Project

General

Profile

Download (27.8 KB)

Bug #1160 ยป suricata2.log

suricata 2.0 release logfile - jason jones, 04/01/2014 01:48 PM

 
1/4/2014 -- 14:46:37 - <Notice> - This is Suricata version 2.0 RELEASE
1/4/2014 -- 14:46:37 - <Info> - CPUs/cores online: 8
1/4/2014 -- 14:46:37 - <Info> - Live rule reloads enabled
1/4/2014 -- 14:46:37 - <Info> - 'default' server has 'request-body-minimal-inspect-size' set to 33882 and 'request-body-inspect-window' set to 4053 after randomization.
1/4/2014 -- 14:46:37 - <Info> - 'default' server has 'response-body-minimal-inspect-size' set to 33695 and 'response-body-inspect-window' set to 4218 after randomization.
1/4/2014 -- 14:46:37 - <Warning> - [ERRCODE: SC_ERR_DNS_CONFIG(239)] - no DNS UDP config found, enabling DNS detection on port 53.
1/4/2014 -- 14:46:37 - <Info> - DNS request flood protection level: 500
1/4/2014 -- 14:46:37 - <Info> - DNS per flow memcap (state-memcap): 524288
1/4/2014 -- 14:46:37 - <Info> - DNS global memcap: 16777216
1/4/2014 -- 14:46:37 - <Warning> - [ERRCODE: SC_ERR_DNS_CONFIG(239)] - no DNS TCP config found, enabling DNS detection on port 53.
1/4/2014 -- 14:46:37 - <Info> - No 'host-mode': suricata is in IDS mode, using default setting 'sniffer-only'
1/4/2014 -- 14:46:37 - <Info> - AutoFP mode using default "Active Packets" flow load balancer
1/4/2014 -- 14:46:37 - <Info> - preallocated 5000 packets. Total memory 17410000
1/4/2014 -- 14:46:37 - <Info> - allocated 262144 bytes of memory for the host hash... 4096 buckets of size 64
1/4/2014 -- 14:46:37 - <Info> - preallocated 1000 hosts of size 112
1/4/2014 -- 14:46:37 - <Info> - host memory usage: 390144 bytes, maximum: 16777216
1/4/2014 -- 14:46:37 - <Info> - IP reputation disabled
1/4/2014 -- 14:46:37 - <Info> - using magic-file /usr/share/file/magic
1/4/2014 -- 14:46:37 - <Info> - Delayed detect disabled
1/4/2014 -- 14:46:39 - <Warning> - [ERRCODE: SC_ERR_NO_RULES(42)] - No rules loaded from /etc/suricata/rules/etpro-icmp.rules
1/4/2014 -- 14:46:39 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - opening rule file /etc/suricata/rules/etpro-http-events.rules: No such file or directory.
1/4/2014 -- 14:46:39 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - opening rule file /etc/suricata/rules/etpro-smtp-events.rules: No such file or directory.
1/4/2014 -- 14:46:40 - <Info> - 34 rule files processed. 12969 rules successfully loaded, 0 rules failed
1/4/2014 -- 14:46:40 - <Info> - 12977 signatures processed. 7 are IP-only rules, 5929 are inspecting packet payload, 9160 inspect application layer, 72 are decoder event only
1/4/2014 -- 14:46:40 - <Info> - building signature grouping structure, stage 1: preprocessing rules... complete
1/4/2014 -- 14:46:40 - <Info> - building signature grouping structure, stage 2: building source address list... complete
1/4/2014 -- 14:46:49 - <Info> - building signature grouping structure, stage 3: building destination address lists... complete
1/4/2014 -- 14:46:50 - <Info> - Threshold config parsed: 0 rule(s) found
1/4/2014 -- 14:46:50 - <Info> - Core dump size set to unlimited.
1/4/2014 -- 14:46:50 - <Notice> - all 0 packet processing threads, 0 management threads initialized, engine started.
