220.118 49998 208.80.152.3 80 tcp - 0.215893 1130 734 S1 - - 0 ShADad 6 1450 4 950 -
|
XXXXXXXXXX.XXXXXX CP5puj4I8PtEU4qzYg 141.142.220.118 49998 208.80.152.3 80 tcp - 0.215893 1130 734 S1 - - 0 ShADad 6 1450 4 950 -
|
||||||
XXXXXXXXXX.XXXXXX CmES5u32sYpV7JYN 141.142.220.118 49999 208.80.152.3 80 tcp - 0.220961 1137 733 S1 - - 0 ShADad 6 1457 4 949 -
|
XXXXXXXXXX.XXXXXX C3eiCBGOLw3VtHfOj 141.142.220.118 49999 208.80.152.3 80 tcp - 0.220961 1137 733 S1 - - 0 ShADad 6 1457 4 949 -
|
||||||
XXXXXXXXXX.XXXXXX CUM0KZ3MLUfNB0cl11 141.142.220.118 50000 208.80.152.3 80 tcp - 0.229603 1148 734 S1 - - 0 ShADad 6 1468 4 950 -
|
XXXXXXXXXX.XXXXXX C37jN32gN3y3AZzyf6 141.142.220.118 50000 208.80.152.3 80 tcp - 0.229603 1148 734 S1 - - 0 ShADad 6 1468 4 950 -
|
||||||
XXXXXXXXXX.XXXXXX CP5puj4I8PtEU4qzYg 141.142.220.118 50001 208.80.152.3 80 tcp - 0.227284 1178 734 S1 - - 0 ShADad 6 1498 4 950 -
|
XXXXXXXXXX.XXXXXX CwjjYJ2WqgTbAqiHl6 141.142.220.118 50001 208.80.152.3 80 tcp - 0.227284 1178 734 S1 - - 0 ShADad 6 1498 4 950 -
|
||||||
XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 141.142.220.118 48649 208.80.152.118 80 tcp - 0.119905 525 232 S1 - - 0 ShADad 4 741 3 396 -
|
XXXXXXXXXX.XXXXXX CtPZjS20MLrsMUOJi2 141.142.220.118 48649 208.80.152.118 80 tcp - 0.119905 525 232 S1 - - 0 ShADad 4 741 3 396 -
|
||||||
XXXXXXXXXX.XXXXXX CFSwNi4CNGxcuffo49 141.142.220.202 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 73 0 0 -
|
XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 141.142.220.202 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 73 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX Cipfzj1BEnhejw8cGf 141.142.220.226 137 141.142.220.255 137 udp - 2.613017 350 0 S0 - - 0 D 7 546 0 0 -
|
XXXXXXXXXX.XXXXXX CV5WJ42jPYbNW9JNWf 141.142.220.226 137 141.142.220.255 137 udp - 2.613017 350 0 S0 - - 0 D 7 546 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX CV5WJ42jPYbNW9JNWf 141.142.220.226 55131 224.0.0.252 5355 udp - 0.100021 66 0 S0 - - 0 D 2 122 0 0 -
|
XXXXXXXXXX.XXXXXX CPhDKt12KQPUVbQz06 141.142.220.226 55131 224.0.0.252 5355 udp - 0.100021 66 0 S0 - - 0 D 2 122 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX CPhDKt12KQPUVbQz06 141.142.220.226 55671 224.0.0.252 5355 udp - 0.099849 66 0 S0 - - 0 D 2 122 0 0 -
|
XXXXXXXXXX.XXXXXX CAnFrb2Cvxr5T7quOc 141.142.220.226 55671 224.0.0.252 5355 udp - 0.099849 66 0 S0 - - 0 D 2 122 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX CAnFrb2Cvxr5T7quOc 141.142.220.238 56641 141.142.220.255 137 udp - - - - S0 - - 0 D 1 78 0 0 -
|
XXXXXXXXXX.XXXXXX C8rquZ3DjgNW06JGLl 141.142.220.238 56641 141.142.220.255 137 udp - - - - S0 - - 0 D 1 78 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX C8rquZ3DjgNW06JGLl fe80::217:f2ff:fed7:cf65 5353 ff02::fb 5353 udp - - - - S0 - - 0 D 1 199 0 0 -
|
XXXXXXXXXX.XXXXXX ClEkJM2Vm5giqnMf4h fe80::217:f2ff:fed7:cf65 5353 ff02::fb 5353 udp - - - - S0 - - 0 D 1 199 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX CzrZOtXqhwwndQva3 fe80::3074:17d5:2052:c324 54213 ff02::1:3 5355 udp - 0.099801 66 0 S0 - - 0 D 2 162 0 0 -
|
XXXXXXXXXX.XXXXXX CzrZOtXqhwwndQva3 fe80::3074:17d5:2052:c324 54213 ff02::1:3 5355 udp - 0.099801 66 0 S0 - - 0 D 2 162 0 0 -
|
||||||
XXXXXXXXXX.XXXXXX CaGCc13FffXe6RkQl9 fe80::3074:17d5:2052:c324 65373 ff02::1:3 5355 udp - 0.100096 66 0 S0 - - 0 D 2 162 0 0 -
|
XXXXXXXXXX.XXXXXX CaGCc13FffXe6RkQl9 fe80::3074:17d5:2052:c324 65373 ff02::1:3 5355 udp - 0.100096 66 0 S0 - - 0 D 2 162 0 0 -
|
||||||
#close XXXX-XX-XX-XX-XX-XX
|
#close XXXX-XX-XX-XX-XX-XX
|
||||||
|
|
|
||||||
|
|
@ -7,7 +7,7 @@
|
||||||
#open XXXX-XX-XX-XX-XX-XX
|
#open XXXX-XX-XX-XX-XX-XX
|
||||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
|
||||||
#types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
#types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
|
||||||
XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 192.168.0.107 58716 88.198.248.254 80 tcp - 0.125216 117 10290 SF - - 0 ShADadFf 9 593 7 10662 -
|
XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 192.168.0.107 58716 88.198.248.254 80 tcp http 0.125216 117 10290 SF - - 0 ShADadFf 9 593 7 10662 -
|
||||||
XXXXXXXXXX.XXXXXX ClEkJM2Vm5giqnMf4h 192.168.0.107 58718 88.198.248.254 80 tcp - 0.173517 111 10284 SF - - 0 ShADadtFf 11 703 10 10812 -
|
XXXXXXXXXX.XXXXXX ClEkJM2Vm5giqnMf4h 192.168.0.107 58718 88.198.248.254 80 tcp http 0.173517 111 10284 SF - - 0 ShADadtFf 11 703 10 10812 -
|
||||||
XXXXXXXXXX.XXXXXX C4J4Th3PJpwUYZZ6gc 192.168.0.107 58720 88.198.248.254 80 tcp - 0.124639 117 10290 SF - - 0 ShADadFf 11 697 9 10766 -
|
XXXXXXXXXX.XXXXXX C4J4Th3PJpwUYZZ6gc 192.168.0.107 58720 88.198.248.254 80 tcp http 0.124639 117 10290 SF - - 0 ShADadFf 11 697 9 10766 -
|
||||||
#close XXXX-XX-XX-XX-XX-XX
|
#close XXXX-XX-XX-XX-XX-XX
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,3 @@
|
||||||
### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
|
### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
|
||||||
mount_proc_mnt: [id=[orig_h=10.111.131.18, orig_p=765/udp, resp_h=10.111.131.132, resp_p=20048/udp], orig=[size=144, state=1, num_pkts=2, num_bytes_ip=200, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=84, state=1, num_pkts=1, num_bytes_ip=52, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=552.892685 usecs, service={\x0a\x0a}, history=Dd, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, mnt_stat=MOUNT3::MNT3_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=96, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=52, rpc_uid=0, rpc_gid=0, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 5, 10, 24]]\x0a\x09[dirname=/pddevbal801]\x0a\x09[dirfh=\x01\x00\x06\x00\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2, auth_flavors=[MOUNT3::AUTH_UNIX]]\x0a
|
mount_proc_mnt: [id=[orig_h=10.111.131.18, orig_p=765/udp, resp_h=10.111.131.132, resp_p=20048/udp], orig=[size=144, state=1, num_pkts=2, num_bytes_ip=200, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=84, state=1, num_pkts=1, num_bytes_ip=52, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=552.892685 usecs, service={\x0a\x0a}, history=Dd, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, dpd_state=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, mnt_stat=MOUNT3::MNT3_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=96, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=52, rpc_uid=0, rpc_gid=0, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 5, 10, 24]]\x0a\x09[dirname=/pddevbal801]\x0a\x09[dirfh=\x01\x00\x06\x00\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2, auth_flavors=[MOUNT3::AUTH_UNIX]]\x0a
|
||||||
mount_proc_umnt: [id=[orig_h=10.111.131.18, orig_p=1016/udp, resp_h=10.111.131.132, resp_p=20048/udp], orig=[size=92, state=1, num_pkts=1, num_bytes_ip=120, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=24, state=1, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=265.836716 usecs, service={\x0a\x0a}, history=Dd, uid=ClEkJM2Vm5giqnMf4h, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, mnt_stat=MOUNT3::MNT3_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=84, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=16, rpc_uid=0, rpc_gid=0, rpc_stamp=1514568131, rpc_machine_name=pddevbal802, rpc_auxgids=[0]]\x0a\x09[dirname=/pddevbal801]\x0a
|
mount_proc_umnt: [id=[orig_h=10.111.131.18, orig_p=1016/udp, resp_h=10.111.131.132, resp_p=20048/udp], orig=[size=92, state=1, num_pkts=1, num_bytes_ip=120, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=24, state=1, num_pkts=0, num_bytes_ip=0, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=265.836716 usecs, service={\x0a\x0a}, history=Dd, uid=ClEkJM2Vm5giqnMf4h, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, dpd_state=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, mnt_stat=MOUNT3::MNT3_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=84, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=16, rpc_uid=0, rpc_gid=0, rpc_stamp=1514568131, rpc_machine_name=pddevbal802, rpc_auxgids=[0]]\x0a\x09[dirname=/pddevbal801]\x0a
|
||||||
|
|
|
||||||
|
|
@ -1,29 +1,29 @@
|
||||||
### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
|
### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
|
||||||
nfs_proc_not_implemented: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=160, state=4, num_pkts=5, num_bytes_ip=368, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=112, state=4, num_pkts=3, num_bytes_ip=156, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=528.812408 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=104, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=72, rpc_uid=0, rpc_gid=0, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 5, 10, 24]]\x0a\x09NFS3::PROC_FSINFO\x0a
|