1/4/2014 -- 14:47:10 - <Info> - Unix socket: client version: "0.1"
1/4/2014 -- 14:47:10 - <Info> - Unix socket: client connected
1/4/2014 -- 14:47:16 - <Info> - Added file '/home/jjones/2014-03-04-Hello-EK-traffic.pcap' to list
1/4/2014 -- 14:47:16 - <Info> - Starting run for '/home/jjones/2014-03-04-Hello-EK-traffic.pcap'
1/4/2014 -- 14:47:16 - <Info> - allocated 229376 bytes of memory for the defrag hash... 4096 buckets of size 56
1/4/2014 -- 14:47:16 - <Info> - preallocated 65535 defrag trackers of size 152
1/4/2014 -- 14:47:16 - <Info> - defrag memory usage: 10190696 bytes, maximum: 16777216
1/4/2014 -- 14:47:16 - <Info> - stream "prealloc-sessions": 2048 (per thread)
1/4/2014 -- 14:47:16 - <Info> - stream "memcap": 33554432
1/4/2014 -- 14:47:16 - <Info> - stream "midstream" session pickups: disabled
1/4/2014 -- 14:47:16 - <Info> - stream "async-oneside": disabled
1/4/2014 -- 14:47:16 - <Info> - stream "checksum-validation": disabled
1/4/2014 -- 14:47:16 - <Info> - stream."inline": disabled
1/4/2014 -- 14:47:16 - <Info> - stream "max-synack-queued": 5
1/4/2014 -- 14:47:16 - <Info> - stream.reassembly "memcap": 67108864
1/4/2014 -- 14:47:16 - <Info> - stream.reassembly "depth": 1048576
1/4/2014 -- 14:47:16 - <Info> - stream.reassembly "toserver-chunk-size": 2497
1/4/2014 -- 14:47:16 - <Info> - stream.reassembly "toclient-chunk-size": 2491
1/4/2014 -- 14:47:16 - <Info> - stream.reassembly.raw: enabled
1/4/2014 -- 14:47:16 - <Info> - segment pool: pktsize 4, prealloc 256
1/4/2014 -- 14:47:16 - <Info> - segment pool: pktsize 16, prealloc 512
1/4/2014 -- 14:47:16 - <Info> - segment pool: pktsize 112, prealloc 512
1/4/2014 -- 14:47:16 - <Info> - segment pool: pktsize 248, prealloc 512
1/4/2014 -- 14:47:16 - <Info> - segment pool: pktsize 512, prealloc 512
1/4/2014 -- 14:47:16 - <Info> - segment pool: pktsize 768, prealloc 1024
1/4/2014 -- 14:47:16 - <Info> - segment pool: pktsize 1448, prealloc 1024
1/4/2014 -- 14:47:16 - <Info> - segment pool: pktsize 65535, prealloc 128
1/4/2014 -- 14:47:16 - <Info> - stream.reassembly "chunk-prealloc": 250
1/4/2014 -- 14:47:16 - <Info> - fast output device (regular) initialized: fast.log
1/4/2014 -- 14:47:16 - <Info> - Unified2-alert initialized: filename unified2.alert, limit 32 MB
1/4/2014 -- 14:47:16 - <Info> - http-log output device (regular) initialized: http.log
1/4/2014 -- 14:47:16 - <Info> - Syslog output initialized
1/4/2014 -- 14:47:16 - <Info> - reading pcap file /home/jjones/2014-03-04-Hello-EK-traffic.pcap
1/4/2014 -- 14:47:16 - <Info> - Added file '/home/jjones/AML-13657684.rsrc-59750657.dynamic.pcap' to list
1/4/2014 -- 14:47:16 - <Info> - pcap file end of file reached (pcap err code 0)
1/4/2014 -- 14:47:16 - <Info> - Added file '/home/jjones/AML-13685528.rsrc-60216130.dynamic.pcap' to list
1/4/2014 -- 14:47:16 - <Info> - 0 new flows, 0 established flows were timed out, 0 flows in closed state
1/4/2014 -- 14:47:16 - <Notice> - Pcap-file module read 370 packets, 298928 bytes
1/4/2014 -- 14:47:16 - <Info> - AutoFP - Total flow handler queues - 12
1/4/2014 -- 14:47:16 - <Info> - AutoFP - Queue 0 - pkts: 2 flows: 1
1/4/2014 -- 14:47:16 - <Info> - AutoFP - Queue 1 - pkts: 17 flows: 1
1/4/2014 -- 14:47:16 - <Info> - AutoFP - Queue 2 - pkts: 18 flows: 1
1/4/2014 -- 14:47:16 - <Info> - AutoFP - Queue 3 - pkts: 21 flows: 1
1/4/2014 -- 14:47:16 - <Info> - AutoFP - Queue 4 - pkts: 2 flows: 1