nfs_proc_not_implemented: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=160, state=4, num_pkts=5, num_bytes_ip=368, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=112, state=4, num_pkts=3, num_bytes_ip=156, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=528.812408 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, dpd_state=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=104, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=72, rpc_uid=0, rpc_gid=0, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 5, 10, 24]]\x0a\x09NFS3::PROC_FSINFO\x0a
|
||||||
nfs_proc_not_implemented: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=276, state=4, num_pkts=6, num_bytes_ip=524, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=172, state=4, num_pkts=4, num_bytes_ip=280, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=672.81723 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=104, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=48, rpc_uid=0, rpc_gid=0, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 5, 10, 24]]\x0a\x09NFS3::PROC_PATHCONF\x0a
|
nfs_proc_not_implemented: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=276, state=4, num_pkts=6, num_bytes_ip=524, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=172, state=4, num_pkts=4, num_bytes_ip=280, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=672.81723 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, dpd_state=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=104, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=48, rpc_uid=0, rpc_gid=0, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 5, 10, 24]]\x0a\x09NFS3::PROC_PATHCONF\x0a
|
||||||
nfs_proc_not_implemented: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=508, state=4, num_pkts=8, num_bytes_ip=836, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=372, state=4, num_pkts=6, num_bytes_ip=536, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=1.0 msec 6.84166 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=104, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=72, rpc_uid=0, rpc_gid=0, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 5, 10, 24]]\x0a\x09NFS3::PROC_FSINFO\x0a
|
nfs_proc_not_implemented: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=508, state=4, num_pkts=8, num_bytes_ip=836, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=372, state=4, num_pkts=6, num_bytes_ip=536, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=1.0 msec 6.84166 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, dpd_state=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=104, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=72, rpc_uid=0, rpc_gid=0, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 5, 10, 24]]\x0a\x09NFS3::PROC_FSINFO\x0a
|
||||||
nfs_proc_not_implemented: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=744, state=4, num_pkts=10, num_bytes_ip=1152, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=612, state=4, num_pkts=8, num_bytes_ip=816, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=5.0 msecs 559.921265 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=108, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=112, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09NFS3::PROC_ACCESS\x0a
|
nfs_proc_not_implemented: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=744, state=4, num_pkts=10, num_bytes_ip=1152, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=612, state=4, num_pkts=8, num_bytes_ip=816, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=5.0 msecs 559.921265 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, dpd_state=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=108, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=112, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09NFS3::PROC_ACCESS\x0a
|
||||||
nfs_proc_mkdir: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=900, state=4, num_pkts=11, num_bytes_ip=1348, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=888, state=4, num_pkts=9, num_bytes_ip=980, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=6.0 msecs 412.982941 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=144, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=264, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[dirfh=\x01\x00\x06\x00\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2, fname=bro-nfs]\x0a\x09[fh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf, obj_attr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=6, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX], dir_pre_attr=[size=4096, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX], dir_post_attr=[ftype=NFS3::FTYPE_DIR, mode=17407, nlink=16, uid=0, gid=0, size=4096, used=4096, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=128, atime=0.0, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
nfs_proc_mkdir: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=900, state=4, num_pkts=11, num_bytes_ip=1348, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=888, state=4, num_pkts=9, num_bytes_ip=980, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=6.0 msecs 412.982941 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, dpd_state=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=144, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=264, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[dirfh=\x01\x00\x06\x00\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2, fname=bro-nfs]\x0a\x09[fh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf, obj_attr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=6, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX], dir_pre_attr=[size=4096, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX], dir_post_attr=[ftype=NFS3::FTYPE_DIR, mode=17407, nlink=16, uid=0, gid=0, size=4096, used=4096, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=128, atime=0.0, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
||||||
nfs_proc_not_implemented: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=1032, state=4, num_pkts=12, num_bytes_ip=1520, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=1012, state=4, num_pkts=10, num_bytes_ip=1296, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=7.0 msecs 315.8741 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=120, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=112, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09NFS3::PROC_ACCESS\x0a
|
nfs_proc_not_implemented: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=1032, state=4, num_pkts=12, num_bytes_ip=1520, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=1012, state=4, num_pkts=10, num_bytes_ip=1296, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=7.0 msecs 315.8741 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, dpd_state=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=120, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=112, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09NFS3::PROC_ACCESS\x0a
|
||||||
nfs_proc_lookup: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=1172, state=4, num_pkts=13, num_bytes_ip=1700, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=1132, state=4, num_pkts=11, num_bytes_ip=1460, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=7.0 msecs 541.894913 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_NOENT, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=128, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=108, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[dirfh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf, fname=testfile]\x0a\x09[fh=<uninitialized>, obj_attr=<uninitialized>, dir_attr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=6, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
nfs_proc_lookup: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=1172, state=4, num_pkts=13, num_bytes_ip=1700, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=1132, state=4, num_pkts=11, num_bytes_ip=1460, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=7.0 msecs 541.894913 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, dpd_state=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_NOENT, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=128, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=108, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[dirfh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf, fname=testfile]\x0a\x09[fh=<uninitialized>, obj_attr=<uninitialized>, dir_attr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=6, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
||||||
nfs_proc_create: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=1344, state=4, num_pkts=14, num_bytes_ip=1912, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=1408, state=4, num_pkts=12, num_bytes_ip=1620, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=8.0 msecs 343.935013 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=160, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=264, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[dirfh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf, fname=testfile]\x0a\x09[fh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf9\xdf\xa3@\x00\x00\x00\x00\x135nf, obj_attr=[ftype=NFS3::FTYPE_REG, mode=33188, nlink=1, uid=3125, gid=200, size=0, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481529, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX], dir_pre_attr=[size=0, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX], dir_post_attr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=21, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
nfs_proc_create: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=1344, state=4, num_pkts=14, num_bytes_ip=1912, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=1408, state=4, num_pkts=12, num_bytes_ip=1620, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=8.0 msecs 343.935013 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, dpd_state=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=160, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=264, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[dirfh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf, fname=testfile]\x0a\x09[fh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf9\xdf\xa3@\x00\x00\x00\x00\x135nf, obj_attr=[ftype=NFS3::FTYPE_REG, mode=33188, nlink=1, uid=3125, gid=200, size=0, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481529, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX], dir_pre_attr=[size=0, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX], dir_post_attr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=21, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
||||||
nfs_proc_sattr: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=1500, state=4, num_pkts=15, num_bytes_ip=2108, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=1556, state=4, num_pkts=13, num_bytes_ip=1936, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=8.0 msecs 932.828903 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=144, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=136, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[fh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf9\xdf\xa3@\x00\x00\x00\x00\x135nf, new_attributes=[mode=<uninitialized>, uid=<uninitialized>, gid=<uninitialized>, size=<uninitialized>, atime=NFS3::SET_TO_SERVER_TIME, mtime=NFS3::SET_TO_SERVER_TIME]]\x0a\x09[dir_pre_attr=[size=0, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX], dir_post_attr=[ftype=NFS3::FTYPE_REG, mode=33188, nlink=1, uid=3125, gid=200, size=0, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481529, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
nfs_proc_sattr: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=1500, state=4, num_pkts=15, num_bytes_ip=2108, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=1556, state=4, num_pkts=13, num_bytes_ip=1936, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=8.0 msecs 932.828903 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, dpd_state=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=144, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=136, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[fh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf9\xdf\xa3@\x00\x00\x00\x00\x135nf, new_attributes=[mode=<uninitialized>, uid=<uninitialized>, gid=<uninitialized>, size=<uninitialized>, atime=NFS3::SET_TO_SERVER_TIME, mtime=NFS3::SET_TO_SERVER_TIME]]\x0a\x09[dir_pre_attr=[size=0, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX], dir_post_attr=[ftype=NFS3::FTYPE_REG, mode=33188, nlink=1, uid=3125, gid=200, size=0, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481529, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
||||||
nfs_proc_sattr: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=1660, state=4, num_pkts=16, num_bytes_ip=2308, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=1704, state=4, num_pkts=14, num_bytes_ip=2124, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=10.0 msecs 356.903076 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=148, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=136, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[fh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf9\xdf\xa3@\x00\x00\x00\x00\x135nf, new_attributes=[mode=448, uid=<uninitialized>, gid=<uninitialized>, size=<uninitialized>, atime=NFS3::DONT_CHANGE, mtime=NFS3::DONT_CHANGE]]\x0a\x09[dir_pre_attr=[size=0, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX], dir_post_attr=[ftype=NFS3::FTYPE_REG, mode=33216, nlink=1, uid=3125, gid=200, size=0, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481529, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
nfs_proc_sattr: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=1660, state=4, num_pkts=16, num_bytes_ip=2308, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=1704, state=4, num_pkts=14, num_bytes_ip=2124, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=10.0 msecs 356.903076 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, dpd_state=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=148, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=136, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[fh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf9\xdf\xa3@\x00\x00\x00\x00\x135nf, new_attributes=[mode=448, uid=<uninitialized>, gid=<uninitialized>, size=<uninitialized>, atime=NFS3::DONT_CHANGE, mtime=NFS3::DONT_CHANGE]]\x0a\x09[dir_pre_attr=[size=0, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX], dir_post_attr=[ftype=NFS3::FTYPE_REG, mode=33216, nlink=1, uid=3125, gid=200, size=0, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481529, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
||||||
nfs_proc_sattr: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=1820, state=4, num_pkts=17, num_bytes_ip=2508, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=1852, state=4, num_pkts=15, num_bytes_ip=2312, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=11.0 msecs 928.796768 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=148, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=136, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[fh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf9\xdf\xa3@\x00\x00\x00\x00\x135nf, new_attributes=[mode=511, uid=<uninitialized>, gid=<uninitialized>, size=<uninitialized>, atime=NFS3::DONT_CHANGE, mtime=NFS3::DONT_CHANGE]]\x0a\x09[dir_pre_attr=[size=0, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX], dir_post_attr=[ftype=NFS3::FTYPE_REG, mode=33279, nlink=1, uid=3125, gid=200, size=0, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481529, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
nfs_proc_sattr: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=1820, state=4, num_pkts=17, num_bytes_ip=2508, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=1852, state=4, num_pkts=15, num_bytes_ip=2312, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=11.0 msecs 928.796768 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, dpd_state=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=148, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=136, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[fh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf9\xdf\xa3@\x00\x00\x00\x00\x135nf, new_attributes=[mode=511, uid=<uninitialized>, gid=<uninitialized>, size=<uninitialized>, atime=NFS3::DONT_CHANGE, mtime=NFS3::DONT_CHANGE]]\x0a\x09[dir_pre_attr=[size=0, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX], dir_post_attr=[ftype=NFS3::FTYPE_REG, mode=33279, nlink=1, uid=3125, gid=200, size=0, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481529, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
||||||
nfs_proc_lookup: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=1968, state=4, num_pkts=18, num_bytes_ip=2696, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=1972, state=4, num_pkts=16, num_bytes_ip=2500, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=12.0 msecs 798.786163 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_NOENT, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=136, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=108, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[dirfh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf, fname=testfile-symlink]\x0a\x09[fh=<uninitialized>, obj_attr=<uninitialized>, dir_attr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=21, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