1/4/2014 -- 14:47:16 - <Info> - AutoFP - Queue 5 - pkts: 2 flows: 1
1/4/2014 -- 14:47:16 - <Info> - AutoFP - Queue 6 - pkts: 2 flows: 1
1/4/2014 -- 14:47:16 - <Info> - AutoFP - Queue 7 - pkts: 18 flows: 1
1/4/2014 -- 14:47:16 - <Info> - AutoFP - Queue 8 - pkts: 288 flows: 1
1/4/2014 -- 14:47:16 - <Info> - AutoFP - Queue 9 - pkts: 0 flows: 0
1/4/2014 -- 14:47:16 - <Info> - AutoFP - Queue 10 - pkts: 0 flows: 0
1/4/2014 -- 14:47:16 - <Info> - AutoFP - Queue 11 - pkts: 0 flows: 0
1/4/2014 -- 14:47:16 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:16 - <Info> - Fast log output wrote 6 alerts
1/4/2014 -- 14:47:16 - <Info> - (Detect1) Alerts 6
1/4/2014 -- 14:47:16 - <Info> - Alert unified2 module wrote 6 alerts
1/4/2014 -- 14:47:16 - <Info> - HTTP logger logged 0 requests
1/4/2014 -- 14:47:16 - <Info> - Stream TCP processed 17 TCP packets
1/4/2014 -- 14:47:16 - <Info> - Fast log output wrote 6 alerts
1/4/2014 -- 14:47:16 - <Info> - (Detect2) Alerts 6
1/4/2014 -- 14:47:16 - <Info> - HTTP logger logged 2 requests
1/4/2014 -- 14:47:16 - <Info> - Stream TCP processed 18 TCP packets
1/4/2014 -- 14:47:16 - <Info> - Fast log output wrote 6 alerts
1/4/2014 -- 14:47:16 - <Info> - (Detect3) Alerts 6
1/4/2014 -- 14:47:16 - <Info> - HTTP logger logged 1 requests
1/4/2014 -- 14:47:16 - <Info> - Stream TCP processed 21 TCP packets
1/4/2014 -- 14:47:16 - <Info> - Fast log output wrote 6 alerts
1/4/2014 -- 14:47:16 - <Info> - (Detect4) Alerts 6
1/4/2014 -- 14:47:16 - <Info> - HTTP logger logged 1 requests
1/4/2014 -- 14:47:16 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:16 - <Info> - Fast log output wrote 6 alerts
1/4/2014 -- 14:47:16 - <Info> - (Detect5) Alerts 6
1/4/2014 -- 14:47:16 - <Info> - HTTP logger logged 0 requests
1/4/2014 -- 14:47:16 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:16 - <Info> - Fast log output wrote 6 alerts
1/4/2014 -- 14:47:16 - <Info> - (Detect6) Alerts 6
1/4/2014 -- 14:47:16 - <Info> - HTTP logger logged 0 requests
1/4/2014 -- 14:47:16 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:16 - <Info> - Fast log output wrote 6 alerts
1/4/2014 -- 14:47:16 - <Info> - (Detect7) Alerts 6
1/4/2014 -- 14:47:16 - <Info> - HTTP logger logged 0 requests
1/4/2014 -- 14:47:16 - <Info> - Stream TCP processed 18 TCP packets
1/4/2014 -- 14:47:16 - <Info> - Fast log output wrote 6 alerts
1/4/2014 -- 14:47:16 - <Info> - (Detect8) Alerts 6
1/4/2014 -- 14:47:16 - <Info> - HTTP logger logged 1 requests
1/4/2014 -- 14:47:16 - <Info> - Stream TCP processed 288 TCP packets
1/4/2014 -- 14:47:16 - <Info> - Fast log output wrote 6 alerts
1/4/2014 -- 14:47:16 - <Info> - (Detect9) Alerts 6
1/4/2014 -- 14:47:16 - <Info> - HTTP logger logged 1 requests
1/4/2014 -- 14:47:16 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:16 - <Info> - Fast log output wrote 6 alerts
1/4/2014 -- 14:47:16 - <Info> - (Detect10) Alerts 6
1/4/2014 -- 14:47:16 - <Info> - HTTP logger logged 0 requests
1/4/2014 -- 14:47:16 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:16 - <Info> - Fast log output wrote 6 alerts
1/4/2014 -- 14:47:16 - <Info> - (Detect11) Alerts 6
1/4/2014 -- 14:47:16 - <Info> - HTTP logger logged 0 requests
1/4/2014 -- 14:47:16 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:16 - <Info> - Fast log output wrote 6 alerts
1/4/2014 -- 14:47:16 - <Info> - (Detect12) Alerts 6
1/4/2014 -- 14:47:16 - <Info> - HTTP logger logged 0 requests