nfs_proc_lookup: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=1968, state=4, num_pkts=18, num_bytes_ip=2696, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=1972, state=4, num_pkts=16, num_bytes_ip=2500, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=12.0 msecs 798.786163 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, dpd_state=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_NOENT, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=136, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=108, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[dirfh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf, fname=testfile-symlink]\x0a\x09[fh=<uninitialized>, obj_attr=<uninitialized>, dir_attr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=21, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
||||||
nfs_proc_symlink: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=2184, state=4, num_pkts=19, num_bytes_ip=2952, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=2248, state=4, num_pkts=17, num_bytes_ip=2660, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=13.0 msecs 430.833817 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=204, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=264, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[link=[dirfh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf, fname=testfile-symlink], symlinkdata=[symlink_attributes=[mode=511, uid=<uninitialized>, gid=<uninitialized>, size=<uninitialized>, atime=NFS3::DONT_CHANGE, mtime=NFS3::DONT_CHANGE], nfspath=/nfs/pddevbal801/bro-nfs/testfile]]\x0a\x09[fh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xfa\xdf\xa3@\x00\x00\x00\x00\x135nf, obj_attr=[ftype=NFS3::FTYPE_LNK, mode=41471, nlink=1, uid=3125, gid=200, size=33, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481530, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX], dir_pre_attr=[size=0, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX], dir_post_attr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=44, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
nfs_proc_symlink: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=2184, state=4, num_pkts=19, num_bytes_ip=2952, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=2248, state=4, num_pkts=17, num_bytes_ip=2660, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=13.0 msecs 430.833817 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, dpd_state=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=204, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=264, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[link=[dirfh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf, fname=testfile-symlink], symlinkdata=[symlink_attributes=[mode=511, uid=<uninitialized>, gid=<uninitialized>, size=<uninitialized>, atime=NFS3::DONT_CHANGE, mtime=NFS3::DONT_CHANGE], nfspath=/nfs/pddevbal801/bro-nfs/testfile]]\x0a\x09[fh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xfa\xdf\xa3@\x00\x00\x00\x00\x135nf, obj_attr=[ftype=NFS3::FTYPE_LNK, mode=41471, nlink=1, uid=3125, gid=200, size=33, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481530, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX], dir_pre_attr=[size=0, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX], dir_post_attr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=44, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
||||||
nfs_proc_sattr: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=2348, state=4, num_pkts=20, num_bytes_ip=3156, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=2396, state=4, num_pkts=18, num_bytes_ip=2976, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=15.0 msecs 40.874481 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=152, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=136, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[fh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf9\xdf\xa3@\x00\x00\x00\x00\x135nf, new_attributes=[mode=<uninitialized>, uid=3125, gid=10, size=<uninitialized>, atime=NFS3::DONT_CHANGE, mtime=NFS3::DONT_CHANGE]]\x0a\x09[dir_pre_attr=[size=0, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX], dir_post_attr=[ftype=NFS3::FTYPE_REG, mode=33279, nlink=1, uid=3125, gid=10, size=0, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481529, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
nfs_proc_sattr: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=2348, state=4, num_pkts=20, num_bytes_ip=3156, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=2396, state=4, num_pkts=18, num_bytes_ip=2976, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=15.0 msecs 40.874481 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, dpd_state=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=152, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=136, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[fh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf9\xdf\xa3@\x00\x00\x00\x00\x135nf, new_attributes=[mode=<uninitialized>, uid=3125, gid=10, size=<uninitialized>, atime=NFS3::DONT_CHANGE, mtime=NFS3::DONT_CHANGE]]\x0a\x09[dir_pre_attr=[size=0, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX], dir_post_attr=[ftype=NFS3::FTYPE_REG, mode=33279, nlink=1, uid=3125, gid=10, size=0, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481529, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
||||||
nfs_proc_sattr: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=2512, state=4, num_pkts=21, num_bytes_ip=3360, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=2544, state=4, num_pkts=19, num_bytes_ip=3164, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=16.0 msecs 412.973404 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=152, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=136, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[fh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf9\xdf\xa3@\x00\x00\x00\x00\x135nf, new_attributes=[mode=<uninitialized>, uid=3125, gid=200, size=<uninitialized>, atime=NFS3::DONT_CHANGE, mtime=NFS3::DONT_CHANGE]]\x0a\x09[dir_pre_attr=[size=0, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX], dir_post_attr=[ftype=NFS3::FTYPE_REG, mode=33279, nlink=1, uid=3125, gid=200, size=0, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481529, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
nfs_proc_sattr: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=2512, state=4, num_pkts=21, num_bytes_ip=3360, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=2544, state=4, num_pkts=19, num_bytes_ip=3164, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=16.0 msecs 412.973404 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, dpd_state=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=152, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=136, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[fh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf9\xdf\xa3@\x00\x00\x00\x00\x135nf, new_attributes=[mode=<uninitialized>, uid=3125, gid=200, size=<uninitialized>, atime=NFS3::DONT_CHANGE, mtime=NFS3::DONT_CHANGE]]\x0a\x09[dir_pre_attr=[size=0, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX], dir_post_attr=[ftype=NFS3::FTYPE_REG, mode=33279, nlink=1, uid=3125, gid=200, size=0, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481529, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
||||||
nfs_proc_lookup: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=2668, state=4, num_pkts=22, num_bytes_ip=3556, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=2664, state=4, num_pkts=20, num_bytes_ip=3352, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=17.0 msecs 566.919327 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_NOENT, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=144, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=108, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[dirfh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf, fname=testfile-symlink.renamed]\x0a\x09[fh=<uninitialized>, obj_attr=<uninitialized>, dir_attr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=44, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
nfs_proc_lookup: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=2668, state=4, num_pkts=22, num_bytes_ip=3556, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=2664, state=4, num_pkts=20, num_bytes_ip=3352, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=17.0 msecs 566.919327 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, dpd_state=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_NOENT, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=144, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=108, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[dirfh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf, fname=testfile-symlink.renamed]\x0a\x09[fh=<uninitialized>, obj_attr=<uninitialized>, dir_attr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=44, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
||||||