1/4/2014 -- 14:47:16 - <Info> - Starting run for '/home/jjones/AML-13657684.rsrc-59750657.dynamic.pcap'
1/4/2014 -- 14:47:16 - <Info> - allocated 229376 bytes of memory for the defrag hash... 4096 buckets of size 56
1/4/2014 -- 14:47:16 - <Info> - preallocated 65535 defrag trackers of size 152
1/4/2014 -- 14:47:16 - <Info> - defrag memory usage: 10190696 bytes, maximum: 16777216
1/4/2014 -- 14:47:16 - <Info> - stream "prealloc-sessions": 2048 (per thread)
1/4/2014 -- 14:47:16 - <Info> - stream "memcap": 33554432
1/4/2014 -- 14:47:16 - <Info> - stream "midstream" session pickups: disabled
1/4/2014 -- 14:47:16 - <Info> - stream "async-oneside": disabled
1/4/2014 -- 14:47:16 - <Info> - stream "checksum-validation": disabled
1/4/2014 -- 14:47:16 - <Info> - stream."inline": disabled
1/4/2014 -- 14:47:16 - <Info> - stream "max-synack-queued": 5
1/4/2014 -- 14:47:16 - <Info> - stream.reassembly "memcap": 67108864
1/4/2014 -- 14:47:16 - <Info> - stream.reassembly "depth": 1048576
1/4/2014 -- 14:47:16 - <Info> - stream.reassembly "toserver-chunk-size": 2497
1/4/2014 -- 14:47:16 - <Info> - stream.reassembly "toclient-chunk-size": 2491
1/4/2014 -- 14:47:16 - <Info> - stream.reassembly.raw: enabled
1/4/2014 -- 14:47:16 - <Info> - segment pool: pktsize 4, prealloc 256
1/4/2014 -- 14:47:16 - <Info> - segment pool: pktsize 16, prealloc 512
1/4/2014 -- 14:47:16 - <Info> - segment pool: pktsize 112, prealloc 512
1/4/2014 -- 14:47:16 - <Info> - segment pool: pktsize 248, prealloc 512
1/4/2014 -- 14:47:16 - <Info> - segment pool: pktsize 512, prealloc 512
1/4/2014 -- 14:47:16 - <Info> - segment pool: pktsize 768, prealloc 1024
1/4/2014 -- 14:47:16 - <Info> - segment pool: pktsize 1448, prealloc 1024
1/4/2014 -- 14:47:16 - <Info> - segment pool: pktsize 65535, prealloc 128
1/4/2014 -- 14:47:16 - <Info> - stream.reassembly "chunk-prealloc": 250
1/4/2014 -- 14:47:16 - <Info> - fast output device (regular) initialized: fast.log
1/4/2014 -- 14:47:16 - <Info> - Unified2-alert initialized: filename unified2.alert, limit 32 MB
1/4/2014 -- 14:47:16 - <Info> - http-log output device (regular) initialized: http.log
1/4/2014 -- 14:47:16 - <Info> - Syslog output initialized
1/4/2014 -- 14:47:16 - <Info> - reading pcap file /home/jjones/AML-13657684.rsrc-59750657.dynamic.pcap
1/4/2014 -- 14:47:16 - <Info> - Added file '/home/jjones/AML-13694010.rsrc-60587531.dynamic.pcap' to list
1/4/2014 -- 14:47:16 - <Info> - pcap file end of file reached (pcap err code 0)
1/4/2014 -- 14:47:18 - <Info> - 0 new flows, 0 established flows were timed out, 0 flows in closed state
1/4/2014 -- 14:47:18 - <Notice> - Pcap-file module read 34 packets, 16993 bytes
1/4/2014 -- 14:47:18 - <Info> - AutoFP - Total flow handler queues - 12
1/4/2014 -- 14:47:18 - <Info> - AutoFP - Queue 0 - pkts: 3 flows: 1
1/4/2014 -- 14:47:18 - <Info> - AutoFP - Queue 1 - pkts: 28 flows: 1
1/4/2014 -- 14:47:18 - <Info> - AutoFP - Queue 2 - pkts: 1 flows: 0
1/4/2014 -- 14:47:18 - <Info> - AutoFP - Queue 3 - pkts: 1 flows: 0
1/4/2014 -- 14:47:18 - <Info> - AutoFP - Queue 4 - pkts: 1 flows: 0
1/4/2014 -- 14:47:18 - <Info> - AutoFP - Queue 5 - pkts: 1 flows: 0
1/4/2014 -- 14:47:18 - <Info> - AutoFP - Queue 6 - pkts: 1 flows: 0
1/4/2014 -- 14:47:18 - <Info> - AutoFP - Queue 7 - pkts: 1 flows: 0
1/4/2014 -- 14:47:18 - <Info> - AutoFP - Queue 8 - pkts: 0 flows: 0
1/4/2014 -- 14:47:18 - <Info> - AutoFP - Queue 9 - pkts: 0 flows: 0
1/4/2014 -- 14:47:18 - <Info> - AutoFP - Queue 10 - pkts: 0 flows: 0
1/4/2014 -- 14:47:18 - <Info> - AutoFP - Queue 11 - pkts: 0 flows: 0
1/4/2014 -- 14:47:18 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:18 - <Info> - Stream TCP processed 27 TCP packets
1/4/2014 -- 14:47:18 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:18 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:18 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:18 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:18 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:18 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:18 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:18 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:18 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:18 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:18 - <Info> - Starting run for '/home/jjones/AML-13685528.rsrc-60216130.dynamic.pcap'
1/4/2014 -- 14:47:18 - <Info> - allocated 229376 bytes of memory for the defrag hash... 4096 buckets of size 56
1/4/2014 -- 14:47:18 - <Info> - preallocated 65535 defrag trackers of size 152
1/4/2014 -- 14:47:18 - <Info> - defrag memory usage: 10190696 bytes, maximum: 16777216
1/4/2014 -- 14:47:18 - <Info> - stream "prealloc-sessions": 2048 (per thread)
1/4/2014 -- 14:47:18 - <Info> - stream "memcap": 33554432
1/4/2014 -- 14:47:18 - <Info> - stream "midstream" session pickups: disabled
1/4/2014 -- 14:47:18 - <Info> - stream "async-oneside": disabled
1/4/2014 -- 14:47:18 - <Info> - stream "checksum-validation": disabled
1/4/2014 -- 14:47:18 - <Info> - stream."inline": disabled
1/4/2014 -- 14:47:18 - <Info> - stream "max-synack-queued": 5
1/4/2014 -- 14:47:18 - <Info> - stream.reassembly "memcap": 67108864
1/4/2014 -- 14:47:18 - <Info> - stream.reassembly "depth": 1048576
1/4/2014 -- 14:47:18 - <Info> - stream.reassembly "toserver-chunk-size": 2553
1/4/2014 -- 14:47:18 - <Info> - stream.reassembly "toclient-chunk-size": 2573
1/4/2014 -- 14:47:18 - <Info> - stream.reassembly.raw: enabled
1/4/2014 -- 14:47:18 - <Info> - segment pool: pktsize 4, prealloc 256
1/4/2014 -- 14:47:18 - <Info> - segment pool: pktsize 16, prealloc 512
1/4/2014 -- 14:47:18 - <Info> - segment pool: pktsize 112, prealloc 512
1/4/2014 -- 14:47:18 - <Info> - segment pool: pktsize 248, prealloc 512
1/4/2014 -- 14:47:18 - <Info> - segment pool: pktsize 512, prealloc 512
1/4/2014 -- 14:47:18 - <Info> - segment pool: pktsize 768, prealloc 1024
1/4/2014 -- 14:47:18 - <Info> - segment pool: pktsize 1448, prealloc 1024
1/4/2014 -- 14:47:18 - <Info> - segment pool: pktsize 65535, prealloc 128
1/4/2014 -- 14:47:18 - <Info> - stream.reassembly "chunk-prealloc": 250
1/4/2014 -- 14:47:18 - <Info> - fast output device (regular) initialized: fast.log
1/4/2014 -- 14:47:18 - <Info> - Unified2-alert initialized: filename unified2.alert, limit 32 MB
1/4/2014 -- 14:47:18 - <Info> - http-log output device (regular) initialized: http.log
1/4/2014 -- 14:47:18 - <Info> - Syslog output initialized
1/4/2014 -- 14:47:18 - <Info> - reading pcap file /home/jjones/AML-13685528.rsrc-60216130.dynamic.pcap
1/4/2014 -- 14:47:18 - <Info> - Added file '/home/jjones/d8ee9cd4d89657117b199b99120a59e0.pcap' to list
1/4/2014 -- 14:47:18 - <Info> - pcap file end of file reached (pcap err code 0)