nfs_proc_rename: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=2880, state=4, num_pkts=23, num_bytes_ip=3808, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=2928, state=4, num_pkts=21, num_bytes_ip=3512, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=18.0 msecs 251.895905 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=200, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=252, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[src_dirfh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf, src_fname=testfile-symlink, dst_dirfh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf, dst_fname=testfile-symlink.renamed]\x0a\x09[src_dir_pre_attr=[size=0, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX], src_dir_post_attr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=52, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX], dst_dir_pre_attr=[size=0, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX], dst_dir_post_attr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=52, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
nfs_proc_rename: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=2880, state=4, num_pkts=23, num_bytes_ip=3808, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=2928, state=4, num_pkts=21, num_bytes_ip=3512, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=18.0 msecs 251.895905 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, dpd_state=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=200, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=252, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[src_dirfh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf, src_fname=testfile-symlink, dst_dirfh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf, dst_fname=testfile-symlink.renamed]\x0a\x09[src_dir_pre_attr=[size=0, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX], src_dir_post_attr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=52, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX], dst_dir_pre_attr=[size=0, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX], dst_dir_post_attr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=52, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
||||||
nfs_proc_readlink: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=3136, state=4, num_pkts=25, num_bytes_ip=4144, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=3204, state=4, num_pkts=23, num_bytes_ip=3972, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=19.0 msecs 332.885742 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=116, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=148, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xfa\xdf\xa3@\x00\x00\x00\x00\x135nf\x0a\x09[attr=[ftype=NFS3::FTYPE_LNK, mode=41471, nlink=1, uid=3125, gid=200, size=33, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481530, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX], nfspath=/nfs/pddevbal801/bro-nfs/testfile]\x0a
|
nfs_proc_readlink: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=3136, state=4, num_pkts=25, num_bytes_ip=4144, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=3204, state=4, num_pkts=23, num_bytes_ip=3972, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=19.0 msecs 332.885742 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, dpd_state=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=116, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=148, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xfa\xdf\xa3@\x00\x00\x00\x00\x135nf\x0a\x09[attr=[ftype=NFS3::FTYPE_LNK, mode=41471, nlink=1, uid=3125, gid=200, size=33, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481530, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX], nfspath=/nfs/pddevbal801/bro-nfs/testfile]\x0a
|
||||||
nfs_proc_remove: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=3292, state=4, num_pkts=26, num_bytes_ip=4340, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=3352, state=4, num_pkts=24, num_bytes_ip=4172, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=20.0 msecs 915.985107 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=144, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=136, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[dirfh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf, fname=testfile-symlink.renamed]\x0a\x09[dir_pre_attr=[size=0, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX], dir_post_attr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=21, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
nfs_proc_remove: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=3292, state=4, num_pkts=26, num_bytes_ip=4340, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=3352, state=4, num_pkts=24, num_bytes_ip=4172, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=20.0 msecs 915.985107 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, dpd_state=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=144, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=136, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[dirfh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf, fname=testfile-symlink.renamed]\x0a\x09[dir_pre_attr=[size=0, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX], dir_post_attr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=21, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
||||||
nfs_proc_lookup: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=3440, state=4, num_pkts=27, num_bytes_ip=4528, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=3472, state=4, num_pkts=25, num_bytes_ip=4360, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=21.0 msecs 752.83432 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_NOENT, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=136, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=108, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[dirfh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf, fname=testfile-link]\x0a\x09[fh=<uninitialized>, obj_attr=<uninitialized>, dir_attr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=21, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
nfs_proc_lookup: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=3440, state=4, num_pkts=27, num_bytes_ip=4528, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=3472, state=4, num_pkts=25, num_bytes_ip=4360, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=21.0 msecs 752.83432 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, dpd_state=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_NOENT, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=136, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=108, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[dirfh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf, fname=testfile-link]\x0a\x09[fh=<uninitialized>, obj_attr=<uninitialized>, dir_attr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=21, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
||||||
nfs_proc_link: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=3624, state=4, num_pkts=28, num_bytes_ip=4752, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=3708, state=4, num_pkts=26, num_bytes_ip=4520, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=22.0 msecs 397.994995 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=172, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=224, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[fh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf9\xdf\xa3@\x00\x00\x00\x00\x135nf, link=[dirfh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf, fname=testfile-link]]\x0a\x09[post_attr=[ftype=NFS3::FTYPE_REG, mode=33279, nlink=2, uid=3125, gid=200, size=0, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481529, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX], preattr=[size=0, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX], postattr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=41, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
nfs_proc_link: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=3624, state=4, num_pkts=28, num_bytes_ip=4752, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=3708, state=4, num_pkts=26, num_bytes_ip=4520, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=22.0 msecs 397.994995 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, dpd_state=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=172, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=224, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[fh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf9\xdf\xa3@\x00\x00\x00\x00\x135nf, link=[dirfh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf, fname=testfile-link]]\x0a\x09[post_attr=[ftype=NFS3::FTYPE_REG, mode=33279, nlink=2, uid=3125, gid=200, size=0, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481529, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX], preattr=[size=0, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX], postattr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=41, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
||||||
nfs_proc_readdir: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=3904, state=4, num_pkts=30, num_bytes_ip=5112, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=4588, state=4, num_pkts=28, num_bytes_ip=4952, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=23.0 msecs 840.904236 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=140, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=752, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[isplus=T, dirfh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf, cookie=0, cookieverf=0, dircount=512, maxcount=4096]\x0a\x09[isplus=T, dir_attr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=41, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX], cookieverf=0, entries=[, [fileid=1084481527, fname=., cookie=4, attr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=41, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX], fh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf], [fileid=128, fname=.., cookie=6, attr=[ftype=NFS3::FTYPE_DIR, mode=17407, nlink=16, uid=0, gid=0, size=4096, used=4096, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=128, atime=0.0, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX], fh=\x01\x00\x06\x00\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2], [fileid=1084481529, fname=testfile, cookie=9, attr=[ftype=NFS3::FTYPE_REG, mode=33279, nlink=2, uid=3125, gid=200, size=0, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481529, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX], fh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf9\xdf\xa3@\x00\x00\x00\x00\x135nf], [fileid=1084481529, fname=testfile-link, cookie=512, attr=[ftype=NFS3::FTYPE_REG, mode=33279, nlink=2, uid=3125, gid=200, size=0, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481529, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX], fh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf9\xdf\xa3@\x00\x00\x00\x00\x135nf]], eof=T]\x0a
|
nfs_proc_readdir: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=3904, state=4, num_pkts=30, num_bytes_ip=5112, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=4588, state=4, num_pkts=28, num_bytes_ip=4952, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=23.0 msecs 840.904236 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, dpd_state=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=140, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=752, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[isplus=T, dirfh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf, cookie=0, cookieverf=0, dircount=512, maxcount=4096]\x0a\x09[isplus=T, dir_attr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=41, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX], cookieverf=0, entries=[, [fileid=1084481527, fname=., cookie=4, attr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=41, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX], fh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf], [fileid=128, fname=.., cookie=6, attr=[ftype=NFS3::FTYPE_DIR, mode=17407, nlink=16, uid=0, gid=0, size=4096, used=4096, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=128, atime=0.0, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX], fh=\x01\x00\x06\x00\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2], [fileid=1084481529, fname=testfile, cookie=9, attr=[ftype=NFS3::FTYPE_REG, mode=33279, nlink=2, uid=3125, gid=200, size=0, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481529, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX], fh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf9\xdf\xa3@\x00\x00\x00\x00\x135nf], [fileid=1084481529, fname=testfile-link, cookie=512, attr=[ftype=NFS3::FTYPE_REG, mode=33279, nlink=2, uid=3125, gid=200, size=0, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481529, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX], fh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf9\xdf\xa3@\x00\x00\x00\x00\x135nf]], eof=T]\x0a
|
||||||
nfs_proc_remove: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=4052, state=4, num_pkts=31, num_bytes_ip=5300, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=4736, state=4, num_pkts=29, num_bytes_ip=5756, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=25.0 msecs 476.932526 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=136, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=136, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[dirfh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf, fname=testfile-link]\x0a\x09[dir_pre_attr=[size=0, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX], dir_post_attr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=21, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
nfs_proc_remove: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=4052, state=4, num_pkts=31, num_bytes_ip=5300, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=4736, state=4, num_pkts=29, num_bytes_ip=5756, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=25.0 msecs 476.932526 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, dpd_state=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=136, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=136, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[dirfh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf, fname=testfile-link]\x0a\x09[dir_pre_attr=[size=0, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX], dir_post_attr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=21, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
||||||
nfs_proc_lookup: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=4200, state=4, num_pkts=32, num_bytes_ip=5488, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=4856, state=4, num_pkts=30, num_bytes_ip=5944, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=26.0 msecs 816.84494 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_NOENT, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=136, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=108, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[dirfh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf, fname=testfile.renamed]\x0a\x09[fh=<uninitialized>, obj_attr=<uninitialized>, dir_attr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=21, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
nfs_proc_lookup: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=4200, state=4, num_pkts=32, num_bytes_ip=5488, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=4856, state=4, num_pkts=30, num_bytes_ip=5944, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=26.0 msecs 816.84494 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, dpd_state=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_NOENT, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=136, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=108, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[dirfh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf, fname=testfile.renamed]\x0a\x09[fh=<uninitialized>, obj_attr=<uninitialized>, dir_attr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=21, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
||||||
nfs_proc_rename: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=4524, state=4, num_pkts=34, num_bytes_ip=5892, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=5236, state=4, num_pkts=32, num_bytes_ip=6260, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=27.0 msecs 592.897415 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=184, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=252, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[src_dirfh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf, src_fname=testfile, dst_dirfh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf, dst_fname=testfile.renamed]\x0a\x09[src_dir_pre_attr=[size=0, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX], src_dir_post_attr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=29, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX], dst_dir_pre_attr=[size=0, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX], dst_dir_post_attr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=29, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