1/4/2014 -- 14:47:19 - <Info> - 0 new flows, 0 established flows were timed out, 0 flows in closed state
1/4/2014 -- 14:47:19 - <Notice> - Pcap-file module read 17 packets, 1614 bytes
1/4/2014 -- 14:47:19 - <Info> - AutoFP - Total flow handler queues - 12
1/4/2014 -- 14:47:19 - <Info> - AutoFP - Queue 0 - pkts: 3 flows: 2
1/4/2014 -- 14:47:19 - <Info> - AutoFP - Queue 1 - pkts: 8 flows: 1
1/4/2014 -- 14:47:19 - <Info> - AutoFP - Queue 2 - pkts: 1 flows: 1
1/4/2014 -- 14:47:19 - <Info> - AutoFP - Queue 3 - pkts: 7 flows: 1
1/4/2014 -- 14:47:19 - <Info> - AutoFP - Queue 4 - pkts: 0 flows: 0
1/4/2014 -- 14:47:19 - <Info> - AutoFP - Queue 5 - pkts: 0 flows: 0
1/4/2014 -- 14:47:19 - <Info> - AutoFP - Queue 6 - pkts: 0 flows: 0
1/4/2014 -- 14:47:19 - <Info> - AutoFP - Queue 7 - pkts: 0 flows: 0
1/4/2014 -- 14:47:19 - <Info> - AutoFP - Queue 8 - pkts: 0 flows: 0
1/4/2014 -- 14:47:19 - <Info> - AutoFP - Queue 9 - pkts: 0 flows: 0
1/4/2014 -- 14:47:19 - <Info> - AutoFP - Queue 10 - pkts: 0 flows: 0
1/4/2014 -- 14:47:19 - <Info> - AutoFP - Queue 11 - pkts: 0 flows: 0
1/4/2014 -- 14:47:19 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:19 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:19 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:19 - <Info> - Stream TCP processed 7 TCP packets
1/4/2014 -- 14:47:19 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:19 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:19 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:19 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:19 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:19 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:19 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:19 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:19 - <Info> - Starting run for '/home/jjones/AML-13694010.rsrc-60587531.dynamic.pcap'
1/4/2014 -- 14:47:19 - <Info> - allocated 229376 bytes of memory for the defrag hash... 4096 buckets of size 56
1/4/2014 -- 14:47:19 - <Info> - preallocated 65535 defrag trackers of size 152
1/4/2014 -- 14:47:19 - <Info> - defrag memory usage: 10190696 bytes, maximum: 16777216
1/4/2014 -- 14:47:19 - <Info> - stream "prealloc-sessions": 2048 (per thread)
1/4/2014 -- 14:47:19 - <Info> - stream "memcap": 33554432
1/4/2014 -- 14:47:19 - <Info> - stream "midstream" session pickups: disabled
1/4/2014 -- 14:47:19 - <Info> - stream "async-oneside": disabled
1/4/2014 -- 14:47:19 - <Info> - stream "checksum-validation": disabled
1/4/2014 -- 14:47:19 - <Info> - stream."inline": disabled
1/4/2014 -- 14:47:19 - <Info> - stream "max-synack-queued": 5
1/4/2014 -- 14:47:19 - <Info> - stream.reassembly "memcap": 67108864
1/4/2014 -- 14:47:19 - <Info> - stream.reassembly "depth": 1048576
1/4/2014 -- 14:47:19 - <Info> - stream.reassembly "toserver-chunk-size": 2518
1/4/2014 -- 14:47:19 - <Info> - stream.reassembly "toclient-chunk-size": 2680
1/4/2014 -- 14:47:19 - <Info> - stream.reassembly.raw: enabled
1/4/2014 -- 14:47:19 - <Info> - segment pool: pktsize 4, prealloc 256
1/4/2014 -- 14:47:19 - <Info> - segment pool: pktsize 16, prealloc 512
1/4/2014 -- 14:47:19 - <Info> - segment pool: pktsize 112, prealloc 512
1/4/2014 -- 14:47:19 - <Info> - segment pool: pktsize 248, prealloc 512
1/4/2014 -- 14:47:19 - <Info> - segment pool: pktsize 512, prealloc 512
1/4/2014 -- 14:47:19 - <Info> - segment pool: pktsize 768, prealloc 1024
1/4/2014 -- 14:47:19 - <Info> - segment pool: pktsize 1448, prealloc 1024
1/4/2014 -- 14:47:19 - <Info> - segment pool: pktsize 65535, prealloc 128
1/4/2014 -- 14:47:19 - <Info> - stream.reassembly "chunk-prealloc": 250
1/4/2014 -- 14:47:19 - <Info> - fast output device (regular) initialized: fast.log
1/4/2014 -- 14:47:19 - <Info> - Unified2-alert initialized: filename unified2.alert, limit 32 MB
1/4/2014 -- 14:47:19 - <Info> - http-log output device (regular) initialized: http.log
1/4/2014 -- 14:47:19 - <Info> - Syslog output initialized
1/4/2014 -- 14:47:19 - <Info> - reading pcap file /home/jjones/AML-13694010.rsrc-60587531.dynamic.pcap
1/4/2014 -- 14:47:19 - <Info> - pcap file end of file reached (pcap err code 0)
1/4/2014 -- 14:47:20 - <Info> - 0 new flows, 0 established flows were timed out, 0 flows in closed state
1/4/2014 -- 14:47:20 - <Notice> - Pcap-file module read 22 packets, 3035 bytes
1/4/2014 -- 14:47:20 - <Info> - AutoFP - Total flow handler queues - 12
1/4/2014 -- 14:47:20 - <Info> - AutoFP - Queue 0 - pkts: 2 flows: 1
1/4/2014 -- 14:47:20 - <Info> - AutoFP - Queue 1 - pkts: 10 flows: 1
1/4/2014 -- 14:47:20 - <Info> - AutoFP - Queue 2 - pkts: 10 flows: 1
1/4/2014 -- 14:47:20 - <Info> - AutoFP - Queue 3 - pkts: 0 flows: 0
1/4/2014 -- 14:47:20 - <Info> - AutoFP - Queue 4 - pkts: 0 flows: 0
1/4/2014 -- 14:47:20 - <Info> - AutoFP - Queue 5 - pkts: 0 flows: 0
1/4/2014 -- 14:47:20 - <Info> - AutoFP - Queue 6 - pkts: 0 flows: 0
1/4/2014 -- 14:47:20 - <Info> - AutoFP - Queue 7 - pkts: 0 flows: 0
1/4/2014 -- 14:47:20 - <Info> - AutoFP - Queue 8 - pkts: 0 flows: 0
1/4/2014 -- 14:47:20 - <Info> - AutoFP - Queue 9 - pkts: 0 flows: 0
1/4/2014 -- 14:47:20 - <Info> - AutoFP - Queue 10 - pkts: 0 flows: 0
1/4/2014 -- 14:47:20 - <Info> - AutoFP - Queue 11 - pkts: 0 flows: 0
1/4/2014 -- 14:47:20 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:20 - <Info> - Stream TCP processed 10 TCP packets
1/4/2014 -- 14:47:20 - <Info> - Stream TCP processed 10 TCP packets
1/4/2014 -- 14:47:20 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:20 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:20 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:20 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:20 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:20 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:20 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:20 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:20 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:20 - <Info> - Starting run for '/home/jjones/d8ee9cd4d89657117b199b99120a59e0.pcap'
1/4/2014 -- 14:47:20 - <Info> - allocated 229376 bytes of memory for the defrag hash... 4096 buckets of size 56
1/4/2014 -- 14:47:20 - <Info> - preallocated 65535 defrag trackers of size 152
1/4/2014 -- 14:47:20 - <Info> - defrag memory usage: 10190696 bytes, maximum: 16777216
1/4/2014 -- 14:47:20 - <Info> - stream "prealloc-sessions": 2048 (per thread)
1/4/2014 -- 14:47:20 - <Info> - stream "memcap": 33554432
1/4/2014 -- 14:47:20 - <Info> - stream "midstream" session pickups: disabled
1/4/2014 -- 14:47:20 - <Info> - stream "async-oneside": disabled
1/4/2014 -- 14:47:20 - <Info> - stream "checksum-validation": disabled
1/4/2014 -- 14:47:20 - <Info> - stream."inline": disabled
1/4/2014 -- 14:47:20 - <Info> - stream "max-synack-queued": 5
1/4/2014 -- 14:47:20 - <Info> - stream.reassembly "memcap": 67108864
1/4/2014 -- 14:47:20 - <Info> - stream.reassembly "depth": 1048576
1/4/2014 -- 14:47:20 - <Info> - stream.reassembly "toserver-chunk-size": 2479
1/4/2014 -- 14:47:20 - <Info> - stream.reassembly "toclient-chunk-size": 2656
1/4/2014 -- 14:47:20 - <Info> - stream.reassembly.raw: enabled
1/4/2014 -- 14:47:20 - <Info> - segment pool: pktsize 4, prealloc 256
1/4/2014 -- 14:47:20 - <Info> - segment pool: pktsize 16, prealloc 512
1/4/2014 -- 14:47:20 - <Info> - segment pool: pktsize 112, prealloc 512
1/4/2014 -- 14:47:20 - <Info> - segment pool: pktsize 248, prealloc 512
1/4/2014 -- 14:47:20 - <Info> - segment pool: pktsize 512, prealloc 512
1/4/2014 -- 14:47:20 - <Info> - segment pool: pktsize 768, prealloc 1024
1/4/2014 -- 14:47:20 - <Info> - segment pool: pktsize 1448, prealloc 1024
1/4/2014 -- 14:47:20 - <Info> - segment pool: pktsize 65535, prealloc 128
1/4/2014 -- 14:47:20 - <Info> - stream.reassembly "chunk-prealloc": 250
1/4/2014 -- 14:47:20 - <Info> - fast output device (regular) initialized: fast.log
1/4/2014 -- 14:47:20 - <Info> - Unified2-alert initialized: filename unified2.alert, limit 32 MB
1/4/2014 -- 14:47:20 - <Info> - http-log output device (regular) initialized: http.log
1/4/2014 -- 14:47:20 - <Info> - Syslog output initialized
1/4/2014 -- 14:47:20 - <Info> - reading pcap file /home/jjones/d8ee9cd4d89657117b199b99120a59e0.pcap
1/4/2014 -- 14:47:20 - <Info> - pcap file end of file reached (pcap err code 0)
1/4/2014 -- 14:47:21 - <Info> - 0 new flows, 0 established flows were timed out, 0 flows in closed state
1/4/2014 -- 14:47:21 - <Notice> - Pcap-file module read 962 packets, 726387 bytes
1/4/2014 -- 14:47:21 - <Info> - AutoFP - Total flow handler queues - 12
1/4/2014 -- 14:47:21 - <Info> - AutoFP - Queue 0 - pkts: 19 flows: 2
1/4/2014 -- 14:47:21 - <Info> - AutoFP - Queue 1 - pkts: 163 flows: 1
1/4/2014 -- 14:47:21 - <Info> - AutoFP - Queue 2 - pkts: 16 flows: 2
1/4/2014 -- 14:47:21 - <Info> - AutoFP - Queue 3 - pkts: 121 flows: 1
1/4/2014 -- 14:47:21 - <Info> - AutoFP - Queue 4 - pkts: 152 flows: 1
1/4/2014 -- 14:47:21 - <Info> - AutoFP - Queue 5 - pkts: 152 flows: 1
1/4/2014 -- 14:47:21 - <Info> - AutoFP - Queue 6 - pkts: 31 flows: 4
1/4/2014 -- 14:47:21 - <Info> - AutoFP - Queue 7 - pkts: 10 flows: 1
1/4/2014 -- 14:47:21 - <Info> - AutoFP - Queue 8 - pkts: 147 flows: 1
1/4/2014 -- 14:47:21 - <Info> - AutoFP - Queue 9 - pkts: 151 flows: 1
1/4/2014 -- 14:47:21 - <Info> - AutoFP - Queue 10 - pkts: 0 flows: 0
1/4/2014 -- 14:47:21 - <Info> - AutoFP - Queue 11 - pkts: 0 flows: 0
1/4/2014 -- 14:47:21 - <Info> - Stream TCP processed 5 TCP packets
1/4/2014 -- 14:47:21 - <Info> - Stream TCP processed 163 TCP packets
1/4/2014 -- 14:47:21 - <Info> - Stream TCP processed 16 TCP packets
1/4/2014 -- 14:47:21 - <Info> - Stream TCP processed 121 TCP packets
1/4/2014 -- 14:47:21 - <Info> - Stream TCP processed 152 TCP packets
1/4/2014 -- 14:47:21 - <Info> - Stream TCP processed 152 TCP packets
1/4/2014 -- 14:47:21 - <Info> - Stream TCP processed 31 TCP packets
1/4/2014 -- 14:47:21 - <Info> - Stream TCP processed 10 TCP packets
1/4/2014 -- 14:47:21 - <Info> - Stream TCP processed 147 TCP packets
1/4/2014 -- 14:47:21 - <Info> - Stream TCP processed 151 TCP packets
1/4/2014 -- 14:47:21 - <Info> - Stream TCP processed 0 TCP packets
1/4/2014 -- 14:47:21 - <Info> - Stream TCP processed 0 TCP packets
    (1-1/1)