nfs_proc_rename: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=4524, state=4, num_pkts=34, num_bytes_ip=5892, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=5236, state=4, num_pkts=32, num_bytes_ip=6260, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=27.0 msecs 592.897415 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, dpd_state=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=184, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=252, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[src_dirfh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf, src_fname=testfile, dst_dirfh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf, dst_fname=testfile.renamed]\x0a\x09[src_dir_pre_attr=[size=0, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX], src_dir_post_attr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=29, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX], dst_dir_pre_attr=[size=0, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX], dst_dir_post_attr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=29, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
||||||
nfs_proc_not_implemented: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=4784, state=4, num_pkts=36, num_bytes_ip=6232, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=5476, state=4, num_pkts=34, num_bytes_ip=6720, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=28.0 msecs 733.968735 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=120, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=112, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09NFS3::PROC_ACCESS\x0a
|
nfs_proc_not_implemented: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=4784, state=4, num_pkts=36, num_bytes_ip=6232, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=5476, state=4, num_pkts=34, num_bytes_ip=6720, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=28.0 msecs 733.968735 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, dpd_state=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=120, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=112, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09NFS3::PROC_ACCESS\x0a
|
||||||
nfs_proc_remove: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=4932, state=4, num_pkts=37, num_bytes_ip=6420, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=5624, state=4, num_pkts=35, num_bytes_ip=6884, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=29.0 msecs 353.85704 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=136, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=136, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[dirfh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf, fname=testfile.renamed]\x0a\x09[dir_pre_attr=[size=0, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX], dir_post_attr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=6, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
nfs_proc_remove: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=4932, state=4, num_pkts=37, num_bytes_ip=6420, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=5624, state=4, num_pkts=35, num_bytes_ip=6884, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=29.0 msecs 353.85704 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, dpd_state=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=136, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=136, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[dirfh=\x01\x00\x06\x81\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2\xf7\xdf\xa3@\x00\x00\x00\x00\x1a5nf, fname=testfile.renamed]\x0a\x09[dir_pre_attr=[size=0, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX], dir_post_attr=[ftype=NFS3::FTYPE_DIR, mode=16877, nlink=2, uid=3125, gid=200, size=6, used=0, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=1084481527, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
||||||
nfs_proc_rmdir: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=5060, state=4, num_pkts=38, num_bytes_ip=6588, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=5772, state=4, num_pkts=36, num_bytes_ip=7072, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=30.0 msecs 703.783035 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=116, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=136, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[dirfh=\x01\x00\x06\x00\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2, fname=bro-nfs]\x0a\x09[dir_pre_attr=[size=4096, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX], dir_post_attr=[ftype=NFS3::FTYPE_DIR, mode=17407, nlink=15, uid=0, gid=0, size=4096, used=4096, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=128, atime=0.0, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
nfs_proc_rmdir: [id=[orig_h=10.111.131.18, orig_p=720/tcp, resp_h=10.111.131.132, resp_p=2049/tcp], orig=[size=5060, state=4, num_pkts=38, num_bytes_ip=6588, flow_label=0, l2_addr=00:50:56:b2:4e:d3], resp=[size=5772, state=4, num_pkts=36, num_bytes_ip=7072, flow_label=0, l2_addr=00:50:56:b2:78:69], start_time=XXXXXXXXXX.XXXXXX, duration=30.0 msecs 703.783035 usecs, service={\x0a\x0a}, history=ShADad, uid=CHhAvVGS1DHFjwGM9, tunnel=<uninitialized>, vlan=<uninitialized>, inner_vlan=<uninitialized>, dpd=<uninitialized>, dpd_state=<uninitialized>]\x0a\x09[rpc_stat=RPC_SUCCESS, nfs_stat=NFS3::NFS3ERR_OK, req_start=XXXXXXXXXX.XXXXXX, req_dur=0 secs, req_len=116, rep_start=XXXXXXXXXX.XXXXXX, rep_dur=0 secs, rep_len=136, rpc_uid=3125, rpc_gid=200, rpc_stamp=19078341, rpc_machine_name=pddevbal802, rpc_auxgids=[0, 10, 24, 200]]\x0a\x09[dirfh=\x01\x00\x06\x00\xea,\xbbJ\x9e\xf7I\x95\xa56V(\xce\xda`\xa2, fname=bro-nfs]\x0a\x09[dir_pre_attr=[size=4096, atime=XXXXXXXXXX.XXXXXX, mtime=XXXXXXXXXX.XXXXXX], dir_post_attr=[ftype=NFS3::FTYPE_DIR, mode=17407, nlink=15, uid=0, gid=0, size=4096, used=4096, rdev1=0, rdev2=0, fsid=3974757969411512911, fileid=128, atime=0.0, mtime=XXXXXXXXXX.XXXXXX, ctime=XXXXXXXXXX.XXXXXX]]\x0a
|
||||||
|
|
|
||||||
|
|
@ -7,38 +7,38 @@
|
||||||
#open XXXX-XX-XX-XX-XX-XX
|
#open XXXX-XX-XX-XX-XX-XX
|
||||||
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents orig_l2_addr resp_l2_addr
|
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents orig_l2_addr resp_l2_addr
|
||||||
#types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string] string string
|
#types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string] string string
|
||||||
XXXXXXXXXX.XXXXXX C3eiCBGOLw3VtHfOj 173.192.163.128 80 141.142.220.235 6705 tcp - - - - OTH - - 0 H 1 48 0 0 - 00:13:7f:be:8c:ff 00:e0:db:01:cf:4b
|
XXXXXXXXXX.XXXXXX CFLRIC3zaTU1loLGxh 173.192.163.128 80 141.142.220.235 6705 tcp - - - - OTH - - 0 H 1 48 0 0 - 00:13:7f:be:8c:ff 00:e0:db:01:cf:4b
|
||||||
XXXXXXXXXX.XXXXXX CwjjYJ2WqgTbAqiHl6 141.142.220.118 32902 141.142.2.2 53 udp - 0.000317 38 89 SF - - 0 Dd 1 66 1 117 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
XXXXXXXXXX.XXXXXX Ck51lg1bScffFj34Ri 141.142.220.118 32902 141.142.2.2 53 udp - 0.000317 38 89 SF - - 0 Dd 1 66 1 117 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||||
XXXXXXXXXX.XXXXXX C0LAHyvtKSQHyJxIl 141.142.220.118 37676 141.142.2.2 53 udp - 0.000420 52 99 SF - - 0 Dd 1 80 1 127 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
XXXXXXXXXX.XXXXXX C9mvWx3ezztgzcexV7 141.142.220.118 37676 141.142.2.2 53 udp - 0.000420 52 99 SF - - 0 Dd 1 80 1 127 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||||
XXXXXXXXXX.XXXXXX CFLRIC3zaTU1loLGxh 141.142.220.118 38911 141.142.2.2 53 udp - 0.000335 52 99 SF - - 0 Dd 1 80 1 127 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
XXXXXXXXXX.XXXXXX CNnMIj2QSd84NKf7U3 141.142.220.118 38911 141.142.2.2 53 udp - 0.000335 52 99 SF - - 0 Dd 1 80 1 127 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||||
XXXXXXXXXX.XXXXXX C9rXSW3KSpTYvPrlI1 141.142.220.118 40526 141.142.2.2 53 udp - 0.000392 38 183 SF - - 0 Dd 1 66 1 211 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
XXXXXXXXXX.XXXXXX C7fIlMZDuRiqjpYbb 141.142.220.118 40526 141.142.2.2 53 udp - 0.000392 38 183 SF - - 0 Dd 1 66 1 211 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||||
XXXXXXXXXX.XXXXXX Ck51lg1bScffFj34Ri 141.142.220.118 43927 141.142.2.2 53 udp - 0.000435 38 89 SF - - 0 Dd 1 66 1 117 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
XXXXXXXXXX.XXXXXX CykQaM33ztNt0csB9a 141.142.220.118 43927 141.142.2.2 53 udp - 0.000435 38 89 SF - - 0 Dd 1 66 1 117 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||||
XXXXXXXXXX.XXXXXX C9mvWx3ezztgzcexV7 141.142.220.118 45000 141.142.2.2 53 udp - 0.000384 38 89 SF - - 0 Dd 1 66 1 117 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
XXXXXXXXXX.XXXXXX CtxTCR2Yer0FR1tIBg 141.142.220.118 45000 141.142.2.2 53 udp - 0.000384 38 89 SF - - 0 Dd 1 66 1 117 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||||
XXXXXXXXXX.XXXXXX CNnMIj2QSd84NKf7U3 141.142.220.118 48128 141.142.2.2 53 udp - 0.000423 38 183 SF - - 0 Dd 1 66 1 211 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
XXXXXXXXXX.XXXXXX CpmdRlaUoJLN3uIRa 141.142.220.118 48128 141.142.2.2 53 udp - 0.000423 38 183 SF - - 0 Dd 1 66 1 211 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||||
XXXXXXXXXX.XXXXXX C7fIlMZDuRiqjpYbb 141.142.220.118 48479 141.142.2.2 53 udp - 0.000317 52 99 SF - - 0 Dd 1 80 1 127 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
XXXXXXXXXX.XXXXXX C1Xkzz2MaGtLrc1Tla 141.142.220.118 48479 141.142.2.2 53 udp - 0.000317 52 99 SF - - 0 Dd 1 80 1 127 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||||
XXXXXXXXXX.XXXXXX CykQaM33ztNt0csB9a 141.142.220.118 55092 141.142.2.2 53 udp - 0.000374 36 198 SF - - 0 Dd 1 64 1 226 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
XXXXXXXXXX.XXXXXX CqlVyW1YwZ15RhTBc4 141.142.220.118 55092 141.142.2.2 53 udp - 0.000374 36 198 SF - - 0 Dd 1 64 1 226 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||||
XXXXXXXXXX.XXXXXX CtxTCR2Yer0FR1tIBg 141.142.220.118 56056 141.142.2.2 53 udp - 0.000402 36 131 SF - - 0 Dd 1 64 1 159 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
XXXXXXXXXX.XXXXXX CLNN1k2QMum1aexUK7 141.142.220.118 56056 141.142.2.2 53 udp - 0.000402 36 131 SF - - 0 Dd 1 64 1 159 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||||
XXXXXXXXXX.XXXXXX CpmdRlaUoJLN3uIRa 141.142.220.118 58206 141.142.2.2 53 udp - 0.000339 38 89 SF - - 0 Dd 1 66 1 117 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
XXXXXXXXXX.XXXXXX CBA8792iHmnhPLksKa 141.142.220.118 58206 141.142.2.2 53 udp - 0.000339 38 89 SF - - 0 Dd 1 66 1 117 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||||
XXXXXXXXXX.XXXXXX C1Xkzz2MaGtLrc1Tla 141.142.220.118 59714 141.142.2.2 53 udp - 0.000375 38 183 SF - - 0 Dd 1 66 1 211 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
XXXXXXXXXX.XXXXXX CGLPPc35OzDQij1XX8 141.142.220.118 59714 141.142.2.2 53 udp - 0.000375 38 183 SF - - 0 Dd 1 66 1 211 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||||
XXXXXXXXXX.XXXXXX CqlVyW1YwZ15RhTBc4 141.142.220.118 59746 141.142.2.2 53 udp - 0.000421 38 183 SF - - 0 Dd 1 66 1 211 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
XXXXXXXXXX.XXXXXX CiyBAq1bBLNaTiTAc 141.142.220.118 59746 141.142.2.2 53 udp - 0.000421 38 183 SF - - 0 Dd 1 66 1 211 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||||
XXXXXXXXXX.XXXXXX CLNN1k2QMum1aexUK7 141.142.220.118 59816 141.142.2.2 53 udp - 0.000343 52 99 SF - - 0 Dd 1 80 1 127 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
XXXXXXXXXX.XXXXXX CFSwNi4CNGxcuffo49 141.142.220.118 59816 141.142.2.2 53 udp - 0.000343 52 99 SF - - 0 Dd 1 80 1 127 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||||
XXXXXXXXXX.XXXXXX CBA8792iHmnhPLksKa 141.142.220.44 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 85 0 0 - 00:16:76:23:d9:e3 01:00:5e:00:00:fb
|
XXXXXXXXXX.XXXXXX C9rXSW3KSpTYvPrlI1 141.142.220.44 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 85 0 0 - 00:16:76:23:d9:e3 01:00:5e:00:00:fb
|
||||||
XXXXXXXXXX.XXXXXX CGLPPc35OzDQij1XX8 141.142.220.50 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 179 0 0 - 00:17:f2:d7:cf:65 01:00:5e:00:00:fb
|
XXXXXXXXXX.XXXXXX C4J4Th3PJpwUYZZ6gc 141.142.220.50 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 179 0 0 - 00:17:f2:d7:cf:65 01:00:5e:00:00:fb
|
||||||
XXXXXXXXXX.XXXXXX CiyBAq1bBLNaTiTAc 141.142.220.118 35634 208.80.152.2 80 tcp - 0.061329 463 350 OTH - - 0 DdA 2 567 1 402 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
XXXXXXXXXX.XXXXXX Cipfzj1BEnhejw8cGf 141.142.220.118 35634 208.80.152.2 80 tcp - 0.061329 463 350 OTH - - 0 DdA 2 567 1 402 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||||
XXXXXXXXXX.XXXXXX C37jN32gN3y3AZzyf6 141.142.220.118 35642 208.80.152.2 80 tcp - 0.120041 534 412 S1 - - 0 ShADad 4 750 3 576 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
XXXXXXXXXX.XXXXXX C0LAHyvtKSQHyJxIl 141.142.220.118 35642 208.80.152.2 80 tcp - 0.120041 534 412 S1 - - 0 ShADad 4 750 3 576 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||||
XXXXXXXXXX.XXXXXX C4J4Th3PJpwUYZZ6gc 141.142.220.118 49996 208.80.152.3 80 tcp - 0.218501 1171 733 S1 - - 0 ShADad 6 1491 4 949 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
XXXXXXXXXX.XXXXXX CmES5u32sYpV7JYN 141.142.220.118 49996 208.80.152.3 80 tcp - 0.218501 1171 733 S1 - - 0 ShADad 6 1491 4 949 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||||
XXXXXXXXXX.XXXXXX ClEkJM2Vm5giqnMf4h 141.142.220.118 49997 208.80.152.3 80 tcp - 0.219720 1125 734 S1 - - 0 ShADad 6 1445 4 950 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
XXXXXXXXXX.XXXXXX CUM0KZ3MLUfNB0cl11 141.142.220.118 49997 208.80.152.3 80 tcp - 0.219720 1125 734 S1 - - 0 ShADad 6 1445 4 950 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||||
XXXXXXXXXX.XXXXXX CtPZjS20MLrsMUOJi2 141.142.220.118 49998 208.80.152.3 80 tcp - 0.215893 1130 734 S1 - - 0 ShADad 6 1450 4 950 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
XXXXXXXXXX.XXXXXX CP5puj4I8PtEU4qzYg 141.142.220.118 49998 208.80.152.3 80 tcp - 0.215893 1130 734 S1 - - 0 ShADad 6 1450 4 950 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||||
XXXXXXXXXX.XXXXXX CmES5u32sYpV7JYN 141.142.220.118 49999 208.80.152.3 80 tcp - 0.220961 1137 733 S1 - - 0 ShADad 6 1457 4 949 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
XXXXXXXXXX.XXXXXX C3eiCBGOLw3VtHfOj 141.142.220.118 49999 208.80.152.3 80 tcp - 0.220961 1137 733 S1 - - 0 ShADad 6 1457 4 949 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||||
XXXXXXXXXX.XXXXXX CUM0KZ3MLUfNB0cl11 141.142.220.118 50000 208.80.152.3 80 tcp - 0.229603 1148 734 S1 - - 0 ShADad 6 1468 4 950 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
XXXXXXXXXX.XXXXXX C37jN32gN3y3AZzyf6 141.142.220.118 50000 208.80.152.3 80 tcp - 0.229603 1148 734 S1 - - 0 ShADad 6 1468 4 950 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||||
XXXXXXXXXX.XXXXXX CP5puj4I8PtEU4qzYg 141.142.220.118 50001 208.80.152.3 80 tcp - 0.227284 1178 734 S1 - - 0 ShADad 6 1498 4 950 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
XXXXXXXXXX.XXXXXX CwjjYJ2WqgTbAqiHl6 141.142.220.118 50001 208.80.152.3 80 tcp - 0.227284 1178 734 S1 - - 0 ShADad 6 1498 4 950 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||||
XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 141.142.220.118 48649 208.80.152.118 80 tcp - 0.119905 525 232 S1 - - 0 ShADad 4 741 3 396 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
XXXXXXXXXX.XXXXXX CtPZjS20MLrsMUOJi2 141.142.220.118 48649 208.80.152.118 80 tcp - 0.119905 525 232 S1 - - 0 ShADad 4 741 3 396 - 00:24:7e:e0:1d:b5 00:13:7f:be:8c:ff
|
||||||
XXXXXXXXXX.XXXXXX CFSwNi4CNGxcuffo49 141.142.220.202 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 73 0 0 - 00:30:48:bd:3e:c4 01:00:5e:00:00:fb
|
XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 141.142.220.202 5353 224.0.0.251 5353 udp - - - - S0 - - 0 D 1 73 0 0 - 00:30:48:bd:3e:c4 01:00:5e:00:00:fb
|
||||||
XXXXXXXXXX.XXXXXX Cipfzj1BEnhejw8cGf 141.142.220.226 137 141.142.220.255 137 udp - 2.613017 350 0 S0 - - 0 D 7 546 0 0 - f0:4d:a2:47:ba:25 ff:ff:ff:ff:ff:ff
|
XXXXXXXXXX.XXXXXX CV5WJ42jPYbNW9JNWf 141.142.220.226 137 141.142.220.255 137 udp - 2.613017 350 0 S0 - - 0 D 7 546 0 0 - f0:4d:a2:47:ba:25 ff:ff:ff:ff:ff:ff
|
||||||
XXXXXXXXXX.XXXXXX CV5WJ42jPYbNW9JNWf 141.142.220.226 55131 224.0.0.252 5355 udp - 0.100021 66 0 S0 - - 0 D 2 122 0 0 - f0:4d:a2:47:ba:25 01:00:5e:00:00:fc
|
XXXXXXXXXX.XXXXXX CPhDKt12KQPUVbQz06 141.142.220.226 55131 224.0.0.252 5355 udp - 0.100021 66 0 S0 - - 0 D 2 122 0 0 - f0:4d:a2:47:ba:25 01:00:5e:00:00:fc
|
||||||
XXXXXXXXXX.XXXXXX CPhDKt12KQPUVbQz06 141.142.220.226 55671 224.0.0.252 5355 udp - 0.099849 66 0 S0 - - 0 D 2 122 0 0 - f0:4d:a2:47:ba:25 01:00:5e:00:00:fc
|
XXXXXXXXXX.XXXXXX CAnFrb2Cvxr5T7quOc 141.142.220.226 55671 224.0.0.252 5355 udp - 0.099849 66 0 S0 - - 0 D 2 122 0 0 - f0:4d:a2:47:ba:25 01:00:5e:00:00:fc
|
||||||
XXXXXXXXXX.XXXXXX CAnFrb2Cvxr5T7quOc 141.142.220.238 56641 141.142.220.255 137 udp - - - - S0 - - 0 D 1 78 0 0 - 00:23:32:b6:0c:46 ff:ff:ff:ff:ff:ff
|
XXXXXXXXXX.XXXXXX C8rquZ3DjgNW06JGLl 141.142.220.238 56641 141.142.220.255 137 udp - - - - S0 - - 0 D 1 78 0 0 - 00:23:32:b6:0c:46 ff:ff:ff:ff:ff:ff
|
||||||
XXXXXXXXXX.XXXXXX C8rquZ3DjgNW06JGLl fe80::217:f2ff:fed7:cf65 5353 ff02::fb 5353 udp - - - - S0 - - 0 D 1 199 0 0 - 00:17:f2:d7:cf:65 33:33:00:00:00:fb
|
XXXXXXXXXX.XXXXXX ClEkJM2Vm5giqnMf4h fe80::217:f2ff:fed7:cf65 5353 ff02::fb 5353 udp - - - - S0 - - 0 D 1 199 0 0 - 00:17:f2:d7:cf:65 33:33:00:00:00:fb
|
||||||
XXXXXXXXXX.XXXXXX CzrZOtXqhwwndQva3 fe80::3074:17d5:2052:c324 54213 ff02::1:3 5355 udp - 0.099801 66 0 S0 - - 0 D 2 162 0 0 - f0:4d:a2:47:ba:25 33:33:00:01:00:03
|
XXXXXXXXXX.XXXXXX CzrZOtXqhwwndQva3 fe80::3074:17d5:2052:c324 54213 ff02::1:3 5355 udp - 0.099801 66 0 S0 - - 0 D 2 162 0 0 - f0:4d:a2:47:ba:25 33:33:00:01:00:03
|
||||||
XXXXXXXXXX.XXXXXX CaGCc13FffXe6RkQl9 fe80::3074:17d5:2052:c324 65373 ff02::1:3 5355 udp - 0.100096 66 0 S0 - - 0 D 2 162 0 0 - f0:4d:a2:47:ba:25 33:33:00:01:00:03
|
XXXXXXXXXX.XXXXXX CaGCc13FffXe6RkQl9 fe80::3074:17d5:2052:c324 65373 ff02::1:3 5355 udp - 0.100096 66 0 S0 - - 0 D 2 162 0 0 - f0:4d:a2:47:ba:25 33:33:00:01:00:03
|
||||||
#close XXXX-XX-XX-XX-XX-XX
|
#close XXXX-XX-XX-XX-XX-XX
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue