eve.json - Suricata - Open Information Security Foundation

Bug #3216 » eve.json

output from msnms.pcap - Konstantin Klinger, 10/04/2019 01:50 PM

    
    {"timestamp":"2005-05-06T09:20:49.699084+0000","flow_id":1428382490405580,"pcap_cnt":23,"event_type":"alert","src_ip":"192.168.1.14","src_port":1208,"dest_ip":"207.46.108.83","dest_port":1863,"proto":"006","community_id":"1:yP3A0iSFY0F1Jni80fLspQPzzFM=","alert":{"action":"allowed","gid":1,"signature_id":122,"rev":0,"signature":"FOO TCP-PKT","category":"","severity":3},"flow":{"pkts_toserver":1,"pkts_toclient":0,"bytes_toserver":105,"bytes_toclient":0,"start":"2005-05-06T09:20:49.699084+0000"},"payload":"QU5TIDg5IGp1anVyaXVzQG1zbi5jb20gMTExNTM3MTAzOS4xNTg0NSAxNzA2OTY1OA0K","payload_printable":"ANS 89 jujurius@msn.com 1115371039.15845 17069658\r\n","stream":0,"packet":"AA41X7qiAA41hab+CABFAABbCQFAAIAG9GPAqAEOzy5sUwS4B0c4fgkaKju\/61AYRHA92gAAQU5TIDg5IGp1anVyaXVzQG1zbi5jb20gMTExNTM3MTAzOS4xNTg0NSAxNzA2OTY1OA0K","packet_info":{"linktype":1},"pcap_filename":"\/pcaps\/msnms.pcap"}

    {"timestamp":"2005-05-06T09:38:45.784751+0000","flow_id":473503956859247,"pcap_cnt":230,"event_type":"alert","src_ip":"192.168.1.14","src_port":1220,"dest_ip":"207.46.108.150","dest_port":1863,"proto":"006","community_id":"1:sSFo\/PQdkQ9udjZw53qHt3nxyNA=","alert":{"action":"allowed","gid":1,"signature_id":122,"rev":0,"signature":"FOO TCP-PKT","category":"","severity":3},"flow":{"pkts_toserver":1,"pkts_toclient":0,"bytes_toserver":104,"bytes_toclient":0,"start":"2005-05-06T09:38:45.784751+0000"},"payload":"QU5TIDE3NiBqdWp1cml1c0Btc24uY29tIDExMTUzNzIxMTUuMTIzNDUgMTQ1NDYyDQo=","payload_printable":"ANS 176 jujurius@msn.com 1115372115.12345 145462\r\n","stream":0,"packet":"AA41X7qiAA41hab+CABFAABaKvxAAIAG0ibAqAEOzy5slgTEB0eHPkG3JmODnFAYRHB9IgAAQU5TIDE3NiBqdWp1cml1c0Btc24uY29tIDExMTUzNzIxMTUuMTIzNDUgMTQ1NDYyDQo=","packet_info":{"linktype":1},"pcap_filename":"\/pcaps\/msnms.pcap"}

    {"timestamp":"2005-05-06T09:17:57.389967+0000","flow_id":773921805038415,"pcap_cnt":1,"event_type":"alert","src_ip":"192.168.1.14","src_port":1176,"dest_ip":"207.46.108.39","dest_port":1863,"proto":"006","community_id":"1:qCnJrFiKw03MyQ6IG61BOnYOOUA=","alert":{"action":"allowed","gid":1,"signature_id":122,"rev":0,"signature":"FOO TCP-PKT","category":"","severity":3},"flow":{"pkts_toserver":1,"pkts_toclient":0,"bytes_toserver":156,"bytes_toclient":0,"start":"2005-05-06T09:17:57.389967+0000"},"payload":"TVNHIDc3IFUgODkNCk1JTUUtVmVyc2lvbjogMS4wDQpDb250ZW50LVR5cGU6IHRleHQveC1tc21zZ3Njb250cm9sDQpUeXBpbmdVc2VyOiBqdWp1cml1c0Btc24uY29tDQoNCg0K","payload_printable":"MSG 77 U 89\r\nMIME-Version: 1.0\r\nContent-Type: text\/x-msmsgscontrol\r\nTypingUser: jujurius@msn.com\r\n\r\n\r\n","stream":0,"packet":"AA41X7qiAA41hab+CABFAACOCIxAAIAG9NHAqAEOzy5sJwSYB0fhb5AR4QZ9x1AYPu\/QkQAATVNHIDc3IFUgODkNCk1JTUUtVmVyc2lvbjogMS4wDQpDb250ZW50LVR5cGU6IHRleHQveC1tc21zZ3Njb250cm9sDQpUeXBpbmdVc2VyOiBqdWp1cml1c0Btc24uY29tDQoNCg0K","packet_info":{"linktype":1},"pcap_filename":"\/pcaps\/msnms.pcap"}

    {"timestamp":"2005-05-06T09:18:10.533736+0000","flow_id":823434188825832,"pcap_cnt":4,"event_type":"alert","src_ip":"192.168.1.14","src_port":1037,"dest_ip":"207.46.107.149","dest_port":1863,"proto":"006","community_id":"1:J82CLjpU4FuxMW5mAL2u3+nunXo=","alert":{"action":"allowed","gid":1,"signature_id":122,"rev":0,"signature":"FOO TCP-PKT","category":"","severity":3},"flow":{"pkts_toserver":1,"pkts_toclient":0,"bytes_toserver":59,"bytes_toclient":0,"start":"2005-05-06T09:18:10.533736+0000"},"payload":"UE5HDQo=","payload_printable":"PNG\r\n","stream":0,"packet":"AA41X7qiAA41hab+CABFAAAtCI9AAIAG9cHAqAEOzy5rlQQNB0dlQdu9M4d8y1AYQPnUUgAAUE5HDQo=","packet_info":{"linktype":1},"pcap_filename":"\/pcaps\/msnms.pcap"}

    {"timestamp":"2005-05-06T09:18:10.734711+0000","flow_id":823434188825832,"pcap_cnt":5,"event_type":"alert","src_ip":"207.46.107.149","src_port":1863,"dest_ip":"192.168.1.14","dest_port":1037,"proto":"006","community_id":"1:J82CLjpU4FuxMW5mAL2u3+nunXo=","alert":{"action":"allowed","gid":1,"signature_id":122,"rev":0,"signature":"FOO TCP-PKT","category":"","severity":3},"flow":{"pkts_toserver":1,"pkts_toclient":1,"bytes_toserver":59,"bytes_toclient":62,"start":"2005-05-06T09:18:10.533736+0000"},"payload":"UU5HIDQ1DQo=","payload_printable":"QNG 45\r\n","stream":0,"packet":"AA41hab+AA41X7qiCABFAAAwfQEAAGwG1UzPLmuVwKgBDgdHBA0zh3zLZUHbwlAYRGaYiwAAUU5HIDQ1DQo=","packet_info":{"linktype":1},"pcap_filename":"\/pcaps\/msnms.pcap"}

    {"timestamp":"2005-05-06T09:20:49.897865+0000","flow_id":1428382490405580,"pcap_cnt":24,"event_type":"alert","src_ip":"207.46.108.83","src_port":1863,"dest_ip":"192.168.1.14","dest_port":1208,"proto":"006","community_id":"1:yP3A0iSFY0F1Jni80fLspQPzzFM=","alert":{"action":"allowed","gid":1,"signature_id":122,"rev":0,"signature":"FOO TCP-PKT","category":"","severity":3},"flow":{"pkts_toserver":1,"pkts_toclient":1,"bytes_toserver":105,"bytes_toclient":98,"start":"2005-05-06T09:20:49.699084+0000"},"payload":"SVJPIDg5IDEgMSBjZWNpbGUyNjA5OTJAaG90bWFpbC5jb20gY2hvdXBpDQo=","payload_printable":"IRO 89 1 1 cecile260992@hotmail.com choupi\r\n","stream":0,"packet":"AA41hab+AA41X7qiCABFAABUqHkAAG0Gp\/LPLmxTwKgBDgdHBLgqO7\/rOH4JTVAY\/8yoNwAASVJPIDg5IDEgMSBjZWNpbGUyNjA5OTJAaG90bWFpbC5jb20gY2hvdXBpDQo=","packet_info":{"linktype":1},"pcap_filename":"\/pcaps\/msnms.pcap"}

    {"timestamp":"2005-05-06T09:38:45.986422+0000","flow_id":473503956859247,"pcap_cnt":231,"event_type":"alert","src_ip":"207.46.108.150","src_port":1863,"dest_ip":"192.168.1.14","dest_port":1220,"proto":"006","community_id":"1:sSFo\/PQdkQ9udjZw53qHt3nxyNA=","alert":{"action":"allowed","gid":1,"signature_id":122,"rev":0,"signature":"FOO TCP-PKT","category":"","severity":3},"flow":{"pkts_toserver":1,"pkts_toclient":1,"bytes_toserver":104,"bytes_toclient":99,"start":"2005-05-06T09:38:45.784751+0000"},"payload":"SVJPIDE3NiAxIDEgY2VjaWxlMjYwOTkyQGhvdG1haWwuY29tIGNob3VwaQ0K","payload_printable":"IRO 176 1 1 cecile260992@hotmail.com choupi\r\n","stream":0,"packet":"AA41hab+AA41X7qiCABFAABV2WMAAGwGd8TPLmyWwKgBDgdHBMQmY4Ochz5B6VAY\/81seAAASVJPIDE3NiAxIDEgY2VjaWxlMjYwOTkyQGhvdG1haWwuY29tIGNob3VwaQ0K","packet_info":{"linktype":1},"pcap_filename":"\/pcaps\/msnms.pcap"}

    {"timestamp":"2005-05-06T09:32:20.157425+0000","flow_id":1114712484112113,"pcap_cnt":147,"event_type":"alert","src_ip":"192.168.1.14","src_port":1217,"dest_ip":"207.46.108.41","dest_port":1863,"proto":"006","community_id":"1:M+VNSRCoIzJ0j6kgSABsbyRMB6Y=","alert":{"action":"allowed","gid":1,"signature_id":122,"rev":0,"signature":"FOO TCP-PKT","category":"","severity":3},"flow":{"pkts_toserver":1,"pkts_toclient":0,"bytes_toserver":102,"bytes_toclient":0,"start":"2005-05-06T09:32:20.157425+0000"},"payload":"QU5TIDEzMSBqdWp1cml1c0Btc24uY29tIDExMTUzNzE3MjkuOTQ5IDM3Njc3Ng0K","payload_printable":"ANS 131 jujurius@msn.com 1115371729.949 376776\r\n","stream":0,"packet":"AA41X7qiAA41hab+CABFAABYCfBAAIAG86HAqAEOzy5sKQTBB0eA9Zl2vhyTkVAYRHCimwAAQU5TIDEzMSBqdWp1cml1c0Btc24uY29tIDExMTUzNzE3MjkuOTQ5IDM3Njc3Ng0K","packet_info":{"linktype":1},"pcap_filename":"\/pcaps\/msnms.pcap"}

    {"timestamp":"2005-05-06T09:32:20.356161+0000","flow_id":1114712484112113,"pcap_cnt":148,"event_type":"alert","src_ip":"207.46.108.41","src_port":1863,"dest_ip":"192.168.1.14","dest_port":1217,"proto":"006","community_id":"1:M+VNSRCoIzJ0j6kgSABsbyRMB6Y=","alert":{"action":"allowed","gid":1,"signature_id":122,"rev":0,"signature":"FOO TCP-PKT","category":"","severity":3},"flow":{"pkts_toserver":1,"pkts_toclient":1,"bytes_toserver":102,"bytes_toclient":99,"start":"2005-05-06T09:32:20.157425+0000"},"payload":"SVJPIDEzMSAxIDEgY2VjaWxlMjYwOTkyQGhvdG1haWwuY29tIGNob3VwaQ0K","payload_printable":"IRO 131 1 1 cecile260992@hotmail.com choupi\r\n","stream":0,"packet":"AA41hab+AA41X7qiCABFAABVUAcAAG0GAI7PLmwpwKgBDgdHBMG+HJORgPWZplAY\/894xwAASVJPIDEzMSAxIDEgY2VjaWxlMjYwOTkyQGhvdG1haWwuY29tIGNob3VwaQ0K","packet_info":{"linktype":1},"pcap_filename":"\/pcaps\/msnms.pcap"}

    {"timestamp":"2005-05-06T09:42:14.159777+0000","flow_id":2179366196244513,"pcap_cnt":257,"event_type":"alert","src_ip":"192.168.1.14","src_port":1221,"dest_ip":"207.46.108.59","dest_port":1863,"proto":"006","community_id":"1:9h7gkC+SIXSM\/CJ1dJ\/ZyFaTNeo=","alert":{"action":"allowed","gid":1,"signature_id":122,"rev":0,"signature":"FOO TCP-PKT","category":"","severity":3},"flow":{"pkts_toserver":1,"pkts_toclient":0,"bytes_toserver":104,"bytes_toclient":0,"start":"2005-05-06T09:42:14.159777+0000"},"payload":"VVNSIDE3OCBqdWp1cml1c0Btc24uY29tIDI0NjUwMy4xMTE1MzcyMzIzLjIwODc5DQo=","payload_printable":"USR 178 jujurius@msn.com 246503.1115372323.20879\r\n","stream":0,"packet":"AA41X7qiAA41hab+CABFAABaKyxAAIAG0lHAqAEOzy5sOwTFB0eEjmxcEr\/teFAYRHD4IwAAVVNSIDE3OCBqdWp1cml1c0Btc24uY29tIDI0NjUwMy4xMTE1MzcyMzIzLjIwODc5DQo=","packet_info":{"linktype":1},"pcap_filename":"\/pcaps\/msnms.pcap"}

    {"timestamp":"2005-05-06T09:42:14.363589+0000","flow_id":2179366196244513,"pcap_cnt":258,"event_type":"alert","src_ip":"207.46.108.59","src_port":1863,"dest_ip":"192.168.1.14","dest_port":1221,"proto":"006","community_id":"1:9h7gkC+SIXSM\/CJ1dJ\/ZyFaTNeo=","alert":{"action":"allowed","gid":1,"signature_id":122,"rev":0,"signature":"FOO TCP-PKT","category":"","severity":3},"flow":{"pkts_toserver":1,"pkts_toclient":1,"bytes_toserver":104,"bytes_toclient":91,"start":"2005-05-06T09:42:14.159777+0000"},"payload":"VVNSIDE3OCBPSyBqdWp1cml1c0Btc24uY29tIEp1bHkoNikNCg==","payload_printable":"USR 178 OK jujurius@msn.com July(6)\r\n","stream":0,"packet":"AA41hab+AA41X7qiCABFAABN9jkAAG0GWlHPLmw7wKgBDgdHBMUSv+14hI5sjlAY\/82u4QAAVVNSIDE3OCBPSyBqdWp1cml1c0Btc24uY29tIEp1bHkoNikNCg==","packet_info":{"linktype":1},"pcap_filename":"\/pcaps\/msnms.pcap"}

    {"timestamp":"2005-05-06T09:42:14.364705+0000","flow_id":2179366196244513,"pcap_cnt":259,"event_type":"alert","src_ip":"192.168.1.14","src_port":1221,"dest_ip":"207.46.108.59","dest_port":1863,"proto":"006","community_id":"1:9h7gkC+SIXSM\/CJ1dJ\/ZyFaTNeo=","alert":{"action":"allowed","gid":1,"signature_id":2101990,"rev":2,"signature":"GPL CHAT MSN user search","category":"Potential Corporate Privacy Violation","severity":1,"metadata":{"updated_at":["2010_09_23"],"created_at":["2010_09_23"]}},"flow":{"pkts_toserver":2,"pkts_toclient":1,"bytes_toserver":192,"bytes_toclient":91,"start":"2005-05-06T09:42:14.159777+0000"},"payload":"Q0FMIDE3OSBjZWNpbGUyNjA5OTJAaG90bWFpbC5jb20NCg==","payload_printable":"CAL 179 cecile260992@hotmail.com\r\n","stream":0,"packet":"AA41X7qiAA41hab+CABFAABKKy1AAIAG0mDAqAEOzy5sOwTFB0eEjmyOEr\/tnVAYREt2pQAAQ0FMIDE3OSBjZWNpbGUyNjA5OTJAaG90bWFpbC5jb20NCg==","packet_info":{"linktype":1},"pcap_filename":"\/pcaps\/msnms.pcap"}

    {"timestamp":"2005-05-06T09:43:13.717249+0000","flow_id":2179366196244513,"pcap_cnt":278,"event_type":"alert","src_ip":"192.168.1.14","src_port":1221,"dest_ip":"207.46.108.59","dest_port":1863,"proto":"006","community_id":"1:9h7gkC+SIXSM\/CJ1dJ\/ZyFaTNeo=","alert":{"action":"allowed","gid":1,"signature_id":2101990,"rev":2,"signature":"GPL CHAT MSN user search","category":"Potential Corporate Privacy Violation","severity":1,"metadata":{"updated_at":["2010_09_23"],"created_at":["2010_09_23"]}},"flow":{"pkts_toserver":6,"pkts_toclient":14,"bytes_toserver":751,"bytes_toclient":2383,"start":"2005-05-06T09:42:14.159777+0000"},"payload":"Q0FMIDE4MyBjZWNpbGUyNjA5OTJAaG90bWFpbC5jb20NCg==","payload_printable":"CAL 183 cecile260992@hotmail.com\r\n","stream":0,"packet":"AA41X7qiAA41hab+CABFAABKKz9AAIAG0k7AqAEOzy5sOwTFB0eEjm3lEr\/z01AYRFJ1EAAAQ0FMIDE4MyBjZWNpbGUyNjA5OTJAaG90bWFpbC5jb20NCg==","packet_info":{"linktype":1},"pcap_filename":"\/pcaps\/msnms.pcap"}

    {"timestamp":"2005-05-06T09:41:34.765353+0000","flow_id":1428382490405580,"event_type":"flow","src_ip":"192.168.1.14","src_port":1208,"dest_ip":"207.46.108.83","dest_port":1863,"proto":"006","flow":{"pkts_toserver":43,"pkts_toclient":48,"bytes_toserver":7166,"bytes_toclient":9557,"start":"2005-05-06T09:20:49.699084+0000","end":"2005-05-06T09:29:30.833785+0000","age":521,"state":"new","reason":"timeout","alerted":true},"community_id":"1:yP3A0iSFY0F1Jni80fLspQPzzFM=","tcp":{"tcp_flags":"00","tcp_flags_ts":"00","tcp_flags_tc":"00"},"pcap_filename":"\/pcaps\/msnms.pcap"}

    {"timestamp":"2005-05-06T09:41:34.765353+0000","flow_id":1428382490405580,"event_type":"netflow","src_ip":"192.168.1.14","src_port":1208,"dest_ip":"207.46.108.83","dest_port":1863,"proto":"006","netflow":{"pkts":43,"bytes":7166,"start":"2005-05-06T09:20:49.699084+0000","end":"2005-05-06T09:29:30.833785+0000","age":521,"min_ttl":128,"max_ttl":128},"tcp":{"tcp_flags":"00"},"community_id":"1:yP3A0iSFY0F1Jni80fLspQPzzFM=","pcap_filename":"\/pcaps\/msnms.pcap"}

    {"timestamp":"2005-05-06T09:41:34.765353+0000","flow_id":1428382490405580,"event_type":"netflow","src_ip":"207.46.108.83","src_port":1863,"dest_ip":"192.168.1.14","dest_port":1208,"proto":"006","netflow":{"pkts":48,"bytes":9557,"start":"2005-05-06T09:20:49.699084+0000","end":"2005-05-06T09:29:30.833785+0000","age":521,"min_ttl":109,"max_ttl":109},"tcp":{"tcp_flags":"00"},"community_id":"1:yP3A0iSFY0F1Jni80fLspQPzzFM=","pcap_filename":"\/pcaps\/msnms.pcap"}

    {"timestamp":"2005-05-06T09:41:34.765353+0000","flow_id":773921805038415,"event_type":"flow","src_ip":"192.168.1.14","src_port":1176,"dest_ip":"207.46.108.39","dest_port":1863,"proto":"006","flow":{"pkts_toserver":13,"pkts_toclient":0,"bytes_toserver":2202,"bytes_toclient":0,"start":"2005-05-06T09:17:57.389967+0000","end":"2005-05-06T09:19:47.579162+0000","age":110,"state":"new","reason":"timeout","alerted":true},"community_id":"1:qCnJrFiKw03MyQ6IG61BOnYOOUA=","tcp":{"tcp_flags":"00","tcp_flags_ts":"00","tcp_flags_tc":"00"},"pcap_filename":"\/pcaps\/msnms.pcap"}

    {"timestamp":"2005-05-06T09:41:34.765353+0000","flow_id":773921805038415,"event_type":"netflow","src_ip":"192.168.1.14","src_port":1176,"dest_ip":"207.46.108.39","dest_port":1863,"proto":"006","netflow":{"pkts":13,"bytes":2202,"start":"2005-05-06T09:17:57.389967+0000","end":"2005-05-06T09:19:47.579162+0000","age":110,"min_ttl":128,"max_ttl":128},"tcp":{"tcp_flags":"00"},"community_id":"1:qCnJrFiKw03MyQ6IG61BOnYOOUA=","pcap_filename":"\/pcaps\/msnms.pcap"}

    {"timestamp":"2005-05-06T09:41:34.765353+0000","flow_id":1114712484112113,"event_type":"flow","src_ip":"192.168.1.14","src_port":1217,"dest_ip":"207.46.108.41","dest_port":1863,"proto":"006","flow":{"pkts_toserver":46,"pkts_toclient":19,"bytes_toserver":7655,"bytes_toclient":3761,"start":"2005-05-06T09:32:20.157425+0000","end":"2005-05-06T09:37:54.002201+0000","age":334,"state":"new","reason":"timeout","alerted":true},"community_id":"1:M+VNSRCoIzJ0j6kgSABsbyRMB6Y=","tcp":{"tcp_flags":"00","tcp_flags_ts":"00","tcp_flags_tc":"00"},"pcap_filename":"\/pcaps\/msnms.pcap"}

    {"timestamp":"2005-05-06T09:41:34.765353+0000","flow_id":1114712484112113,"event_type":"netflow","src_ip":"192.168.1.14","src_port":1217,"dest_ip":"207.46.108.41","dest_port":1863,"proto":"006","netflow":{"pkts":46,"bytes":7655,"start":"2005-05-06T09:32:20.157425+0000","end":"2005-05-06T09:37:54.002201+0000","age":334,"min_ttl":128,"max_ttl":128},"tcp":{"tcp_flags":"00"},"community_id":"1:M+VNSRCoIzJ0j6kgSABsbyRMB6Y=","pcap_filename":"\/pcaps\/msnms.pcap"}

    {"timestamp":"2005-05-06T09:41:34.765353+0000","flow_id":1114712484112113,"event_type":"netflow","src_ip":"207.46.108.41","src_port":1863,"dest_ip":"192.168.1.14","dest_port":1217,"proto":"006","netflow":{"pkts":19,"bytes":3761,"start":"2005-05-06T09:32:20.157425+0000","end":"2005-05-06T09:37:54.002201+0000","age":334,"min_ttl":109,"max_ttl":109},"tcp":{"tcp_flags":"00"},"community_id":"1:M+VNSRCoIzJ0j6kgSABsbyRMB6Y=","pcap_filename":"\/pcaps\/msnms.pcap"}

    {"timestamp":"2005-05-06T09:41:34.765353+0000","flow_id":473503956859247,"event_type":"flow","src_ip":"192.168.1.14","src_port":1220,"dest_ip":"207.46.108.150","dest_port":1863,"proto":"006","flow":{"pkts_toserver":2,"pkts_toclient":14,"bytes_toserver":163,"bytes_toclient":2737,"start":"2005-05-06T09:38:45.784751+0000","end":"2005-05-06T09:41:34.765353+0000","age":169,"state":"new","reason":"shutdown","alerted":true},"community_id":"1:sSFo\/PQdkQ9udjZw53qHt3nxyNA=","tcp":{"tcp_flags":"00","tcp_flags_ts":"00","tcp_flags_tc":"00"},"pcap_filename":"\/pcaps\/msnms.pcap"}

    {"timestamp":"2005-05-06T09:41:34.765353+0000","flow_id":473503956859247,"event_type":"netflow","src_ip":"192.168.1.14","src_port":1220,"dest_ip":"207.46.108.150","dest_port":1863,"proto":"006","netflow":{"pkts":2,"bytes":163,"start":"2005-05-06T09:38:45.784751+0000","end":"2005-05-06T09:41:34.765353+0000","age":169,"min_ttl":128,"max_ttl":128},"tcp":{"tcp_flags":"00"},"community_id":"1:sSFo\/PQdkQ9udjZw53qHt3nxyNA=","pcap_filename":"\/pcaps\/msnms.pcap"}

    {"timestamp":"2005-05-06T09:41:34.765353+0000","flow_id":473503956859247,"event_type":"netflow","src_ip":"207.46.108.150","src_port":1863,"dest_ip":"192.168.1.14","dest_port":1220,"proto":"006","netflow":{"pkts":14,"bytes":2737,"start":"2005-05-06T09:38:45.784751+0000","end":"2005-05-06T09:41:34.765353+0000","age":169,"min_ttl":108,"max_ttl":108},"tcp":{"tcp_flags":"00"},"community_id":"1:sSFo\/PQdkQ9udjZw53qHt3nxyNA=","pcap_filename":"\/pcaps\/msnms.pcap"}

    {"timestamp":"2005-05-06T09:41:34.765353+0000","flow_id":2179366196244513,"event_type":"flow","src_ip":"192.168.1.14","src_port":1221,"dest_ip":"207.46.108.59","dest_port":1863,"proto":"006","flow":{"pkts_toserver":43,"pkts_toclient":40,"bytes_toserver":7062,"bytes_toclient":7349,"start":"2005-05-06T09:42:14.159777+0000","end":"2005-05-06T09:50:55.968551+0000","age":521,"state":"new","reason":"shutdown","alerted":true},"community_id":"1:9h7gkC+SIXSM\/CJ1dJ\/ZyFaTNeo=","tcp":{"tcp_flags":"00","tcp_flags_ts":"00","tcp_flags_tc":"00"},"pcap_filename":"\/pcaps\/msnms.pcap"}

    {"timestamp":"2005-05-06T09:41:34.765353+0000","flow_id":2179366196244513,"event_type":"netflow","src_ip":"192.168.1.14","src_port":1221,"dest_ip":"207.46.108.59","dest_port":1863,"proto":"006","netflow":{"pkts":43,"bytes":7062,"start":"2005-05-06T09:42:14.159777+0000","end":"2005-05-06T09:50:55.968551+0000","age":521,"min_ttl":128,"max_ttl":128},"tcp":{"tcp_flags":"00"},"community_id":"1:9h7gkC+SIXSM\/CJ1dJ\/ZyFaTNeo=","pcap_filename":"\/pcaps\/msnms.pcap"}

    {"timestamp":"2005-05-06T09:41:34.765353+0000","flow_id":2179366196244513,"event_type":"netflow","src_ip":"207.46.108.59","src_port":1863,"dest_ip":"192.168.1.14","dest_port":1221,"proto":"006","netflow":{"pkts":40,"bytes":7349,"start":"2005-05-06T09:42:14.159777+0000","end":"2005-05-06T09:50:55.968551+0000","age":521,"min_ttl":109,"max_ttl":109},"tcp":{"tcp_flags":"00"},"community_id":"1:9h7gkC+SIXSM\/CJ1dJ\/ZyFaTNeo=","pcap_filename":"\/pcaps\/msnms.pcap"}

    {"timestamp":"2005-05-06T09:41:34.765353+0000","flow_id":823434188825832,"event_type":"flow","src_ip":"192.168.1.14","src_port":1037,"dest_ip":"207.46.107.149","dest_port":1863,"proto":"006","flow":{"pkts_toserver":41,"pkts_toclient":55,"bytes_toserver":2425,"bytes_toclient":6426,"start":"2005-05-06T09:18:10.533736+0000","end":"2005-05-06T09:50:45.795161+0000","age":1955,"state":"new","reason":"shutdown","alerted":true},"community_id":"1:J82CLjpU4FuxMW5mAL2u3+nunXo=","tcp":{"tcp_flags":"00","tcp_flags_ts":"00","tcp_flags_tc":"00"},"pcap_filename":"\/pcaps\/msnms.pcap"}

    {"timestamp":"2005-05-06T09:41:34.765353+0000","flow_id":823434188825832,"event_type":"netflow","src_ip":"192.168.1.14","src_port":1037,"dest_ip":"207.46.107.149","dest_port":1863,"proto":"006","netflow":{"pkts":41,"bytes":2425,"start":"2005-05-06T09:18:10.533736+0000","end":"2005-05-06T09:50:45.795161+0000","age":1955,"min_ttl":128,"max_ttl":128},"tcp":{"tcp_flags":"00"},"community_id":"1:J82CLjpU4FuxMW5mAL2u3+nunXo=","pcap_filename":"\/pcaps\/msnms.pcap"}

    {"timestamp":"2005-05-06T09:41:34.765353+0000","flow_id":823434188825832,"event_type":"netflow","src_ip":"207.46.107.149","src_port":1863,"dest_ip":"192.168.1.14","dest_port":1037,"proto":"006","netflow":{"pkts":55,"bytes":6426,"start":"2005-05-06T09:18:10.533736+0000","end":"2005-05-06T09:50:45.795161+0000","age":1955,"min_ttl":108,"max_ttl":108},"tcp":{"tcp_flags":"00"},"community_id":"1:J82CLjpU4FuxMW5mAL2u3+nunXo=","pcap_filename":"\/pcaps\/msnms.pcap"}

    {"timestamp":"2019-10-02T05:32:10.280524+0000","event_type":"stats","stats":{"uptime":14,"decoder":{"pkts":364,"pkts_delta":364,"bytes":56503,"bytes_delta":56503,"invalid":0,"invalid_delta":0,"ipv4":364,"ipv4_delta":364,"ipv6":0,"ipv6_delta":0,"ethernet":364,"ethernet_delta":364,"raw":0,"raw_delta":0,"null":0,"null_delta":0,"sll":0,"sll_delta":0,"tcp":364,"tcp_delta":364,"udp":0,"udp_delta":0,"sctp":0,"sctp_delta":0,"icmpv4":0,"icmpv4_delta":0,"icmpv6":0,"icmpv6_delta":0,"ppp":0,"ppp_delta":0,"pppoe":0,"pppoe_delta":0,"gre":0,"gre_delta":0,"vlan":0,"vlan_delta":0,"vlan_qinq":0,"vlan_qinq_delta":0,"ieee8021ah":0,"ieee8021ah_delta":0,"teredo":0,"teredo_delta":0,"ipv4_in_ipv6":0,"ipv4_in_ipv6_delta":0,"ipv6_in_ipv6":0,"ipv6_in_ipv6_delta":0,"mpls":0,"mpls_delta":0,"avg_pkt_size":155,"avg_pkt_size_delta":155,"max_pkt_size":551,"max_pkt_size_delta":551,"erspan":0,"erspan_delta":0,"event":{"ipv4":{"pkt_too_small":0,"pkt_too_small_delta":0,"hlen_too_small":0,"hlen_too_small_delta":0,"iplen_smaller_than_hlen":0,"iplen_smaller_than_hlen_delta":0,"trunc_pkt":0,"trunc_pkt_delta":0,"opt_invalid":0,"opt_invalid_delta":0,"opt_invalid_len":0,"opt_invalid_len_delta":0,"opt_malformed":0,"opt_malformed_delta":0,"opt_pad_required":0,"opt_pad_required_delta":0,"opt_eol_required":0,"opt_eol_required_delta":0,"opt_duplicate":0,"opt_duplicate_delta":0,"opt_unknown":0,"opt_unknown_delta":0,"wrong_ip_version":0,"wrong_ip_version_delta":0,"icmpv6":0,"icmpv6_delta":0,"frag_pkt_too_large":0,"frag_pkt_too_large_delta":0,"frag_overlap":0,"frag_overlap_delta":0,"frag_ignored":0,"frag_ignored_delta":0},"icmpv4":{"pkt_too_small":0,"pkt_too_small_delta":0,"unknown_type":0,"unknown_type_delta":0,"unknown_code":0,"unknown_code_delta":0,"ipv4_trunc_pkt":0,"ipv4_trunc_pkt_delta":0,"ipv4_unknown_ver":0,"ipv4_unknown_ver_delta":0},"icmpv6":{"unknown_type":0,"unknown_type_delta":0,"unknown_code":0,"unknown_code_delta":0,"pkt_too_small":0,"pkt_too_small_delta":0,"ipv6_unknown_version":0,"ipv6_unknown_version_delta":0,"ipv6_trunc_pkt":0,"ipv6_trunc_pkt_delta":0,"mld_message_with_invalid_hl":0,"mld_message_with_invalid_hl_delta":0,"unassigned_type":0,"unassigned_type_delta":0,"experimentation_type":0,"experimentation_type_delta":0},"ipv6":{"pkt_too_small":0,"pkt_too_small_delta":0,"trunc_pkt":0,"trunc_pkt_delta":0,"trunc_exthdr":0,"trunc_exthdr_delta":0,"exthdr_dupl_fh":0,"exthdr_dupl_fh_delta":0,"exthdr_useless_fh":0,"exthdr_useless_fh_delta":0,"exthdr_dupl_rh":0,"exthdr_dupl_rh_delta":0,"exthdr_dupl_hh":0,"exthdr_dupl_hh_delta":0,"exthdr_dupl_dh":0,"exthdr_dupl_dh_delta":0,"exthdr_dupl_ah":0,"exthdr_dupl_ah_delta":0,"exthdr_dupl_eh":0,"exthdr_dupl_eh_delta":0,"exthdr_invalid_optlen":0,"exthdr_invalid_optlen_delta":0,"wrong_ip_version":0,"wrong_ip_version_delta":0,"exthdr_ah_res_not_null":0,"exthdr_ah_res_not_null_delta":0,"hopopts_unknown_opt":0,"hopopts_unknown_opt_delta":0,"hopopts_only_padding":0,"hopopts_only_padding_delta":0,"dstopts_unknown_opt":0,"dstopts_unknown_opt_delta":0,"dstopts_only_padding":0,"dstopts_only_padding_delta":0,"rh_type_0":0,"rh_type_0_delta":0,"zero_len_padn":0,"zero_len_padn_delta":0,"fh_non_zero_reserved_field":0,"fh_non_zero_reserved_field_delta":0,"data_after_none_header":0,"data_after_none_header_delta":0,"unknown_next_header":0,"unknown_next_header_delta":0,"icmpv4":0,"icmpv4_delta":0,"frag_pkt_too_large":0,"frag_pkt_too_large_delta":0,"frag_overlap":0,"frag_overlap_delta":0,"frag_ignored":0,"frag_ignored_delta":0,"ipv4_in_ipv6_too_small":0,"ipv4_in_ipv6_too_small_delta":0,"ipv4_in_ipv6_wrong_version":0,"ipv4_in_ipv6_wrong_version_delta":0,"ipv6_in_ipv6_too_small":0,"ipv6_in_ipv6_too_small_delta":0,"ipv6_in_ipv6_wrong_version":0,"ipv6_in_ipv6_wrong_version_delta":0},"tcp":{"pkt_too_small":0,"pkt_too_small_delta":0,"hlen_too_small":0,"hlen_too_small_delta":0,"invalid_optlen":0,"invalid_optlen_delta":0,"opt_invalid_len":0,"opt_invalid_len_delta":0,"opt_duplicate":0,"opt_duplicate_delta":0},"udp":{"pkt_too_small":0,"pkt_too_small_delta":0,"hlen_too_small":0,"hlen_too_small_delta":0,"hlen_invalid":0,"hlen_invalid_delta":0},"sll":{"pkt_too_small":0,"pkt_too_small_delta":0},"ethernet":{"pkt_too_small":0,"pkt_too_small_delta":0},"ppp":{"pkt_too_small":0,"pkt_too_small_delta":0,"vju_pkt_too_small":0,"vju_pkt_too_small_delta":0,"ip4_pkt_too_small":0,"ip4_pkt_too_small_delta":0,"ip6_pkt_too_small":0,"ip6_pkt_too_small_delta":0,"wrong_type":0,"wrong_type_delta":0,"unsup_proto":0,"unsup_proto_delta":0},"pppoe":{"pkt_too_small":0,"pkt_too_small_delta":0,"wrong_code":0,"wrong_code_delta":0,"malformed_tags":0,"malformed_tags_delta":0},"gre":{"pkt_too_small":0,"pkt_too_small_delta":0,"wrong_version":0,"wrong_version_delta":0,"version0_recur":0,"version0_recur_delta":0,"version0_flags":0,"version0_flags_delta":0,"version0_hdr_too_big":0,"version0_hdr_too_big_delta":0,"version0_malformed_sre_hdr":0,"version0_malformed_sre_hdr_delta":0,"version1_chksum":0,"version1_chksum_delta":0,"version1_route":0,"version1_route_delta":0,"version1_ssr":0,"version1_ssr_delta":0,"version1_recur":0,"version1_recur_delta":0,"version1_flags":0,"version1_flags_delta":0,"version1_no_key":0,"version1_no_key_delta":0,"version1_wrong_protocol":0,"version1_wrong_protocol_delta":0,"version1_malformed_sre_hdr":0,"version1_malformed_sre_hdr_delta":0,"version1_hdr_too_big":0,"version1_hdr_too_big_delta":0},"vlan":{"header_too_small":0,"header_too_small_delta":0,"unknown_type":0,"unknown_type_delta":0,"too_many_layers":0,"too_many_layers_delta":0},"ieee8021ah":{"header_too_small":0,"header_too_small_delta":0},"ipraw":{"invalid_ip_version":0,"invalid_ip_version_delta":0},"ltnull":{"pkt_too_small":0,"pkt_too_small_delta":0,"unsupported_type":0,"unsupported_type_delta":0},"sctp":{"pkt_too_small":0,"pkt_too_small_delta":0},"mpls":{"header_too_small":0,"header_too_small_delta":0,"pkt_too_small":0,"pkt_too_small_delta":0,"bad_label_router_alert":0,"bad_label_router_alert_delta":0,"bad_label_implicit_null":0,"bad_label_implicit_null_delta":0,"bad_label_reserved":0,"bad_label_reserved_delta":0,"unknown_payload_type":0,"unknown_payload_type_delta":0},"erspan":{"header_too_small":0,"header_too_small_delta":0,"unsupported_version":0,"unsupported_version_delta":0,"too_many_vlan_layers":0,"too_many_vlan_layers_delta":0}},"dce":{"pkt_too_small":0,"pkt_too_small_delta":0}},"flow":{"memcap":0,"memcap_delta":0,"tcp":6,"tcp_delta":6,"udp":0,"udp_delta":0,"icmpv4":0,"icmpv4_delta":0,"icmpv6":0,"icmpv6_delta":0,"spare":10000,"spare_delta":10000,"emerg_mode_entered":0,"emerg_mode_entered_delta":0,"emerg_mode_over":0,"emerg_mode_over_delta":0,"tcp_reuse":0,"tcp_reuse_delta":0,"memuse":7236128,"memuse_delta":7236128},"defrag":{"ipv4":{"fragments":0,"fragments_delta":0,"reassembled":0,"reassembled_delta":0,"timeouts":0,"timeouts_delta":0},"ipv6":{"fragments":0,"fragments_delta":0,"reassembled":0,"reassembled_delta":0,"timeouts":0,"timeouts_delta":0},"max_frag_hits":0,"max_frag_hits_delta":0},"stream":{"3whs_ack_in_wrong_dir":0,"3whs_ack_in_wrong_dir_delta":0,"3whs_async_wrong_seq":0,"3whs_async_wrong_seq_delta":0,"3whs_right_seq_wrong_ack_evasion":0,"3whs_right_seq_wrong_ack_evasion_delta":0,"3whs_synack_in_wrong_direction":0,"3whs_synack_in_wrong_direction_delta":0,"3whs_synack_resend_with_diff_ack":0,"3whs_synack_resend_with_diff_ack_delta":0,"3whs_synack_resend_with_diff_seq":0,"3whs_synack_resend_with_diff_seq_delta":0,"3whs_synack_toserver_on_syn_recv":0,"3whs_synack_toserver_on_syn_recv_delta":0,"3whs_synack_with_wrong_ack":0,"3whs_synack_with_wrong_ack_delta":0,"3whs_synack_flood":0,"3whs_synack_flood_delta":0,"3whs_syn_resend_diff_seq_on_syn_recv":0,"3whs_syn_resend_diff_seq_on_syn_recv_delta":0,"3whs_syn_toclient_on_syn_recv":0,"3whs_syn_toclient_on_syn_recv_delta":0,"3whs_wrong_seq_wrong_ack":0,"3whs_wrong_seq_wrong_ack_delta":0,"3whs_ack_data_inject":0,"3whs_ack_data_inject_delta":0,"4whs_synack_with_wrong_ack":0,"4whs_synack_with_wrong_ack_delta":0,"4whs_synack_with_wrong_syn":0,"4whs_synack_with_wrong_syn_delta":0,"4whs_wrong_seq":0,"4whs_wrong_seq_delta":0,"4whs_invalid_ack":0,"4whs_invalid_ack_delta":0,"closewait_ack_out_of_window":0,"closewait_ack_out_of_window_delta":0,"closewait_fin_out_of_window":0,"closewait_fin_out_of_window_delta":0,"closewait_pkt_before_last_ack":0,"closewait_pkt_before_last_ack_delta":0,"closewait_invalid_ack":0,"closewait_invalid_ack_delta":0,"closing_ack_wrong_seq":0,"closing_ack_wrong_seq_delta":0,"closing_invalid_ack":0,"closing_invalid_ack_delta":0,"est_packet_out_of_window":0,"est_packet_out_of_window_delta":0,"est_pkt_before_last_ack":0,"est_pkt_before_last_ack_delta":0,"est_synack_resend":0,"est_synack_resend_delta":0,"est_synack_resend_with_diff_ack":0,"est_synack_resend_with_diff_ack_delta":0,"est_synack_resend_with_diff_seq":0,"est_synack_resend_with_diff_seq_delta":0,"est_synack_toserver":0,"est_synack_toserver_delta":0,"est_syn_resend":0,"est_syn_resend_delta":0,"est_syn_resend_diff_seq":0,"est_syn_resend_diff_seq_delta":0,"est_syn_toclient":0,"est_syn_toclient_delta":0,"est_invalid_ack":0,"est_invalid_ack_delta":0,"fin_invalid_ack":0,"fin_invalid_ack_delta":0,"fin1_ack_wrong_seq":0,"fin1_ack_wrong_seq_delta":0,"fin1_fin_wrong_seq":0,"fin1_fin_wrong_seq_delta":0,"fin1_invalid_ack":0,"fin1_invalid_ack_delta":0,"fin2_ack_wrong_seq":0,"fin2_ack_wrong_seq_delta":0,"fin2_fin_wrong_seq":0,"fin2_fin_wrong_seq_delta":0,"fin2_invalid_ack":0,"fin2_invalid_ack_delta":0,"fin_but_no_session":0,"fin_but_no_session_delta":0,"fin_out_of_window":0,"fin_out_of_window_delta":0,"lastack_ack_wrong_seq":0,"lastack_ack_wrong_seq_delta":0,"lastack_invalid_ack":0,"lastack_invalid_ack_delta":0,"rst_but_no_session":0,"rst_but_no_session_delta":0,"timewait_ack_wrong_seq":0,"timewait_ack_wrong_seq_delta":0,"timewait_invalid_ack":0,"timewait_invalid_ack_delta":0,"shutdown_syn_resend":0,"shutdown_syn_resend_delta":0,"pkt_invalid_timestamp":0,"pkt_invalid_timestamp_delta":0,"pkt_invalid_ack":0,"pkt_invalid_ack_delta":0,"pkt_broken_ack":0,"pkt_broken_ack_delta":0,"rst_invalid_ack":0,"rst_invalid_ack_delta":0,"pkt_retransmission":0,"pkt_retransmission_delta":0,"pkt_bad_window_update":0,"pkt_bad_window_update_delta":0,"suspected_rst_inject":0,"suspected_rst_inject_delta":0,"wrong_thread":0,"wrong_thread_delta":0,"reassembly_segment_before_base_seq":0,"reassembly_segment_before_base_seq_delta":0,"reassembly_no_segment":0,"reassembly_no_segment_delta":0,"reassembly_seq_gap":0,"reassembly_seq_gap_delta":0,"reassembly_overlap_different_data":0,"reassembly_overlap_different_data_delta":0},"tcp":{"sessions":0,"sessions_delta":0,"ssn_memcap_drop":0,"ssn_memcap_drop_delta":0,"pseudo":0,"pseudo_delta":0,"pseudo_failed":0,"pseudo_failed_delta":0,"invalid_checksum":0,"invalid_checksum_delta":0,"no_flow":0,"no_flow_delta":0,"syn":0,"syn_delta":0,"synack":0,"synack_delta":0,"rst":0,"rst_delta":0,"midstream_pickups":0,"midstream_pickups_delta":0,"pkt_on_wrong_thread":0,"pkt_on_wrong_thread_delta":0,"segment_memcap_drop":0,"segment_memcap_drop_delta":0,"stream_depth_reached":0,"stream_depth_reached_delta":0,"reassembly_gap":0,"reassembly_gap_delta":0,"overlap":0,"overlap_delta":0,"overlap_diff_data":0,"overlap_diff_data_delta":0,"insert_data_normal_fail":0,"insert_data_normal_fail_delta":0,"insert_data_overlap_fail":0,"insert_data_overlap_fail_delta":0,"insert_list_fail":0,"insert_list_fail_delta":0,"memuse":4587520,"memuse_delta":4587520,"reassembly_memuse":786432,"reassembly_memuse_delta":786432},"detect":{"engines":[{"id":0,"last_reload":"2019-10-02T05:32:10.214936+0000","rules_loaded":19231,"rules_failed":0}],"alert":13,"alert_delta":13},"file_store":{"open_files_max_hit":0,"open_files_max_hit_delta":0,"fs_errors":0,"fs_errors_delta":0,"open_files":0,"open_files_delta":0},"app_layer":{"flow":{"http":0,"http_delta":0,"ftp":0,"ftp_delta":0,"smtp":0,"smtp_delta":0,"tls":0,"tls_delta":0,"ssh":0,"ssh_delta":0,"imap":0,"imap_delta":0,"msn":0,"msn_delta":0,"smb":0,"smb_delta":0,"dcerpc_tcp":0,"dcerpc_tcp_delta":0,"dns_tcp":0,"dns_tcp_delta":0,"modbus":0,"modbus_delta":0,"enip_tcp":0,"enip_tcp_delta":0,"dnp3":0,"dnp3_delta":0,"nfs_tcp":0,"nfs_tcp_delta":0,"ntp":0,"ntp_delta":0,"ftp-data":0,"ftp-data_delta":0,"tftp":0,"tftp_delta":0,"ikev2":0,"ikev2_delta":0,"krb5_tcp":0,"krb5_tcp_delta":0,"dhcp":0,"dhcp_delta":0,"failed_tcp":0,"failed_tcp_delta":0,"dcerpc_udp":0,"dcerpc_udp_delta":0,"dns_udp":0,"dns_udp_delta":0,"enip_udp":0,"enip_udp_delta":0,"nfs_udp":0,"nfs_udp_delta":0,"krb5_udp":0,"krb5_udp_delta":0,"failed_udp":0,"failed_udp_delta":0},"tx":{"http":0,"http_delta":0,"ftp":0,"ftp_delta":0,"smtp":0,"smtp_delta":0,"tls":0,"tls_delta":0,"ssh":0,"ssh_delta":0,"smb":0,"smb_delta":0,"dcerpc_tcp":0,"dcerpc_tcp_delta":0,"dns_tcp":0,"dns_tcp_delta":0,"modbus":0,"modbus_delta":0,"enip_tcp":0,"enip_tcp_delta":0,"dnp3":0,"dnp3_delta":0,"nfs_tcp":0,"nfs_tcp_delta":0,"ftp-data":0,"ftp-data_delta":0,"krb5_tcp":0,"krb5_tcp_delta":0,"dcerpc_udp":0,"dcerpc_udp_delta":0,"dns_udp":0,"dns_udp_delta":0,"enip_udp":0,"enip_udp_delta":0,"nfs_udp":0,"nfs_udp_delta":0,"ntp":0,"ntp_delta":0,"tftp":0,"tftp_delta":0,"ikev2":0,"ikev2_delta":0,"krb5_udp":0,"krb5_udp_delta":0,"dhcp":0,"dhcp_delta":0},"expectations":0,"expectations_delta":0},"flow_mgr":{"closed_pruned":0,"closed_pruned_delta":0,"new_pruned":3,"new_pruned_delta":3,"est_pruned":0,"est_pruned_delta":0,"bypassed_pruned":0,"bypassed_pruned_delta":0,"flows_checked":6,"flows_checked_delta":6,"flows_notimeout":3,"flows_notimeout_delta":3,"flows_timeout":3,"flows_timeout_delta":3,"flows_timeout_inuse":0,"flows_timeout_inuse_delta":0,"flows_removed":3,"flows_removed_delta":3,"rows_checked":65536,"rows_checked_delta":65536,"rows_skipped":65530,"rows_skipped_delta":65530,"rows_empty":0,"rows_empty_delta":0,"rows_busy":0,"rows_busy_delta":0,"rows_maxlen":1,"rows_maxlen_delta":1},"dns":{"memuse":0,"memuse_delta":0,"memcap_state":0,"memcap_state_delta":0,"memcap_global":0,"memcap_global_delta":0},"http":{"memuse":0,"memuse_delta":0,"memcap":0,"memcap_delta":0},"ftp":{"memuse":0,"memuse_delta":0,"memcap":0,"memcap_delta":0},"threads":{"RX#01":{"decoder":{"pkts":364,"pkts_delta":364,"bytes":56503,"bytes_delta":56503,"invalid":0,"invalid_delta":0,"ipv4":364,"ipv4_delta":364,"ipv6":0,"ipv6_delta":0,"ethernet":364,"ethernet_delta":364,"raw":0,"raw_delta":0,"null":0,"null_delta":0,"sll":0,"sll_delta":0,"tcp":364,"tcp_delta":364,"udp":0,"udp_delta":0,"sctp":0,"sctp_delta":0,"icmpv4":0,"icmpv4_delta":0,"icmpv6":0,"icmpv6_delta":0,"ppp":0,"ppp_delta":0,"pppoe":0,"pppoe_delta":0,"gre":0,"gre_delta":0,"vlan":0,"vlan_delta":0,"vlan_qinq":0,"vlan_qinq_delta":0,"ieee8021ah":0,"ieee8021ah_delta":0,"teredo":0,"teredo_delta":0,"ipv4_in_ipv6":0,"ipv4_in_ipv6_delta":0,"ipv6_in_ipv6":0,"ipv6_in_ipv6_delta":0,"mpls":0,"mpls_delta":0,"avg_pkt_size":155,"avg_pkt_size_delta":155,"max_pkt_size":551,"max_pkt_size_delta":551,"erspan":0,"erspan_delta":0,"event":{"ipv4":{"pkt_too_small":0,"pkt_too_small_delta":0,"hlen_too_small":0,"hlen_too_small_delta":0,"iplen_smaller_than_hlen":0,"iplen_smaller_than_hlen_delta":0,"trunc_pkt":0,"trunc_pkt_delta":0,"opt_invalid":0,"opt_invalid_delta":0,"opt_invalid_len":0,"opt_invalid_len_delta":0,"opt_malformed":0,"opt_malformed_delta":0,"opt_pad_required":0,"opt_pad_required_delta":0,"opt_eol_required":0,"opt_eol_required_delta":0,"opt_duplicate":0,"opt_duplicate_delta":0,"opt_unknown":0,"opt_unknown_delta":0,"wrong_ip_version":0,"wrong_ip_version_delta":0,"icmpv6":0,"icmpv6_delta":0,"frag_pkt_too_large":0,"frag_pkt_too_large_delta":0,"frag_overlap":0,"frag_overlap_delta":0,"frag_ignored":0,"frag_ignored_delta":0},"icmpv4":{"pkt_too_small":0,"pkt_too_small_delta":0,"unknown_type":0,"unknown_type_delta":0,"unknown_code":0,"unknown_code_delta":0,"ipv4_trunc_pkt":0,"ipv4_trunc_pkt_delta":0,"ipv4_unknown_ver":0,"ipv4_unknown_ver_delta":0},"icmpv6":{"unknown_type":0,"unknown_type_delta":0,"unknown_code":0,"unknown_code_delta":0,"pkt_too_small":0,"pkt_too_small_delta":0,"ipv6_unknown_version":0,"ipv6_unknown_version_delta":0,"ipv6_trunc_pkt":0,"ipv6_trunc_pkt_delta":0,"mld_message_with_invalid_hl":0,"mld_message_with_invalid_hl_delta":0,"unassigned_type":0,"unassigned_type_delta":0,"experimentation_type":0,"experimentation_type_delta":0},"ipv6":{"pkt_too_small":0,"pkt_too_small_delta":0,"trunc_pkt":0,"trunc_pkt_delta":0,"trunc_exthdr":0,"trunc_exthdr_delta":0,"exthdr_dupl_fh":0,"exthdr_dupl_fh_delta":0,"exthdr_useless_fh":0,"exthdr_useless_fh_delta":0,"exthdr_dupl_rh":0,"exthdr_dupl_rh_delta":0,"exthdr_dupl_hh":0,"exthdr_dupl_hh_delta":0,"exthdr_dupl_dh":0,"exthdr_dupl_dh_delta":0,"exthdr_dupl_ah":0,"exthdr_dupl_ah_delta":0,"exthdr_dupl_eh":0,"exthdr_dupl_eh_delta":0,"exthdr_invalid_optlen":0,"exthdr_invalid_optlen_delta":0,"wrong_ip_version":0,"wrong_ip_version_delta":0,"exthdr_ah_res_not_null":0,"exthdr_ah_res_not_null_delta":0,"hopopts_unknown_opt":0,"hopopts_unknown_opt_delta":0,"hopopts_only_padding":0,"hopopts_only_padding_delta":0,"dstopts_unknown_opt":0,"dstopts_unknown_opt_delta":0,"dstopts_only_padding":0,"dstopts_only_padding_delta":0,"rh_type_0":0,"rh_type_0_delta":0,"zero_len_padn":0,"zero_len_padn_delta":0,"fh_non_zero_reserved_field":0,"fh_non_zero_reserved_field_delta":0,"data_after_none_header":0,"data_after_none_header_delta":0,"unknown_next_header":0,"unknown_next_header_delta":0,"icmpv4":0,"icmpv4_delta":0,"frag_pkt_too_large":0,"frag_pkt_too_large_delta":0,"frag_overlap":0,"frag_overlap_delta":0,"frag_ignored":0,"frag_ignored_delta":0,"ipv4_in_ipv6_too_small":0,"ipv4_in_ipv6_too_small_delta":0,"ipv4_in_ipv6_wrong_version":0,"ipv4_in_ipv6_wrong_version_delta":0,"ipv6_in_ipv6_too_small":0,"ipv6_in_ipv6_too_small_delta":0,"ipv6_in_ipv6_wrong_version":0,"ipv6_in_ipv6_wrong_version_delta":0},"tcp":{"pkt_too_small":0,"pkt_too_small_delta":0,"hlen_too_small":0,"hlen_too_small_delta":0,"invalid_optlen":0,"invalid_optlen_delta":0,"opt_invalid_len":0,"opt_invalid_len_delta":0,"opt_duplicate":0,"opt_duplicate_delta":0},"udp":{"pkt_too_small":0,"pkt_too_small_delta":0,"hlen_too_small":0,"hlen_too_small_delta":0,"hlen_invalid":0,"hlen_invalid_delta":0},"sll":{"pkt_too_small":0,"pkt_too_small_delta":0},"ethernet":{"pkt_too_small":0,"pkt_too_small_delta":0},"ppp":{"pkt_too_small":0,"pkt_too_small_delta":0,"vju_pkt_too_small":0,"vju_pkt_too_small_delta":0,"ip4_pkt_too_small":0,"ip4_pkt_too_small_delta":0,"ip6_pkt_too_small":0,"ip6_pkt_too_small_delta":0,"wrong_type":0,"wrong_type_delta":0,"unsup_proto":0,"unsup_proto_delta":0},"pppoe":{"pkt_too_small":0,"pkt_too_small_delta":0,"wrong_code":0,"wrong_code_delta":0,"malformed_tags":0,"malformed_tags_delta":0},"gre":{"pkt_too_small":0,"pkt_too_small_delta":0,"wrong_version":0,"wrong_version_delta":0,"version0_recur":0,"version0_recur_delta":0,"version0_flags":0,"version0_flags_delta":0,"version0_hdr_too_big":0,"version0_hdr_too_big_delta":0,"version0_malformed_sre_hdr":0,"version0_malformed_sre_hdr_delta":0,"version1_chksum":0,"version1_chksum_delta":0,"version1_route":0,"version1_route_delta":0,"version1_ssr":0,"version1_ssr_delta":0,"version1_recur":0,"version1_recur_delta":0,"version1_flags":0,"version1_flags_delta":0,"version1_no_key":0,"version1_no_key_delta":0,"version1_wrong_protocol":0,"version1_wrong_protocol_delta":0,"version1_malformed_sre_hdr":0,"version1_malformed_sre_hdr_delta":0,"version1_hdr_too_big":0,"version1_hdr_too_big_delta":0},"vlan":{"header_too_small":0,"header_too_small_delta":0,"unknown_type":0,"unknown_type_delta":0,"too_many_layers":0,"too_many_layers_delta":0},"ieee8021ah":{"header_too_small":0,"header_too_small_delta":0},"ipraw":{"invalid_ip_version":0,"invalid_ip_version_delta":0},"ltnull":{"pkt_too_small":0,"pkt_too_small_delta":0,"unsupported_type":0,"unsupported_type_delta":0},"sctp":{"pkt_too_small":0,"pkt_too_small_delta":0},"mpls":{"header_too_small":0,"header_too_small_delta":0,"pkt_too_small":0,"pkt_too_small_delta":0,"bad_label_router_alert":0,"bad_label_router_alert_delta":0,"bad_label_implicit_null":0,"bad_label_implicit_null_delta":0,"bad_label_reserved":0,"bad_label_reserved_delta":0,"unknown_payload_type":0,"unknown_payload_type_delta":0},"erspan":{"header_too_small":0,"header_too_small_delta":0,"unsupported_version":0,"unsupported_version_delta":0,"too_many_vlan_layers":0,"too_many_vlan_layers_delta":0}},"dce":{"pkt_too_small":0,"pkt_too_small_delta":0}},"flow":{"memcap":0,"memcap_delta":0,"tcp":0,"tcp_delta":0,"udp":0,"udp_delta":0,"icmpv4":0,"icmpv4_delta":0,"icmpv6":0,"icmpv6_delta":0},"defrag":{"ipv4":{"fragments":0,"fragments_delta":0,"reassembled":0,"reassembled_delta":0,"timeouts":0,"timeouts_delta":0},"ipv6":{"fragments":0,"fragments_delta":0,"reassembled":0,"reassembled_delta":0,"timeouts":0,"timeouts_delta":0},"max_frag_hits":0,"max_frag_hits_delta":0},"stream":{"3whs_ack_in_wrong_dir":0,"3whs_ack_in_wrong_dir_delta":0,"3whs_async_wrong_seq":0,"3whs_async_wrong_seq_delta":0,"3whs_right_seq_wrong_ack_evasion":0,"3whs_right_seq_wrong_ack_evasion_delta":0,"3whs_synack_in_wrong_direction":0,"3whs_synack_in_wrong_direction_delta":0,"3whs_synack_resend_with_diff_ack":0,"3whs_synack_resend_with_diff_ack_delta":0,"3whs_synack_resend_with_diff_seq":0,"3whs_synack_resend_with_diff_seq_delta":0,"3whs_synack_toserver_on_syn_recv":0,"3whs_synack_toserver_on_syn_recv_delta":0,"3whs_synack_with_wrong_ack":0,"3whs_synack_with_wrong_ack_delta":0,"3whs_synack_flood":0,"3whs_synack_flood_delta":0,"3whs_syn_resend_diff_seq_on_syn_recv":0,"3whs_syn_resend_diff_seq_on_syn_recv_delta":0,"3whs_syn_toclient_on_syn_recv":0,"3whs_syn_toclient_on_syn_recv_delta":0,"3whs_wrong_seq_wrong_ack":0,"3whs_wrong_seq_wrong_ack_delta":0,"3whs_ack_data_inject":0,"3whs_ack_data_inject_delta":0,"4whs_synack_with_wrong_ack":0,"4whs_synack_with_wrong_ack_delta":0,"4whs_synack_with_wrong_syn":0,"4whs_synack_with_wrong_syn_delta":0,"4whs_wrong_seq":0,"4whs_wrong_seq_delta":0,"4whs_invalid_ack":0,"4whs_invalid_ack_delta":0,"closewait_ack_out_of_window":0,"closewait_ack_out_of_window_delta":0,"closewait_fin_out_of_window":0,"closewait_fin_out_of_window_delta":0,"closewait_pkt_before_last_ack":0,"closewait_pkt_before_last_ack_delta":0,"closewait_invalid_ack":0,"closewait_invalid_ack_delta":0,"closing_ack_wrong_seq":0,"closing_ack_wrong_seq_delta":0,"closing_invalid_ack":0,"closing_invalid_ack_delta":0,"est_packet_out_of_window":0,"est_packet_out_of_window_delta":0,"est_pkt_before_last_ack":0,"est_pkt_before_last_ack_delta":0,"est_synack_resend":0,"est_synack_resend_delta":0,"est_synack_resend_with_diff_ack":0,"est_synack_resend_with_diff_ack_delta":0,"est_synack_resend_with_diff_seq":0,"est_synack_resend_with_diff_seq_delta":0,"est_synack_toserver":0,"est_synack_toserver_delta":0,"est_syn_resend":0,"est_syn_resend_delta":0,"est_syn_resend_diff_seq":0,"est_syn_resend_diff_seq_delta":0,"est_syn_toclient":0,"est_syn_toclient_delta":0,"est_invalid_ack":0,"est_invalid_ack_delta":0,"fin_invalid_ack":0,"fin_invalid_ack_delta":0,"fin1_ack_wrong_seq":0,"fin1_ack_wrong_seq_delta":0,"fin1_fin_wrong_seq":0,"fin1_fin_wrong_seq_delta":0,"fin1_invalid_ack":0,"fin1_invalid_ack_delta":0,"fin2_ack_wrong_seq":0,"fin2_ack_wrong_seq_delta":0,"fin2_fin_wrong_seq":0,"fin2_fin_wrong_seq_delta":0,"fin2_invalid_ack":0,"fin2_invalid_ack_delta":0,"fin_but_no_session":0,"fin_but_no_session_delta":0,"fin_out_of_window":0,"fin_out_of_window_delta":0,"lastack_ack_wrong_seq":0,"lastack_ack_wrong_seq_delta":0,"lastack_invalid_ack":0,"lastack_invalid_ack_delta":0,"rst_but_no_session":0,"rst_but_no_session_delta":0,"timewait_ack_wrong_seq":0,"timewait_ack_wrong_seq_delta":0,"timewait_invalid_ack":0,"timewait_invalid_ack_delta":0,"shutdown_syn_resend":0,"shutdown_syn_resend_delta":0,"pkt_invalid_timestamp":0,"pkt_invalid_timestamp_delta":0,"pkt_invalid_ack":0,"pkt_invalid_ack_delta":0,"pkt_broken_ack":0,"pkt_broken_ack_delta":0,"rst_invalid_ack":0,"rst_invalid_ack_delta":0,"pkt_retransmission":0,"pkt_retransmission_delta":0,"pkt_bad_window_update":0,"pkt_bad_window_update_delta":0,"suspected_rst_inject":0,"suspected_rst_inject_delta":0,"wrong_thread":0,"wrong_thread_delta":0,"reassembly_segment_before_base_seq":0,"reassembly_segment_before_base_seq_delta":0,"reassembly_no_segment":0,"reassembly_no_segment_delta":0,"reassembly_seq_gap":0,"reassembly_seq_gap_delta":0,"reassembly_overlap_different_data":0,"reassembly_overlap_different_data_delta":0}},"W#01":{"decoder":{"pkts":0,"pkts_delta":0,"bytes":0,"bytes_delta":0,"invalid":0,"invalid_delta":0,"ipv4":0,"ipv4_delta":0,"ipv6":0,"ipv6_delta":0,"ethernet":0,"ethernet_delta":0,"raw":0,"raw_delta":0,"null":0,"null_delta":0,"sll":0,"sll_delta":0,"tcp":0,"tcp_delta":0,"udp":0,"udp_delta":0,"sctp":0,"sctp_delta":0,"icmpv4":0,"icmpv4_delta":0,"icmpv6":0,"icmpv6_delta":0,"ppp":0,"ppp_delta":0,"pppoe":0,"pppoe_delta":0,"gre":0,"gre_delta":0,"vlan":0,"vlan_delta":0,"vlan_qinq":0,"vlan_qinq_delta":0,"ieee8021ah":0,"ieee8021ah_delta":0,"teredo":0,"teredo_delta":0,"ipv4_in_ipv6":0,"ipv4_in_ipv6_delta":0,"ipv6_in_ipv6":0,"ipv6_in_ipv6_delta":0,"mpls":0,"mpls_delta":0,"avg_pkt_size":0,"avg_pkt_size_delta":0,"max_pkt_size":0,"max_pkt_size_delta":0,"erspan":0,"erspan_delta":0,"event":{"ipv4":{"pkt_too_small":0,"pkt_too_small_delta":0,"hlen_too_small":0,"hlen_too_small_delta":0,"iplen_smaller_than_hlen":0,"iplen_smaller_than_hlen_delta":0,"trunc_pkt":0,"trunc_pkt_delta":0,"opt_invalid":0,"opt_invalid_delta":0,"opt_invalid_len":0,"opt_invalid_len_delta":0,"opt_malformed":0,"opt_malformed_delta":0,"opt_pad_required":0,"opt_pad_required_delta":0,"opt_eol_required":0,"opt_eol_required_delta":0,"opt_duplicate":0,"opt_duplicate_delta":0,"opt_unknown":0,"opt_unknown_delta":0,"wrong_ip_version":0,"wrong_ip_version_delta":0,"icmpv6":0,"icmpv6_delta":0,"frag_pkt_too_large":0,"frag_pkt_too_large_delta":0,"frag_overlap":0,"frag_overlap_delta":0,"frag_ignored":0,"frag_ignored_delta":0},"icmpv4":{"pkt_too_small":0,"pkt_too_small_delta":0,"unknown_type":0,"unknown_type_delta":0,"unknown_code":0,"unknown_code_delta":0,"ipv4_trunc_pkt":0,"ipv4_trunc_pkt_delta":0,"ipv4_unknown_ver":0,"ipv4_unknown_ver_delta":0},"icmpv6":{"unknown_type":0,"unknown_type_delta":0,"unknown_code":0,"unknown_code_delta":0,"pkt_too_small":0,"pkt_too_small_delta":0,"ipv6_unknown_version":0,"ipv6_unknown_version_delta":0,"ipv6_trunc_pkt":0,"ipv6_trunc_pkt_delta":0,"mld_message_with_invalid_hl":0,"mld_message_with_invalid_hl_delta":0,"unassigned_type":0,"unassigned_type_delta":0,"experimentation_type":0,"experimentation_type_delta":0},"ipv6":{"pkt_too_small":0,"pkt_too_small_delta":0,"trunc_pkt":0,"trunc_pkt_delta":0,"trunc_exthdr":0,"trunc_exthdr_delta":0,"exthdr_dupl_fh":0,"exthdr_dupl_fh_delta":0,"exthdr_useless_fh":0,"exthdr_useless_fh_delta":0,"exthdr_dupl_rh":0,"exthdr_dupl_rh_delta":0,"exthdr_dupl_hh":0,"exthdr_dupl_hh_delta":0,"exthdr_dupl_dh":0,"exthdr_dupl_dh_delta":0,"exthdr_dupl_ah":0,"exthdr_dupl_ah_delta":0,"exthdr_dupl_eh":0,"exthdr_dupl_eh_delta":0,"exthdr_invalid_optlen":0,"exthdr_invalid_optlen_delta":0,"wrong_ip_version":0,"wrong_ip_version_delta":0,"exthdr_ah_res_not_null":0,"exthdr_ah_res_not_null_delta":0,"hopopts_unknown_opt":0,"hopopts_unknown_opt_delta":0,"hopopts_only_padding":0,"hopopts_only_padding_delta":0,"dstopts_unknown_opt":0,"dstopts_unknown_opt_delta":0,"dstopts_only_padding":0,"dstopts_only_padding_delta":0,"rh_type_0":0,"rh_type_0_delta":0,"zero_len_padn":0,"zero_len_padn_delta":0,"fh_non_zero_reserved_field":0,"fh_non_zero_reserved_field_delta":0,"data_after_none_header":0,"data_after_none_header_delta":0,"unknown_next_header":0,"unknown_next_header_delta":0,"icmpv4":0,"icmpv4_delta":0,"frag_pkt_too_large":0,"frag_pkt_too_large_delta":0,"frag_overlap":0,"frag_overlap_delta":0,"frag_ignored":0,"frag_ignored_delta":0,"ipv4_in_ipv6_too_small":0,"ipv4_in_ipv6_too_small_delta":0,"ipv4_in_ipv6_wrong_version":0,"ipv4_in_ipv6_wrong_version_delta":0,"ipv6_in_ipv6_too_small":0,"ipv6_in_ipv6_too_small_delta":0,"ipv6_in_ipv6_wrong_version":0,"ipv6_in_ipv6_wrong_version_delta":0},"tcp":{"pkt_too_small":0,"pkt_too_small_delta":0,"hlen_too_small":0,"hlen_too_small_delta":0,"invalid_optlen":0,"invalid_optlen_delta":0,"opt_invalid_len":0,"opt_invalid_len_delta":0,"opt_duplicate":0,"opt_duplicate_delta":0},"udp":{"pkt_too_small":0,"pkt_too_small_delta":0,"hlen_too_small":0,"hlen_too_small_delta":0,"hlen_invalid":0,"hlen_invalid_delta":0},"sll":{"pkt_too_small":0,"pkt_too_small_delta":0},"ethernet":{"pkt_too_small":0,"pkt_too_small_delta":0},"ppp":{"pkt_too_small":0,"pkt_too_small_delta":0,"vju_pkt_too_small":0,"vju_pkt_too_small_delta":0,"ip4_pkt_too_small":0,"ip4_pkt_too_small_delta":0,"ip6_pkt_too_small":0,"ip6_pkt_too_small_delta":0,"wrong_type":0,"wrong_type_delta":0,"unsup_proto":0,"unsup_proto_delta":0},"pppoe":{"pkt_too_small":0,"pkt_too_small_delta":0,"wrong_code":0,"wrong_code_delta":0,"malformed_tags":0,"malformed_tags_delta":0},"gre":{"pkt_too_small":0,"pkt_too_small_delta":0,"wrong_version":0,"wrong_version_delta":0,"version0_recur":0,"version0_recur_delta":0,"version0_flags":0,"version0_flags_delta":0,"version0_hdr_too_big":0,"version0_hdr_too_big_delta":0,"version0_malformed_sre_hdr":0,"version0_malformed_sre_hdr_delta":0,"version1_chksum":0,"version1_chksum_delta":0,"version1_route":0,"version1_route_delta":0,"version1_ssr":0,"version1_ssr_delta":0,"version1_recur":0,"version1_recur_delta":0,"version1_flags":0,"version1_flags_delta":0,"version1_no_key":0,"version1_no_key_delta":0,"version1_wrong_protocol":0,"version1_wrong_protocol_delta":0,"version1_malformed_sre_hdr":0,"version1_malformed_sre_hdr_delta":0,"version1_hdr_too_big":0,"version1_hdr_too_big_delta":0},"vlan":{"header_too_small":0,"header_too_small_delta":0,"unknown_type":0,"unknown_type_delta":0,"too_many_layers":0,"too_many_layers_delta":0},"ieee8021ah":{"header_too_small":0,"header_too_small_delta":0},"ipraw":{"invalid_ip_version":0,"invalid_ip_version_delta":0},"ltnull":{"pkt_too_small":0,"pkt_too_small_delta":0,"unsupported_type":0,"unsupported_type_delta":0},"sctp":{"pkt_too_small":0,"pkt_too_small_delta":0},"mpls":{"header_too_small":0,"header_too_small_delta":0,"pkt_too_small":0,"pkt_too_small_delta":0,"bad_label_router_alert":0,"bad_label_router_alert_delta":0,"bad_label_implicit_null":0,"bad_label_implicit_null_delta":0,"bad_label_reserved":0,"bad_label_reserved_delta":0,"unknown_payload_type":0,"unknown_payload_type_delta":0},"erspan":{"header_too_small":0,"header_too_small_delta":0,"unsupported_version":0,"unsupported_version_delta":0,"too_many_vlan_layers":0,"too_many_vlan_layers_delta":0}},"dce":{"pkt_too_small":0,"pkt_too_small_delta":0}},"flow":{"memcap":0,"memcap_delta":0,"tcp":0,"tcp_delta":0,"udp":0,"udp_delta":0,"icmpv4":0,"icmpv4_delta":0,"icmpv6":0,"icmpv6_delta":0},"defrag":{"ipv4":{"fragments":0,"fragments_delta":0,"reassembled":0,"reassembled_delta":0,"timeouts":0,"timeouts_delta":0},"ipv6":{"fragments":0,"fragments_delta":0,"reassembled":0,"reassembled_delta":0,"timeouts":0,"timeouts_delta":0},"max_frag_hits":0,"max_frag_hits_delta":0},"stream":{"3whs_ack_in_wrong_dir":0,"3whs_ack_in_wrong_dir_delta":0,"3whs_async_wrong_seq":0,"3whs_async_wrong_seq_delta":0,"3whs_right_seq_wrong_ack_evasion":0,"3whs_right_seq_wrong_ack_evasion_delta":0,"3whs_synack_in_wrong_direction":0,"3whs_synack_in_wrong_direction_delta":0,"3whs_synack_resend_with_diff_ack":0,"3whs_synack_resend_with_diff_ack_delta":0,"3whs_synack_resend_with_diff_seq":0,"3whs_synack_resend_with_diff_seq_delta":0,"3whs_synack_toserver_on_syn_recv":0,"3whs_synack_toserver_on_syn_recv_delta":0,"3whs_synack_with_wrong_ack":0,"3whs_synack_with_wrong_ack_delta":0,"3whs_synack_flood":0,"3whs_synack_flood_delta":0,"3whs_syn_resend_diff_seq_on_syn_recv":0,"3whs_syn_resend_diff_seq_on_syn_recv_delta":0,"3whs_syn_toclient_on_syn_recv":0,"3whs_syn_toclient_on_syn_recv_delta":0,"3whs_wrong_seq_wrong_ack":0,"3whs_wrong_seq_wrong_ack_delta":0,"3whs_ack_data_inject":0,"3whs_ack_data_inject_delta":0,"4whs_synack_with_wrong_ack":0,"4whs_synack_with_wrong_ack_delta":0,"4whs_synack_with_wrong_syn":0,"4whs_synack_with_wrong_syn_delta":0,"4whs_wrong_seq":0,"4whs_wrong_seq_delta":0,"4whs_invalid_ack":0,"4whs_invalid_ack_delta":0,"closewait_ack_out_of_window":0,"closewait_ack_out_of_window_delta":0,"closewait_fin_out_of_window":0,"closewait_fin_out_of_window_delta":0,"closewait_pkt_before_last_ack":0,"closewait_pkt_before_last_ack_delta":0,"closewait_invalid_ack":0,"closewait_invalid_ack_delta":0,"closing_ack_wrong_seq":0,"closing_ack_wrong_seq_delta":0,"closing_invalid_ack":0,"closing_invalid_ack_delta":0,"est_packet_out_of_window":0,"est_packet_out_of_window_delta":0,"est_pkt_before_last_ack":0,"est_pkt_before_last_ack_delta":0,"est_synack_resend":0,"est_synack_resend_delta":0,"est_synack_resend_with_diff_ack":0,"est_synack_resend_with_diff_ack_delta":0,"est_synack_resend_with_diff_seq":0,"est_synack_resend_with_diff_seq_delta":0,"est_synack_toserver":0,"est_synack_toserver_delta":0,"est_syn_resend":0,"est_syn_resend_delta":0,"est_syn_resend_diff_seq":0,"est_syn_resend_diff_seq_delta":0,"est_syn_toclient":0,"est_syn_toclient_delta":0,"est_invalid_ack":0,"est_invalid_ack_delta":0,"fin_invalid_ack":0,"fin_invalid_ack_delta":0,"fin1_ack_wrong_seq":0,"fin1_ack_wrong_seq_delta":0,"fin1_fin_wrong_seq":0,"fin1_fin_wrong_seq_delta":0,"fin1_invalid_ack":0,"fin1_invalid_ack_delta":0,"fin2_ack_wrong_seq":0,"fin2_ack_wrong_seq_delta":0,"fin2_fin_wrong_seq":0,"fin2_fin_wrong_seq_delta":0,"fin2_invalid_ack":0,"fin2_invalid_ack_delta":0,"fin_but_no_session":0,"fin_but_no_session_delta":0,"fin_out_of_window":0,"fin_out_of_window_delta":0,"lastack_ack_wrong_seq":0,"lastack_ack_wrong_seq_delta":0,"lastack_invalid_ack":0,"lastack_invalid_ack_delta":0,"rst_but_no_session":0,"rst_but_no_session_delta":0,"timewait_ack_wrong_seq":0,"timewait_ack_wrong_seq_delta":0,"timewait_invalid_ack":0,"timewait_invalid_ack_delta":0,"shutdown_syn_resend":0,"shutdown_syn_resend_delta":0,"pkt_invalid_timestamp":0,"pkt_invalid_timestamp_delta":0,"pkt_invalid_ack":0,"pkt_invalid_ack_delta":0,"pkt_broken_ack":0,"pkt_broken_ack_delta":0,"rst_invalid_ack":0,"rst_invalid_ack_delta":0,"pkt_retransmission":0,"pkt_retransmission_delta":0,"pkt_bad_window_update":0,"pkt_bad_window_update_delta":0,"suspected_rst_inject":0,"suspected_rst_inject_delta":0,"wrong_thread":0,"wrong_thread_delta":0,"reassembly_segment_before_base_seq":0,"reassembly_segment_before_base_seq_delta":0,"reassembly_no_segment":0,"reassembly_no_segment_delta":0,"reassembly_seq_gap":0,"reassembly_seq_gap_delta":0,"reassembly_overlap_different_data":0,"reassembly_overlap_different_data_delta":0},"tcp":{"sessions":0,"sessions_delta":0,"ssn_memcap_drop":0,"ssn_memcap_drop_delta":0,"pseudo":0,"pseudo_delta":0,"pseudo_failed":0,"pseudo_failed_delta":0,"invalid_checksum":0,"invalid_checksum_delta":0,"no_flow":0,"no_flow_delta":0,"syn":0,"syn_delta":0,"synack":0,"synack_delta":0,"rst":0,"rst_delta":0,"midstream_pickups":0,"midstream_pickups_delta":0,"pkt_on_wrong_thread":0,"pkt_on_wrong_thread_delta":0,"segment_memcap_drop":0,"segment_memcap_drop_delta":0,"stream_depth_reached":0,"stream_depth_reached_delta":0,"reassembly_gap":0,"reassembly_gap_delta":0,"overlap":0,"overlap_delta":0,"overlap_diff_data":0,"overlap_diff_data_delta":0,"insert_data_normal_fail":0,"insert_data_normal_fail_delta":0,"insert_data_overlap_fail":0,"insert_data_overlap_fail_delta":0,"insert_list_fail":0,"insert_list_fail_delta":0},"detect":{"engines":[{"id":0,"last_reload":"2019-10-02T05:32:10.214936+0000","rules_loaded":19231,"rules_failed":0}],"alert":0,"alert_delta":0},"file_store":{"open_files_max_hit":0,"open_files_max_hit_delta":0,"fs_errors":0,"fs_errors_delta":0},"app_layer":{"flow":{"http":0,"http_delta":0,"ftp":0,"ftp_delta":0,"smtp":0,"smtp_delta":0,"tls":0,"tls_delta":0,"ssh":0,"ssh_delta":0,"imap":0,"imap_delta":0,"msn":0,"msn_delta":0,"smb":0,"smb_delta":0,"dcerpc_tcp":0,"dcerpc_tcp_delta":0,"dns_tcp":0,"dns_tcp_delta":0,"modbus":0,"modbus_delta":0,"enip_tcp":0,"enip_tcp_delta":0,"dnp3":0,"dnp3_delta":0,"nfs_tcp":0,"nfs_tcp_delta":0,"ntp":0,"ntp_delta":0,"ftp-data":0,"ftp-data_delta":0,"tftp":0,"tftp_delta":0,"ikev2":0,"ikev2_delta":0,"krb5_tcp":0,"krb5_tcp_delta":0,"dhcp":0,"dhcp_delta":0,"failed_tcp":0,"failed_tcp_delta":0,"dcerpc_udp":0,"dcerpc_udp_delta":0,"dns_udp":0,"dns_udp_delta":0,"enip_udp":0,"enip_udp_delta":0,"nfs_udp":0,"nfs_udp_delta":0,"krb5_udp":0,"krb5_udp_delta":0,"failed_udp":0,"failed_udp_delta":0},"tx":{"http":0,"http_delta":0,"ftp":0,"ftp_delta":0,"smtp":0,"smtp_delta":0,"tls":0,"tls_delta":0,"ssh":0,"ssh_delta":0,"smb":0,"smb_delta":0,"dcerpc_tcp":0,"dcerpc_tcp_delta":0,"dns_tcp":0,"dns_tcp_delta":0,"modbus":0,"modbus_delta":0,"enip_tcp":0,"enip_tcp_delta":0,"dnp3":0,"dnp3_delta":0,"nfs_tcp":0,"nfs_tcp_delta":0,"ftp-data":0,"ftp-data_delta":0,"krb5_tcp":0,"krb5_tcp_delta":0,"dcerpc_udp":0,"dcerpc_udp_delta":0,"dns_udp":0,"dns_udp_delta":0,"enip_udp":0,"enip_udp_delta":0,"nfs_udp":0,"nfs_udp_delta":0,"ntp":0,"ntp_delta":0,"tftp":0,"tftp_delta":0,"ikev2":0,"ikev2_delta":0,"krb5_udp":0,"krb5_udp_delta":0,"dhcp":0,"dhcp_delta":0}}},"W#02":{"decoder":{"pkts":0,"pkts_delta":0,"bytes":0,"bytes_delta":0,"invalid":0,"invalid_delta":0,"ipv4":0,"ipv4_delta":0,"ipv6":0,"ipv6_delta":0,"ethernet":0,"ethernet_delta":0,"raw":0,"raw_delta":0,"null":0,"null_delta":0,"sll":0,"sll_delta":0,"tcp":0,"tcp_delta":0,"udp":0,"udp_delta":0,"sctp":0,"sctp_delta":0,"icmpv4":0,"icmpv4_delta":0,"icmpv6":0,"icmpv6_delta":0,"ppp":0,"ppp_delta":0,"pppoe":0,"pppoe_delta":0,"gre":0,"gre_delta":0,"vlan":0,"vlan_delta":0,"vlan_qinq":0,"vlan_qinq_delta":0,"ieee8021ah":0,"ieee8021ah_delta":0,"teredo":0,"teredo_delta":0,"ipv4_in_ipv6":0,"ipv4_in_ipv6_delta":0,"ipv6_in_ipv6":0,"ipv6_in_ipv6_delta":0,"mpls":0,"mpls_delta":0,"avg_pkt_size":0,"avg_pkt_size_delta":0,"max_pkt_size":0,"max_pkt_size_delta":0,"erspan":0,"erspan_delta":0,"event":{"ipv4":{"pkt_too_small":0,"pkt_too_small_delta":0,"hlen_too_small":0,"hlen_too_small_delta":0,"iplen_smaller_than_hlen":0,"iplen_smaller_than_hlen_delta":0,"trunc_pkt":0,"trunc_pkt_delta":0,"opt_invalid":0,"opt_invalid_delta":0,"opt_invalid_len":0,"opt_invalid_len_delta":0,"opt_malformed":0,"opt_malformed_delta":0,"opt_pad_required":0,"opt_pad_required_delta":0,"opt_eol_required":0,"opt_eol_required_delta":0,"opt_duplicate":0,"opt_duplicate_delta":0,"opt_unknown":0,"opt_unknown_delta":0,"wrong_ip_version":0,"wrong_ip_version_delta":0,"icmpv6":0,"icmpv6_delta":0,"frag_pkt_too_large":0,"frag_pkt_too_large_delta":0,"frag_overlap":0,"frag_overlap_delta":0,"frag_ignored":0,"frag_ignored_delta":0},"icmpv4":{"pkt_too_small":0,"pkt_too_small_delta":0,"unknown_type":0,"unknown_type_delta":0,"unknown_code":0,"unknown_code_delta":0,"ipv4_trunc_pkt":0,"ipv4_trunc_pkt_delta":0,"ipv4_unknown_ver":0,"ipv4_unknown_ver_delta":0},"icmpv6":{"unknown_type":0,"unknown_type_delta":0,"unknown_code":0,"unknown_code_delta":0,"pkt_too_small":0,"pkt_too_small_delta":0,"ipv6_unknown_version":0,"ipv6_unknown_version_delta":0,"ipv6_trunc_pkt":0,"ipv6_trunc_pkt_delta":0,"mld_message_with_invalid_hl":0,"mld_message_with_invalid_hl_delta":0,"unassigned_type":0,"unassigned_type_delta":0,"experimentation_type":0,"experimentation_type_delta":0},"ipv6":{"pkt_too_small":0,"pkt_too_small_delta":0,"trunc_pkt":0,"trunc_pkt_delta":0,"trunc_exthdr":0,"trunc_exthdr_delta":0,"exthdr_dupl_fh":0,"exthdr_dupl_fh_delta":0,"exthdr_useless_fh":0,"exthdr_useless_fh_delta":0,"exthdr_dupl_rh":0,"exthdr_dupl_rh_delta":0,"exthdr_dupl_hh":0,"exthdr_dupl_hh_delta":0,"exthdr_dupl_dh":0,"exthdr_dupl_dh_delta":0,"exthdr_dupl_ah":0,"exthdr_dupl_ah_delta":0,"exthdr_dupl_eh":0,"exthdr_dupl_eh_delta":0,"exthdr_invalid_optlen":0,"exthdr_invalid_optlen_delta":0,"wrong_ip_version":0,"wrong_ip_version_delta":0,"exthdr_ah_res_not_null":0,"exthdr_ah_res_not_null_delta":0,"hopopts_unknown_opt":0,"hopopts_unknown_opt_delta":0,"hopopts_only_padding":0,"hopopts_only_padding_delta":0,"dstopts_unknown_opt":0,"dstopts_unknown_opt_delta":0,"dstopts_only_padding":0,"dstopts_only_padding_delta":0,"rh_type_0":0,"rh_type_0_delta":0,"zero_len_padn":0,"zero_len_padn_delta":0,"fh_non_zero_reserved_field":0,"fh_non_zero_reserved_field_delta":0,"data_after_none_header":0,"data_after_none_header_delta":0,"unknown_next_header":0,"unknown_next_header_delta":0,"icmpv4":0,"icmpv4_delta":0,"frag_pkt_too_large":0,"frag_pkt_too_large_delta":0,"frag_overlap":0,"frag_overlap_delta":0,"frag_ignored":0,"frag_ignored_delta":0,"ipv4_in_ipv6_too_small":0,"ipv4_in_ipv6_too_small_delta":0,"ipv4_in_ipv6_wrong_version":0,"ipv4_in_ipv6_wrong_version_delta":0,"ipv6_in_ipv6_too_small":0,"ipv6_in_ipv6_too_small_delta":0,"ipv6_in_ipv6_wrong_version":0,"ipv6_in_ipv6_wrong_version_delta":0},"tcp":{"pkt_too_small":0,"pkt_too_small_delta":0,"hlen_too_small":0,"hlen_too_small_delta":0,"invalid_optlen":0,"invalid_optlen_delta":0,"opt_invalid_len":0,"opt_invalid_len_delta":0,"opt_duplicate":0,"opt_duplicate_delta":0},"udp":{"pkt_too_small":0,"pkt_too_small_delta":0,"hlen_too_small":0,"hlen_too_small_delta":0,"hlen_invalid":0,"hlen_invalid_delta":0},"sll":{"pkt_too_small":0,"pkt_too_small_delta":0},"ethernet":{"pkt_too_small":0,"pkt_too_small_delta":0},"ppp":{"pkt_too_small":0,"pkt_too_small_delta":0,"vju_pkt_too_small":0,"vju_pkt_too_small_delta":0,"ip4_pkt_too_small":0,"ip4_pkt_too_small_delta":0,"ip6_pkt_too_small":0,"ip6_pkt_too_small_delta":0,"wrong_type":0,"wrong_type_delta":0,"unsup_proto":0,"unsup_proto_delta":0},"pppoe":{"pkt_too_small":0,"pkt_too_small_delta":0,"wrong_code":0,"wrong_code_delta":0,"malformed_tags":0,"malformed_tags_delta":0},"gre":{"pkt_too_small":0,"pkt_too_small_delta":0,"wrong_version":0,"wrong_version_delta":0,"version0_recur":0,"version0_recur_delta":0,"version0_flags":0,"version0_flags_delta":0,"version0_hdr_too_big":0,"version0_hdr_too_big_delta":0,"version0_malformed_sre_hdr":0,"version0_malformed_sre_hdr_delta":0,"version1_chksum":0,"version1_chksum_delta":0,"version1_route":0,"version1_route_delta":0,"version1_ssr":0,"version1_ssr_delta":0,"version1_recur":0,"version1_recur_delta":0,"version1_flags":0,"version1_flags_delta":0,"version1_no_key":0,"version1_no_key_delta":0,"version1_wrong_protocol":0,"version1_wrong_protocol_delta":0,"version1_malformed_sre_hdr":0,"version1_malformed_sre_hdr_delta":0,"version1_hdr_too_big":0,"version1_hdr_too_big_delta":0},"vlan":{"header_too_small":0,"header_too_small_delta":0,"unknown_type":0,"unknown_type_delta":0,"too_many_layers":0,"too_many_layers_delta":0},"ieee8021ah":{"header_too_small":0,"header_too_small_delta":0},"ipraw":{"invalid_ip_version":0,"invalid_ip_version_delta":0},"ltnull":{"pkt_too_small":0,"pkt_too_small_delta":0,"unsupported_type":0,"unsupported_type_delta":0},"sctp":{"pkt_too_small":0,"pkt_too_small_delta":0},"mpls":{"header_too_small":0,"header_too_small_delta":0,"pkt_too_small":0,"pkt_too_small_delta":0,"bad_label_router_alert":0,"bad_label_router_alert_delta":0,"bad_label_implicit_null":0,"bad_label_implicit_null_delta":0,"bad_label_reserved":0,"bad_label_reserved_delta":0,"unknown_payload_type":0,"unknown_payload_type_delta":0},"erspan":{"header_too_small":0,"header_too_small_delta":0,"unsupported_version":0,"unsupported_version_delta":0,"too_many_vlan_layers":0,"too_many_vlan_layers_delta":0}},"dce":{"pkt_too_small":0,"pkt_too_small_delta":0}},"flow":{"memcap":0,"memcap_delta":0,"tcp":2,"tcp_delta":2,"udp":0,"udp_delta":0,"icmpv4":0,"icmpv4_delta":0,"icmpv6":0,"icmpv6_delta":0},"defrag":{"ipv4":{"fragments":0,"fragments_delta":0,"reassembled":0,"reassembled_delta":0,"timeouts":0,"timeouts_delta":0},"ipv6":{"fragments":0,"fragments_delta":0,"reassembled":0,"reassembled_delta":0,"timeouts":0,"timeouts_delta":0},"max_frag_hits":0,"max_frag_hits_delta":0},"stream":{"3whs_ack_in_wrong_dir":0,"3whs_ack_in_wrong_dir_delta":0,"3whs_async_wrong_seq":0,"3whs_async_wrong_seq_delta":0,"3whs_right_seq_wrong_ack_evasion":0,"3whs_right_seq_wrong_ack_evasion_delta":0,"3whs_synack_in_wrong_direction":0,"3whs_synack_in_wrong_direction_delta":0,"3whs_synack_resend_with_diff_ack":0,"3whs_synack_resend_with_diff_ack_delta":0,"3whs_synack_resend_with_diff_seq":0,"3whs_synack_resend_with_diff_seq_delta":0,"3whs_synack_toserver_on_syn_recv":0,"3whs_synack_toserver_on_syn_recv_delta":0,"3whs_synack_with_wrong_ack":0,"3whs_synack_with_wrong_ack_delta":0,"3whs_synack_flood":0,"3whs_synack_flood_delta":0,"3whs_syn_resend_diff_seq_on_syn_recv":0,"3whs_syn_resend_diff_seq_on_syn_recv_delta":0,"3whs_syn_toclient_on_syn_recv":0,"3whs_syn_toclient_on_syn_recv_delta":0,"3whs_wrong_seq_wrong_ack":0,"3whs_wrong_seq_wrong_ack_delta":0,"3whs_ack_data_inject":0,"3whs_ack_data_inject_delta":0,"4whs_synack_with_wrong_ack":0,"4whs_synack_with_wrong_ack_delta":0,"4whs_synack_with_wrong_syn":0,"4whs_synack_with_wrong_syn_delta":0,"4whs_wrong_seq":0,"4whs_wrong_seq_delta":0,"4whs_invalid_ack":0,"4whs_invalid_ack_delta":0,"closewait_ack_out_of_window":0,"closewait_ack_out_of_window_delta":0,"closewait_fin_out_of_window":0,"closewait_fin_out_of_window_delta":0,"closewait_pkt_before_last_ack":0,"closewait_pkt_before_last_ack_delta":0,"closewait_invalid_ack":0,"closewait_invalid_ack_delta":0,"closing_ack_wrong_seq":0,"closing_ack_wrong_seq_delta":0,"closing_invalid_ack":0,"closing_invalid_ack_delta":0,"est_packet_out_of_window":0,"est_packet_out_of_window_delta":0,"est_pkt_before_last_ack":0,"est_pkt_before_last_ack_delta":0,"est_synack_resend":0,"est_synack_resend_delta":0,"est_synack_resend_with_diff_ack":0,"est_synack_resend_with_diff_ack_delta":0,"est_synack_resend_with_diff_seq":0,"est_synack_resend_with_diff_seq_delta":0,"est_synack_toserver":0,"est_synack_toserver_delta":0,"est_syn_resend":0,"est_syn_resend_delta":0,"est_syn_resend_diff_seq":0,"est_syn_resend_diff_seq_delta":0,"est_syn_toclient":0,"est_syn_toclient_delta":0,"est_invalid_ack":0,"est_invalid_ack_delta":0,"fin_invalid_ack":0,"fin_invalid_ack_delta":0,"fin1_ack_wrong_seq":0,"fin1_ack_wrong_seq_delta":0,"fin1_fin_wrong_seq":0,"fin1_fin_wrong_seq_delta":0,"fin1_invalid_ack":0,"fin1_invalid_ack_delta":0,"fin2_ack_wrong_seq":0,"fin2_ack_wrong_seq_delta":0,"fin2_fin_wrong_seq":0,"fin2_fin_wrong_seq_delta":0,"fin2_invalid_ack":0,"fin2_invalid_ack_delta":0,"fin_but_no_session":0,"fin_but_no_session_delta":0,"fin_out_of_window":0,"fin_out_of_window_delta":0,"lastack_ack_wrong_seq":0,"lastack_ack_wrong_seq_delta":0,"lastack_invalid_ack":0,"lastack_invalid_ack_delta":0,"rst_but_no_session":0,"rst_but_no_session_delta":0,"timewait_ack_wrong_seq":0,"timewait_ack_wrong_seq_delta":0,"timewait_invalid_ack":0,"timewait_invalid_ack_delta":0,"shutdown_syn_resend":0,"shutdown_syn_resend_delta":0,"pkt_invalid_timestamp":0,"pkt_invalid_timestamp_delta":0,"pkt_invalid_ack":0,"pkt_invalid_ack_delta":0,"pkt_broken_ack":0,"pkt_broken_ack_delta":0,"rst_invalid_ack":0,"rst_invalid_ack_delta":0,"pkt_retransmission":0,"pkt_retransmission_delta":0,"pkt_bad_window_update":0,"pkt_bad_window_update_delta":0,"suspected_rst_inject":0,"suspected_rst_inject_delta":0,"wrong_thread":0,"wrong_thread_delta":0,"reassembly_segment_before_base_seq":0,"reassembly_segment_before_base_seq_delta":0,"reassembly_no_segment":0,"reassembly_no_segment_delta":0,"reassembly_seq_gap":0,"reassembly_seq_gap_delta":0,"reassembly_overlap_different_data":0,"reassembly_overlap_different_data_delta":0},"tcp":{"sessions":0,"sessions_delta":0,"ssn_memcap_drop":0,"ssn_memcap_drop_delta":0,"pseudo":0,"pseudo_delta":0,"pseudo_failed":0,"pseudo_failed_delta":0,"invalid_checksum":0,"invalid_checksum_delta":0,"no_flow":0,"no_flow_delta":0,"syn":0,"syn_delta":0,"synack":0,"synack_delta":0,"rst":0,"rst_delta":0,"midstream_pickups":0,"midstream_pickups_delta":0,"pkt_on_wrong_thread":0,"pkt_on_wrong_thread_delta":0,"segment_memcap_drop":0,"segment_memcap_drop_delta":0,"stream_depth_reached":0,"stream_depth_reached_delta":0,"reassembly_gap":0,"reassembly_gap_delta":0,"overlap":0,"overlap_delta":0,"overlap_diff_data":0,"overlap_diff_data_delta":0,"insert_data_normal_fail":0,"insert_data_normal_fail_delta":0,"insert_data_overlap_fail":0,"insert_data_overlap_fail_delta":0,"insert_list_fail":0,"insert_list_fail_delta":0},"detect":{"engines":[{"id":0,"last_reload":"2019-10-02T05:32:10.214936+0000","rules_loaded":19231,"rules_failed":0}],"alert":3,"alert_delta":3},"file_store":{"open_files_max_hit":0,"open_files_max_hit_delta":0,"fs_errors":0,"fs_errors_delta":0},"app_layer":{"flow":{"http":0,"http_delta":0,"ftp":0,"ftp_delta":0,"smtp":0,"smtp_delta":0,"tls":0,"tls_delta":0,"ssh":0,"ssh_delta":0,"imap":0,"imap_delta":0,"msn":0,"msn_delta":0,"smb":0,"smb_delta":0,"dcerpc_tcp":0,"dcerpc_tcp_delta":0,"dns_tcp":0,"dns_tcp_delta":0,"modbus":0,"modbus_delta":0,"enip_tcp":0,"enip_tcp_delta":0,"dnp3":0,"dnp3_delta":0,"nfs_tcp":0,"nfs_tcp_delta":0,"ntp":0,"ntp_delta":0,"ftp-data":0,"ftp-data_delta":0,"tftp":0,"tftp_delta":0,"ikev2":0,"ikev2_delta":0,"krb5_tcp":0,"krb5_tcp_delta":0,"dhcp":0,"dhcp_delta":0,"failed_tcp":0,"failed_tcp_delta":0,"dcerpc_udp":0,"dcerpc_udp_delta":0,"dns_udp":0,"dns_udp_delta":0,"enip_udp":0,"enip_udp_delta":0,"nfs_udp":0,"nfs_udp_delta":0,"krb5_udp":0,"krb5_udp_delta":0,"failed_udp":0,"failed_udp_delta":0},"tx":{"http":0,"http_delta":0,"ftp":0,"ftp_delta":0,"smtp":0,"smtp_delta":0,"tls":0,"tls_delta":0,"ssh":0,"ssh_delta":0,"smb":0,"smb_delta":0,"dcerpc_tcp":0,"dcerpc_tcp_delta":0,"dns_tcp":0,"dns_tcp_delta":0,"modbus":0,"modbus_delta":0,"enip_tcp":0,"enip_tcp_delta":0,"dnp3":0,"dnp3_delta":0,"nfs_tcp":0,"nfs_tcp_delta":0,"ftp-data":0,"ftp-data_delta":0,"krb5_tcp":0,"krb5_tcp_delta":0,"dcerpc_udp":0,"dcerpc_udp_delta":0,"dns_udp":0,"dns_udp_delta":0,"enip_udp":0,"enip_udp_delta":0,"nfs_udp":0,"nfs_udp_delta":0,"ntp":0,"ntp_delta":0,"tftp":0,"tftp_delta":0,"ikev2":0,"ikev2_delta":0,"krb5_udp":0,"krb5_udp_delta":0,"dhcp":0,"dhcp_delta":0}}},"W#03":{"decoder":{"pkts":0,"pkts_delta":0,"bytes":0,"bytes_delta":0,"invalid":0,"invalid_delta":0,"ipv4":0,"ipv4_delta":0,"ipv6":0,"ipv6_delta":0,"ethernet":0,"ethernet_delta":0,"raw":0,"raw_delta":0,"null":0,"null_delta":0,"sll":0,"sll_delta":0,"tcp":0,"tcp_delta":0,"udp":0,"udp_delta":0,"sctp":0,"sctp_delta":0,"icmpv4":0,"icmpv4_delta":0,"icmpv6":0,"icmpv6_delta":0,"ppp":0,"ppp_delta":0,"pppoe":0,"pppoe_delta":0,"gre":0,"gre_delta":0,"vlan":0,"vlan_delta":0,"vlan_qinq":0,"vlan_qinq_delta":0,"ieee8021ah":0,"ieee8021ah_delta":0,"teredo":0,"teredo_delta":0,"ipv4_in_ipv6":0,"ipv4_in_ipv6_delta":0,"ipv6_in_ipv6":0,"ipv6_in_ipv6_delta":0,"mpls":0,"mpls_delta":0,"avg_pkt_size":0,"avg_pkt_size_delta":0,"max_pkt_size":0,"max_pkt_size_delta":0,"erspan":0,"erspan_delta":0,"event":{"ipv4":{"pkt_too_small":0,"pkt_too_small_delta":0,"hlen_too_small":0,"hlen_too_small_delta":0,"iplen_smaller_than_hlen":0,"iplen_smaller_than_hlen_delta":0,"trunc_pkt":0,"trunc_pkt_delta":0,"opt_invalid":0,"opt_invalid_delta":0,"opt_invalid_len":0,"opt_invalid_len_delta":0,"opt_malformed":0,"opt_malformed_delta":0,"opt_pad_required":0,"opt_pad_required_delta":0,"opt_eol_required":0,"opt_eol_required_delta":0,"opt_duplicate":0,"opt_duplicate_delta":0,"opt_unknown":0,"opt_unknown_delta":0,"wrong_ip_version":0,"wrong_ip_version_delta":0,"icmpv6":0,"icmpv6_delta":0,"frag_pkt_too_large":0,"frag_pkt_too_large_delta":0,"frag_overlap":0,"frag_overlap_delta":0,"frag_ignored":0,"frag_ignored_delta":0},"icmpv4":{"pkt_too_small":0,"pkt_too_small_delta":0,"unknown_type":0,"unknown_type_delta":0,"unknown_code":0,"unknown_code_delta":0,"ipv4_trunc_pkt":0,"ipv4_trunc_pkt_delta":0,"ipv4_unknown_ver":0,"ipv4_unknown_ver_delta":0},"icmpv6":{"unknown_type":0,"unknown_type_delta":0,"unknown_code":0,"unknown_code_delta":0,"pkt_too_small":0,"pkt_too_small_delta":0,"ipv6_unknown_version":0,"ipv6_unknown_version_delta":0,"ipv6_trunc_pkt":0,"ipv6_trunc_pkt_delta":0,"mld_message_with_invalid_hl":0,"mld_message_with_invalid_hl_delta":0,"unassigned_type":0,"unassigned_type_delta":0,"experimentation_type":0,"experimentation_type_delta":0},"ipv6":{"pkt_too_small":0,"pkt_too_small_delta":0,"trunc_pkt":0,"trunc_pkt_delta":0,"trunc_exthdr":0,"trunc_exthdr_delta":0,"exthdr_dupl_fh":0,"exthdr_dupl_fh_delta":0,"exthdr_useless_fh":0,"exthdr_useless_fh_delta":0,"exthdr_dupl_rh":0,"exthdr_dupl_rh_delta":0,"exthdr_dupl_hh":0,"exthdr_dupl_hh_delta":0,"exthdr_dupl_dh":0,"exthdr_dupl_dh_delta":0,"exthdr_dupl_ah":0,"exthdr_dupl_ah_delta":0,"exthdr_dupl_eh":0,"exthdr_dupl_eh_delta":0,"exthdr_invalid_optlen":0,"exthdr_invalid_optlen_delta":0,"wrong_ip_version":0,"wrong_ip_version_delta":0,"exthdr_ah_res_not_null":0,"exthdr_ah_res_not_null_delta":0,"hopopts_unknown_opt":0,"hopopts_unknown_opt_delta":0,"hopopts_only_padding":0,"hopopts_only_padding_delta":0,"dstopts_unknown_opt":0,"dstopts_unknown_opt_delta":0,"dstopts_only_padding":0,"dstopts_only_padding_delta":0,"rh_type_0":0,"rh_type_0_delta":0,"zero_len_padn":0,"zero_len_padn_delta":0,"fh_non_zero_reserved_field":0,"fh_non_zero_reserved_field_delta":0,"data_after_none_header":0,"data_after_none_header_delta":0,"unknown_next_header":0,"unknown_next_header_delta":0,"icmpv4":0,"icmpv4_delta":0,"frag_pkt_too_large":0,"frag_pkt_too_large_delta":0,"frag_overlap":0,"frag_overlap_delta":0,"frag_ignored":0,"frag_ignored_delta":0,"ipv4_in_ipv6_too_small":0,"ipv4_in_ipv6_too_small_delta":0,"ipv4_in_ipv6_wrong_version":0,"ipv4_in_ipv6_wrong_version_delta":0,"ipv6_in_ipv6_too_small":0,"ipv6_in_ipv6_too_small_delta":0,"ipv6_in_ipv6_wrong_version":0,"ipv6_in_ipv6_wrong_version_delta":0},"tcp":{"pkt_too_small":0,"pkt_too_small_delta":0,"hlen_too_small":0,"hlen_too_small_delta":0,"invalid_optlen":0,"invalid_optlen_delta":0,"opt_invalid_len":0,"opt_invalid_len_delta":0,"opt_duplicate":0,"opt_duplicate_delta":0},"udp":{"pkt_too_small":0,"pkt_too_small_delta":0,"hlen_too_small":0,"hlen_too_small_delta":0,"hlen_invalid":0,"hlen_invalid_delta":0},"sll":{"pkt_too_small":0,"pkt_too_small_delta":0},"ethernet":{"pkt_too_small":0,"pkt_too_small_delta":0},"ppp":{"pkt_too_small":0,"pkt_too_small_delta":0,"vju_pkt_too_small":0,"vju_pkt_too_small_delta":0,"ip4_pkt_too_small":0,"ip4_pkt_too_small_delta":0,"ip6_pkt_too_small":0,"ip6_pkt_too_small_delta":0,"wrong_type":0,"wrong_type_delta":0,"unsup_proto":0,"unsup_proto_delta":0},"pppoe":{"pkt_too_small":0,"pkt_too_small_delta":0,"wrong_code":0,"wrong_code_delta":0,"malformed_tags":0,"malformed_tags_delta":0},"gre":{"pkt_too_small":0,"pkt_too_small_delta":0,"wrong_version":0,"wrong_version_delta":0,"version0_recur":0,"version0_recur_delta":0,"version0_flags":0,"version0_flags_delta":0,"version0_hdr_too_big":0,"version0_hdr_too_big_delta":0,"version0_malformed_sre_hdr":0,"version0_malformed_sre_hdr_delta":0,"version1_chksum":0,"version1_chksum_delta":0,"version1_route":0,"version1_route_delta":0,"version1_ssr":0,"version1_ssr_delta":0,"version1_recur":0,"version1_recur_delta":0,"version1_flags":0,"version1_flags_delta":0,"version1_no_key":0,"version1_no_key_delta":0,"version1_wrong_protocol":0,"version1_wrong_protocol_delta":0,"version1_malformed_sre_hdr":0,"version1_malformed_sre_hdr_delta":0,"version1_hdr_too_big":0,"version1_hdr_too_big_delta":0},"vlan":{"header_too_small":0,"header_too_small_delta":0,"unknown_type":0,"unknown_type_delta":0,"too_many_layers":0,"too_many_layers_delta":0},"ieee8021ah":{"header_too_small":0,"header_too_small_delta":0},"ipraw":{"invalid_ip_version":0,"invalid_ip_version_delta":0},"ltnull":{"pkt_too_small":0,"pkt_too_small_delta":0,"unsupported_type":0,"unsupported_type_delta":0},"sctp":{"pkt_too_small":0,"pkt_too_small_delta":0},"mpls":{"header_too_small":0,"header_too_small_delta":0,"pkt_too_small":0,"pkt_too_small_delta":0,"bad_label_router_alert":0,"bad_label_router_alert_delta":0,"bad_label_implicit_null":0,"bad_label_implicit_null_delta":0,"bad_label_reserved":0,"bad_label_reserved_delta":0,"unknown_payload_type":0,"unknown_payload_type_delta":0},"erspan":{"header_too_small":0,"header_too_small_delta":0,"unsupported_version":0,"unsupported_version_delta":0,"too_many_vlan_layers":0,"too_many_vlan_layers_delta":0}},"dce":{"pkt_too_small":0,"pkt_too_small_delta":0}},"flow":{"memcap":0,"memcap_delta":0,"tcp":0,"tcp_delta":0,"udp":0,"udp_delta":0,"icmpv4":0,"icmpv4_delta":0,"icmpv6":0,"icmpv6_delta":0},"defrag":{"ipv4":{"fragments":0,"fragments_delta":0,"reassembled":0,"reassembled_delta":0,"timeouts":0,"timeouts_delta":0},"ipv6":{"fragments":0,"fragments_delta":0,"reassembled":0,"reassembled_delta":0,"timeouts":0,"timeouts_delta":0},"max_frag_hits":0,"max_frag_hits_delta":0},"stream":{"3whs_ack_in_wrong_dir":0,"3whs_ack_in_wrong_dir_delta":0,"3whs_async_wrong_seq":0,"3whs_async_wrong_seq_delta":0,"3whs_right_seq_wrong_ack_evasion":0,"3whs_right_seq_wrong_ack_evasion_delta":0,"3whs_synack_in_wrong_direction":0,"3whs_synack_in_wrong_direction_delta":0,"3whs_synack_resend_with_diff_ack":0,"3whs_synack_resend_with_diff_ack_delta":0,"3whs_synack_resend_with_diff_seq":0,"3whs_synack_resend_with_diff_seq_delta":0,"3whs_synack_toserver_on_syn_recv":0,"3whs_synack_toserver_on_syn_recv_delta":0,"3whs_synack_with_wrong_ack":0,"3whs_synack_with_wrong_ack_delta":0,"3whs_synack_flood":0,"3whs_synack_flood_delta":0,"3whs_syn_resend_diff_seq_on_syn_recv":0,"3whs_syn_resend_diff_seq_on_syn_recv_delta":0,"3whs_syn_toclient_on_syn_recv":0,"3whs_syn_toclient_on_syn_recv_delta":0,"3whs_wrong_seq_wrong_ack":0,"3whs_wrong_seq_wrong_ack_delta":0,"3whs_ack_data_inject":0,"3whs_ack_data_inject_delta":0,"4whs_synack_with_wrong_ack":0,"4whs_synack_with_wrong_ack_delta":0,"4whs_synack_with_wrong_syn":0,"4whs_synack_with_wrong_syn_delta":0,"4whs_wrong_seq":0,"4whs_wrong_seq_delta":0,"4whs_invalid_ack":0,"4whs_invalid_ack_delta":0,"closewait_ack_out_of_window":0,"closewait_ack_out_of_window_delta":0,"closewait_fin_out_of_window":0,"closewait_fin_out_of_window_delta":0,"closewait_pkt_before_last_ack":0,"closewait_pkt_before_last_ack_delta":0,"closewait_invalid_ack":0,"closewait_invalid_ack_delta":0,"closing_ack_wrong_seq":0,"closing_ack_wrong_seq_delta":0,"closing_invalid_ack":0,"closing_invalid_ack_delta":0,"est_packet_out_of_window":0,"est_packet_out_of_window_delta":0,"est_pkt_before_last_ack":0,"est_pkt_before_last_ack_delta":0,"est_synack_resend":0,"est_synack_resend_delta":0,"est_synack_resend_with_diff_ack":0,"est_synack_resend_with_diff_ack_delta":0,"est_synack_resend_with_diff_seq":0,"est_synack_resend_with_diff_seq_delta":0,"est_synack_toserver":0,"est_synack_toserver_delta":0,"est_syn_resend":0,"est_syn_resend_delta":0,"est_syn_resend_diff_seq":0,"est_syn_resend_diff_seq_delta":0,"est_syn_toclient":0,"est_syn_toclient_delta":0,"est_invalid_ack":0,"est_invalid_ack_delta":0,"fin_invalid_ack":0,"fin_invalid_ack_delta":0,"fin1_ack_wrong_seq":0,"fin1_ack_wrong_seq_delta":0,"fin1_fin_wrong_seq":0,"fin1_fin_wrong_seq_delta":0,"fin1_invalid_ack":0,"fin1_invalid_ack_delta":0,"fin2_ack_wrong_seq":0,"fin2_ack_wrong_seq_delta":0,"fin2_fin_wrong_seq":0,"fin2_fin_wrong_seq_delta":0,"fin2_invalid_ack":0,"fin2_invalid_ack_delta":0,"fin_but_no_session":0,"fin_but_no_session_delta":0,"fin_out_of_window":0,"fin_out_of_window_delta":0,"lastack_ack_wrong_seq":0,"lastack_ack_wrong_seq_delta":0,"lastack_invalid_ack":0,"lastack_invalid_ack_delta":0,"rst_but_no_session":0,"rst_but_no_session_delta":0,"timewait_ack_wrong_seq":0,"timewait_ack_wrong_seq_delta":0,"timewait_invalid_ack":0,"timewait_invalid_ack_delta":0,"shutdown_syn_resend":0,"shutdown_syn_resend_delta":0,"pkt_invalid_timestamp":0,"pkt_invalid_timestamp_delta":0,"pkt_invalid_ack":0,"pkt_invalid_ack_delta":0,"pkt_broken_ack":0,"pkt_broken_ack_delta":0,"rst_invalid_ack":0,"rst_invalid_ack_delta":0,"pkt_retransmission":0,"pkt_retransmission_delta":0,"pkt_bad_window_update":0,"pkt_bad_window_update_delta":0,"suspected_rst_inject":0,"suspected_rst_inject_delta":0,"wrong_thread":0,"wrong_thread_delta":0,"reassembly_segment_before_base_seq":0,"reassembly_segment_before_base_seq_delta":0,"reassembly_no_segment":0,"reassembly_no_segment_delta":0,"reassembly_seq_gap":0,"reassembly_seq_gap_delta":0,"reassembly_overlap_different_data":0,"reassembly_overlap_different_data_delta":0},"tcp":{"sessions":0,"sessions_delta":0,"ssn_memcap_drop":0,"ssn_memcap_drop_delta":0,"pseudo":0,"pseudo_delta":0,"pseudo_failed":0,"pseudo_failed_delta":0,"invalid_checksum":0,"invalid_checksum_delta":0,"no_flow":0,"no_flow_delta":0,"syn":0,"syn_delta":0,"synack":0,"synack_delta":0,"rst":0,"rst_delta":0,"midstream_pickups":0,"midstream_pickups_delta":0,"pkt_on_wrong_thread":0,"pkt_on_wrong_thread_delta":0,"segment_memcap_drop":0,"segment_memcap_drop_delta":0,"stream_depth_reached":0,"stream_depth_reached_delta":0,"reassembly_gap":0,"reassembly_gap_delta":0,"overlap":0,"overlap_delta":0,"overlap_diff_data":0,"overlap_diff_data_delta":0,"insert_data_normal_fail":0,"insert_data_normal_fail_delta":0,"insert_data_overlap_fail":0,"insert_data_overlap_fail_delta":0,"insert_list_fail":0,"insert_list_fail_delta":0},"detect":{"engines":[{"id":0,"last_reload":"2019-10-02T05:32:10.214936+0000","rules_loaded":19231,"rules_failed":0}],"alert":0,"alert_delta":0},"file_store":{"open_files_max_hit":0,"open_files_max_hit_delta":0,"fs_errors":0,"fs_errors_delta":0},"app_layer":{"flow":{"http":0,"http_delta":0,"ftp":0,"ftp_delta":0,"smtp":0,"smtp_delta":0,"tls":0,"tls_delta":0,"ssh":0,"ssh_delta":0,"imap":0,"imap_delta":0,"msn":0,"msn_delta":0,"smb":0,"smb_delta":0,"dcerpc_tcp":0,"dcerpc_tcp_delta":0,"dns_tcp":0,"dns_tcp_delta":0,"modbus":0,"modbus_delta":0,"enip_tcp":0,"enip_tcp_delta":0,"dnp3":0,"dnp3_delta":0,"nfs_tcp":0,"nfs_tcp_delta":0,"ntp":0,"ntp_delta":0,"ftp-data":0,"ftp-data_delta":0,"tftp":0,"tftp_delta":0,"ikev2":0,"ikev2_delta":0,"krb5_tcp":0,"krb5_tcp_delta":0,"dhcp":0,"dhcp_delta":0,"failed_tcp":0,"failed_tcp_delta":0,"dcerpc_udp":0,"dcerpc_udp_delta":0,"dns_udp":0,"dns_udp_delta":0,"enip_udp":0,"enip_udp_delta":0,"nfs_udp":0,"nfs_udp_delta":0,"krb5_udp":0,"krb5_udp_delta":0,"failed_udp":0,"failed_udp_delta":0},"tx":{"http":0,"http_delta":0,"ftp":0,"ftp_delta":0,"smtp":0,"smtp_delta":0,"tls":0,"tls_delta":0,"ssh":0,"ssh_delta":0,"smb":0,"smb_delta":0,"dcerpc_tcp":0,"dcerpc_tcp_delta":0,"dns_tcp":0,"dns_tcp_delta":0,"modbus":0,"modbus_delta":0,"enip_tcp":0,"enip_tcp_delta":0,"dnp3":0,"dnp3_delta":0,"nfs_tcp":0,"nfs_tcp_delta":0,"ftp-data":0,"ftp-data_delta":0,"krb5_tcp":0,"krb5_tcp_delta":0,"dcerpc_udp":0,"dcerpc_udp_delta":0,"dns_udp":0,"dns_udp_delta":0,"enip_udp":0,"enip_udp_delta":0,"nfs_udp":0,"nfs_udp_delta":0,"ntp":0,"ntp_delta":0,"tftp":0,"tftp_delta":0,"ikev2":0,"ikev2_delta":0,"krb5_udp":0,"krb5_udp_delta":0,"dhcp":0,"dhcp_delta":0}}},"W#04":{"decoder":{"pkts":0,"pkts_delta":0,"bytes":0,"bytes_delta":0,"invalid":0,"invalid_delta":0,"ipv4":0,"ipv4_delta":0,"ipv6":0,"ipv6_delta":0,"ethernet":0,"ethernet_delta":0,"raw":0,"raw_delta":0,"null":0,"null_delta":0,"sll":0,"sll_delta":0,"tcp":0,"tcp_delta":0,"udp":0,"udp_delta":0,"sctp":0,"sctp_delta":0,"icmpv4":0,"icmpv4_delta":0,"icmpv6":0,"icmpv6_delta":0,"ppp":0,"ppp_delta":0,"pppoe":0,"pppoe_delta":0,"gre":0,"gre_delta":0,"vlan":0,"vlan_delta":0,"vlan_qinq":0,"vlan_qinq_delta":0,"ieee8021ah":0,"ieee8021ah_delta":0,"teredo":0,"teredo_delta":0,"ipv4_in_ipv6":0,"ipv4_in_ipv6_delta":0,"ipv6_in_ipv6":0,"ipv6_in_ipv6_delta":0,"mpls":0,"mpls_delta":0,"avg_pkt_size":0,"avg_pkt_size_delta":0,"max_pkt_size":0,"max_pkt_size_delta":0,"erspan":0,"erspan_delta":0,"event":{"ipv4":{"pkt_too_small":0,"pkt_too_small_delta":0,"hlen_too_small":0,"hlen_too_small_delta":0,"iplen_smaller_than_hlen":0,"iplen_smaller_than_hlen_delta":0,"trunc_pkt":0,"trunc_pkt_delta":0,"opt_invalid":0,"opt_invalid_delta":0,"opt_invalid_len":0,"opt_invalid_len_delta":0,"opt_malformed":0,"opt_malformed_delta":0,"opt_pad_required":0,"opt_pad_required_delta":0,"opt_eol_required":0,"opt_eol_required_delta":0,"opt_duplicate":0,"opt_duplicate_delta":0,"opt_unknown":0,"opt_unknown_delta":0,"wrong_ip_version":0,"wrong_ip_version_delta":0,"icmpv6":0,"icmpv6_delta":0,"frag_pkt_too_large":0,"frag_pkt_too_large_delta":0,"frag_overlap":0,"frag_overlap_delta":0,"frag_ignored":0,"frag_ignored_delta":0},"icmpv4":{"pkt_too_small":0,"pkt_too_small_delta":0,"unknown_type":0,"unknown_type_delta":0,"unknown_code":0,"unknown_code_delta":0,"ipv4_trunc_pkt":0,"ipv4_trunc_pkt_delta":0,"ipv4_unknown_ver":0,"ipv4_unknown_ver_delta":0},"icmpv6":{"unknown_type":0,"unknown_type_delta":0,"unknown_code":0,"unknown_code_delta":0,"pkt_too_small":0,"pkt_too_small_delta":0,"ipv6_unknown_version":0,"ipv6_unknown_version_delta":0,"ipv6_trunc_pkt":0,"ipv6_trunc_pkt_delta":0,"mld_message_with_invalid_hl":0,"mld_message_with_invalid_hl_delta":0,"unassigned_type":0,"unassigned_type_delta":0,"experimentation_type":0,"experimentation_type_delta":0},"ipv6":{"pkt_too_small":0,"pkt_too_small_delta":0,"trunc_pkt":0,"trunc_pkt_delta":0,"trunc_exthdr":0,"trunc_exthdr_delta":0,"exthdr_dupl_fh":0,"exthdr_dupl_fh_delta":0,"exthdr_useless_fh":0,"exthdr_useless_fh_delta":0,"exthdr_dupl_rh":0,"exthdr_dupl_rh_delta":0,"exthdr_dupl_hh":0,"exthdr_dupl_hh_delta":0,"exthdr_dupl_dh":0,"exthdr_dupl_dh_delta":0,"exthdr_dupl_ah":0,"exthdr_dupl_ah_delta":0,"exthdr_dupl_eh":0,"exthdr_dupl_eh_delta":0,"exthdr_invalid_optlen":0,"exthdr_invalid_optlen_delta":0,"wrong_ip_version":0,"wrong_ip_version_delta":0,"exthdr_ah_res_not_null":0,"exthdr_ah_res_not_null_delta":0,"hopopts_unknown_opt":0,"hopopts_unknown_opt_delta":0,"hopopts_only_padding":0,"hopopts_only_padding_delta":0,"dstopts_unknown_opt":0,"dstopts_unknown_opt_delta":0,"dstopts_only_padding":0,"dstopts_only_padding_delta":0,"rh_type_0":0,"rh_type_0_delta":0,"zero_len_padn":0,"zero_len_padn_delta":0,"fh_non_zero_reserved_field":0,"fh_non_zero_reserved_field_delta":0,"data_after_none_header":0,"data_after_none_header_delta":0,"unknown_next_header":0,"unknown_next_header_delta":0,"icmpv4":0,"icmpv4_delta":0,"frag_pkt_too_large":0,"frag_pkt_too_large_delta":0,"frag_overlap":0,"frag_overlap_delta":0,"frag_ignored":0,"frag_ignored_delta":0,"ipv4_in_ipv6_too_small":0,"ipv4_in_ipv6_too_small_delta":0,"ipv4_in_ipv6_wrong_version":0,"ipv4_in_ipv6_wrong_version_delta":0,"ipv6_in_ipv6_too_small":0,"ipv6_in_ipv6_too_small_delta":0,"ipv6_in_ipv6_wrong_version":0,"ipv6_in_ipv6_wrong_version_delta":0},"tcp":{"pkt_too_small":0,"pkt_too_small_delta":0,"hlen_too_small":0,"hlen_too_small_delta":0,"invalid_optlen":0,"invalid_optlen_delta":0,"opt_invalid_len":0,"opt_invalid_len_delta":0,"opt_duplicate":0,"opt_duplicate_delta":0},"udp":{"pkt_too_small":0,"pkt_too_small_delta":0,"hlen_too_small":0,"hlen_too_small_delta":0,"hlen_invalid":0,"hlen_invalid_delta":0},"sll":{"pkt_too_small":0,"pkt_too_small_delta":0},"ethernet":{"pkt_too_small":0,"pkt_too_small_delta":0},"ppp":{"pkt_too_small":0,"pkt_too_small_delta":0,"vju_pkt_too_small":0,"vju_pkt_too_small_delta":0,"ip4_pkt_too_small":0,"ip4_pkt_too_small_delta":0,"ip6_pkt_too_small":0,"ip6_pkt_too_small_delta":0,"wrong_type":0,"wrong_type_delta":0,"unsup_proto":0,"unsup_proto_delta":0},"pppoe":{"pkt_too_small":0,"pkt_too_small_delta":0,"wrong_code":0,"wrong_code_delta":0,"malformed_tags":0,"malformed_tags_delta":0},"gre":{"pkt_too_small":0,"pkt_too_small_delta":0,"wrong_version":0,"wrong_version_delta":0,"version0_recur":0,"version0_recur_delta":0,"version0_flags":0,"version0_flags_delta":0,"version0_hdr_too_big":0,"version0_hdr_too_big_delta":0,"version0_malformed_sre_hdr":0,"version0_malformed_sre_hdr_delta":0,"version1_chksum":0,"version1_chksum_delta":0,"version1_route":0,"version1_route_delta":0,"version1_ssr":0,"version1_ssr_delta":0,"version1_recur":0,"version1_recur_delta":0,"version1_flags":0,"version1_flags_delta":0,"version1_no_key":0,"version1_no_key_delta":0,"version1_wrong_protocol":0,"version1_wrong_protocol_delta":0,"version1_malformed_sre_hdr":0,"version1_malformed_sre_hdr_delta":0,"version1_hdr_too_big":0,"version1_hdr_too_big_delta":0},"vlan":{"header_too_small":0,"header_too_small_delta":0,"unknown_type":0,"unknown_type_delta":0,"too_many_layers":0,"too_many_layers_delta":0},"ieee8021ah":{"header_too_small":0,"header_too_small_delta":0},"ipraw":{"invalid_ip_version":0,"invalid_ip_version_delta":0},"ltnull":{"pkt_too_small":0,"pkt_too_small_delta":0,"unsupported_type":0,"unsupported_type_delta":0},"sctp":{"pkt_too_small":0,"pkt_too_small_delta":0},"mpls":{"header_too_small":0,"header_too_small_delta":0,"pkt_too_small":0,"pkt_too_small_delta":0,"bad_label_router_alert":0,"bad_label_router_alert_delta":0,"bad_label_implicit_null":0,"bad_label_implicit_null_delta":0,"bad_label_reserved":0,"bad_label_reserved_delta":0,"unknown_payload_type":0,"unknown_payload_type_delta":0},"erspan":{"header_too_small":0,"header_too_small_delta":0,"unsupported_version":0,"unsupported_version_delta":0,"too_many_vlan_layers":0,"too_many_vlan_layers_delta":0}},"dce":{"pkt_too_small":0,"pkt_too_small_delta":0}},"flow":{"memcap":0,"memcap_delta":0,"tcp":0,"tcp_delta":0,"udp":0,"udp_delta":0,"icmpv4":0,"icmpv4_delta":0,"icmpv6":0,"icmpv6_delta":0},"defrag":{"ipv4":{"fragments":0,"fragments_delta":0,"reassembled":0,"reassembled_delta":0,"timeouts":0,"timeouts_delta":0},"ipv6":{"fragments":0,"fragments_delta":0,"reassembled":0,"reassembled_delta":0,"timeouts":0,"timeouts_delta":0},"max_frag_hits":0,"max_frag_hits_delta":0},"stream":{"3whs_ack_in_wrong_dir":0,"3whs_ack_in_wrong_dir_delta":0,"3whs_async_wrong_seq":0,"3whs_async_wrong_seq_delta":0,"3whs_right_seq_wrong_ack_evasion":0,"3whs_right_seq_wrong_ack_evasion_delta":0,"3whs_synack_in_wrong_direction":0,"3whs_synack_in_wrong_direction_delta":0,"3whs_synack_resend_with_diff_ack":0,"3whs_synack_resend_with_diff_ack_delta":0,"3whs_synack_resend_with_diff_seq":0,"3whs_synack_resend_with_diff_seq_delta":0,"3whs_synack_toserver_on_syn_recv":0,"3whs_synack_toserver_on_syn_recv_delta":0,"3whs_synack_with_wrong_ack":0,"3whs_synack_with_wrong_ack_delta":0,"3whs_synack_flood":0,"3whs_synack_flood_delta":0,"3whs_syn_resend_diff_seq_on_syn_recv":0,"3whs_syn_resend_diff_seq_on_syn_recv_delta":0,"3whs_syn_toclient_on_syn_recv":0,"3whs_syn_toclient_on_syn_recv_delta":0,"3whs_wrong_seq_wrong_ack":0,"3whs_wrong_seq_wrong_ack_delta":0,"3whs_ack_data_inject":0,"3whs_ack_data_inject_delta":0,"4whs_synack_with_wrong_ack":0,"4whs_synack_with_wrong_ack_delta":0,"4whs_synack_with_wrong_syn":0,"4whs_synack_with_wrong_syn_delta":0,"4whs_wrong_seq":0,"4whs_wrong_seq_delta":0,"4whs_invalid_ack":0,"4whs_invalid_ack_delta":0,"closewait_ack_out_of_window":0,"closewait_ack_out_of_window_delta":0,"closewait_fin_out_of_window":0,"closewait_fin_out_of_window_delta":0,"closewait_pkt_before_last_ack":0,"closewait_pkt_before_last_ack_delta":0,"closewait_invalid_ack":0,"closewait_invalid_ack_delta":0,"closing_ack_wrong_seq":0,"closing_ack_wrong_seq_delta":0,"closing_invalid_ack":0,"closing_invalid_ack_delta":0,"est_packet_out_of_window":0,"est_packet_out_of_window_delta":0,"est_pkt_before_last_ack":0,"est_pkt_before_last_ack_delta":0,"est_synack_resend":0,"est_synack_resend_delta":0,"est_synack_resend_with_diff_ack":0,"est_synack_resend_with_diff_ack_delta":0,"est_synack_resend_with_diff_seq":0,"est_synack_resend_with_diff_seq_delta":0,"est_synack_toserver":0,"est_synack_toserver_delta":0,"est_syn_resend":0,"est_syn_resend_delta":0,"est_syn_resend_diff_seq":0,"est_syn_resend_diff_seq_delta":0,"est_syn_toclient":0,"est_syn_toclient_delta":0,"est_invalid_ack":0,"est_invalid_ack_delta":0,"fin_invalid_ack":0,"fin_invalid_ack_delta":0,"fin1_ack_wrong_seq":0,"fin1_ack_wrong_seq_delta":0,"fin1_fin_wrong_seq":0,"fin1_fin_wrong_seq_delta":0,"fin1_invalid_ack":0,"fin1_invalid_ack_delta":0,"fin2_ack_wrong_seq":0,"fin2_ack_wrong_seq_delta":0,"fin2_fin_wrong_seq":0,"fin2_fin_wrong_seq_delta":0,"fin2_invalid_ack":0,"fin2_invalid_ack_delta":0,"fin_but_no_session":0,"fin_but_no_session_delta":0,"fin_out_of_window":0,"fin_out_of_window_delta":0,"lastack_ack_wrong_seq":0,"lastack_ack_wrong_seq_delta":0,"lastack_invalid_ack":0,"lastack_invalid_ack_delta":0,"rst_but_no_session":0,"rst_but_no_session_delta":0,"timewait_ack_wrong_seq":0,"timewait_ack_wrong_seq_delta":0,"timewait_invalid_ack":0,"timewait_invalid_ack_delta":0,"shutdown_syn_resend":0,"shutdown_syn_resend_delta":0,"pkt_invalid_timestamp":0,"pkt_invalid_timestamp_delta":0,"pkt_invalid_ack":0,"pkt_invalid_ack_delta":0,"pkt_broken_ack":0,"pkt_broken_ack_delta":0,"rst_invalid_ack":0,"rst_invalid_ack_delta":0,"pkt_retransmission":0,"pkt_retransmission_delta":0,"pkt_bad_window_update":0,"pkt_bad_window_update_delta":0,"suspected_rst_inject":0,"suspected_rst_inject_delta":0,"wrong_thread":0,"wrong_thread_delta":0,"reassembly_segment_before_base_seq":0,"reassembly_segment_before_base_seq_delta":0,"reassembly_no_segment":0,"reassembly_no_segment_delta":0,"reassembly_seq_gap":0,"reassembly_seq_gap_delta":0,"reassembly_overlap_different_data":0,"reassembly_overlap_different_data_delta":0},"tcp":{"sessions":0,"sessions_delta":0,"ssn_memcap_drop":0,"ssn_memcap_drop_delta":0,"pseudo":0,"pseudo_delta":0,"pseudo_failed":0,"pseudo_failed_delta":0,"invalid_checksum":0,"invalid_checksum_delta":0,"no_flow":0,"no_flow_delta":0,"syn":0,"syn_delta":0,"synack":0,"synack_delta":0,"rst":0,"rst_delta":0,"midstream_pickups":0,"midstream_pickups_delta":0,"pkt_on_wrong_thread":0,"pkt_on_wrong_thread_delta":0,"segment_memcap_drop":0,"segment_memcap_drop_delta":0,"stream_depth_reached":0,"stream_depth_reached_delta":0,"reassembly_gap":0,"reassembly_gap_delta":0,"overlap":0,"overlap_delta":0,"overlap_diff_data":0,"overlap_diff_data_delta":0,"insert_data_normal_fail":0,"insert_data_normal_fail_delta":0,"insert_data_overlap_fail":0,"insert_data_overlap_fail_delta":0,"insert_list_fail":0,"insert_list_fail_delta":0},"detect":{"engines":[{"id":0,"last_reload":"2019-10-02T05:32:10.214936+0000","rules_loaded":19231,"rules_failed":0}],"alert":0,"alert_delta":0},"file_store":{"open_files_max_hit":0,"open_files_max_hit_delta":0,"fs_errors":0,"fs_errors_delta":0},"app_layer":{"flow":{"http":0,"http_delta":0,"ftp":0,"ftp_delta":0,"smtp":0,"smtp_delta":0,"tls":0,"tls_delta":0,"ssh":0,"ssh_delta":0,"imap":0,"imap_delta":0,"msn":0,"msn_delta":0,"smb":0,"smb_delta":0,"dcerpc_tcp":0,"dcerpc_tcp_delta":0,"dns_tcp":0,"dns_tcp_delta":0,"modbus":0,"modbus_delta":0,"enip_tcp":0,"enip_tcp_delta":0,"dnp3":0,"dnp3_delta":0,"nfs_tcp":0,"nfs_tcp_delta":0,"ntp":0,"ntp_delta":0,"ftp-data":0,"ftp-data_delta":0,"tftp":0,"tftp_delta":0,"ikev2":0,"ikev2_delta":0,"krb5_tcp":0,"krb5_tcp_delta":0,"dhcp":0,"dhcp_delta":0,"failed_tcp":0,"failed_tcp_delta":0,"dcerpc_udp":0,"dcerpc_udp_delta":0,"dns_udp":0,"dns_udp_delta":0,"enip_udp":0,"enip_udp_delta":0,"nfs_udp":0,"nfs_udp_delta":0,"krb5_udp":0,"krb5_udp_delta":0,"failed_udp":0,"failed_udp_delta":0},"tx":{"http":0,"http_delta":0,"ftp":0,"ftp_delta":0,"smtp":0,"smtp_delta":0,"tls":0,"tls_delta":0,"ssh":0,"ssh_delta":0,"smb":0,"smb_delta":0,"dcerpc_tcp":0,"dcerpc_tcp_delta":0,"dns_tcp":0,"dns_tcp_delta":0,"modbus":0,"modbus_delta":0,"enip_tcp":0,"enip_tcp_delta":0,"dnp3":0,"dnp3_delta":0,"nfs_tcp":0,"nfs_tcp_delta":0,"ftp-data":0,"ftp-data_delta":0,"krb5_tcp":0,"krb5_tcp_delta":0,"dcerpc_udp":0,"dcerpc_udp_delta":0,"dns_udp":0,"dns_udp_delta":0,"enip_udp":0,"enip_udp_delta":0,"nfs_udp":0,"nfs_udp_delta":0,"ntp":0,"ntp_delta":0,"tftp":0,"tftp_delta":0,"ikev2":0,"ikev2_delta":0,"krb5_udp":0,"krb5_udp_delta":0,"dhcp":0,"dhcp_delta":0}}},"W#05":{"decoder":{"pkts":0,"pkts_delta":0,"bytes":0,"bytes_delta":0,"invalid":0,"invalid_delta":0,"ipv4":0,"ipv4_delta":0,"ipv6":0,"ipv6_delta":0,"ethernet":0,"ethernet_delta":0,"raw":0,"raw_delta":0,"null":0,"null_delta":0,"sll":0,"sll_delta":0,"tcp":0,"tcp_delta":0,"udp":0,"udp_delta":0,"sctp":0,"sctp_delta":0,"icmpv4":0,"icmpv4_delta":0,"icmpv6":0,"icmpv6_delta":0,"ppp":0,"ppp_delta":0,"pppoe":0,"pppoe_delta":0,"gre":0,"gre_delta":0,"vlan":0,"vlan_delta":0,"vlan_qinq":0,"vlan_qinq_delta":0,"ieee8021ah":0,"ieee8021ah_delta":0,"teredo":0,"teredo_delta":0,"ipv4_in_ipv6":0,"ipv4_in_ipv6_delta":0,"ipv6_in_ipv6":0,"ipv6_in_ipv6_delta":0,"mpls":0,"mpls_delta":0,"avg_pkt_size":0,"avg_pkt_size_delta":0,"max_pkt_size":0,"max_pkt_size_delta":0,"erspan":0,"erspan_delta":0,"event":{"ipv4":{"pkt_too_small":0,"pkt_too_small_delta":0,"hlen_too_small":0,"hlen_too_small_delta":0,"iplen_smaller_than_hlen":0,"iplen_smaller_than_hlen_delta":0,"trunc_pkt":0,"trunc_pkt_delta":0,"opt_invalid":0,"opt_invalid_delta":0,"opt_invalid_len":0,"opt_invalid_len_delta":0,"opt_malformed":0,"opt_malformed_delta":0,"opt_pad_required":0,"opt_pad_required_delta":0,"opt_eol_required":0,"opt_eol_required_delta":0,"opt_duplicate":0,"opt_duplicate_delta":0,"opt_unknown":0,"opt_unknown_delta":0,"wrong_ip_version":0,"wrong_ip_version_delta":0,"icmpv6":0,"icmpv6_delta":0,"frag_pkt_too_large":0,"frag_pkt_too_large_delta":0,"frag_overlap":0,"frag_overlap_delta":0,"frag_ignored":0,"frag_ignored_delta":0},"icmpv4":{"pkt_too_small":0,"pkt_too_small_delta":0,"unknown_type":0,"unknown_type_delta":0,"unknown_code":0,"unknown_code_delta":0,"ipv4_trunc_pkt":0,"ipv4_trunc_pkt_delta":0,"ipv4_unknown_ver":0,"ipv4_unknown_ver_delta":0},"icmpv6":{"unknown_type":0,"unknown_type_delta":0,"unknown_code":0,"unknown_code_delta":0,"pkt_too_small":0,"pkt_too_small_delta":0,"ipv6_unknown_version":0,"ipv6_unknown_version_delta":0,"ipv6_trunc_pkt":0,"ipv6_trunc_pkt_delta":0,"mld_message_with_invalid_hl":0,"mld_message_with_invalid_hl_delta":0,"unassigned_type":0,"unassigned_type_delta":0,"experimentation_type":0,"experimentation_type_delta":0},"ipv6":{"pkt_too_small":0,"pkt_too_small_delta":0,"trunc_pkt":0,"trunc_pkt_delta":0,"trunc_exthdr":0,"trunc_exthdr_delta":0,"exthdr_dupl_fh":0,"exthdr_dupl_fh_delta":0,"exthdr_useless_fh":0,"exthdr_useless_fh_delta":0,"exthdr_dupl_rh":0,"exthdr_dupl_rh_delta":0,"exthdr_dupl_hh":0,"exthdr_dupl_hh_delta":0,"exthdr_dupl_dh":0,"exthdr_dupl_dh_delta":0,"exthdr_dupl_ah":0,"exthdr_dupl_ah_delta":0,"exthdr_dupl_eh":0,"exthdr_dupl_eh_delta":0,"exthdr_invalid_optlen":0,"exthdr_invalid_optlen_delta":0,"wrong_ip_version":0,"wrong_ip_version_delta":0,"exthdr_ah_res_not_null":0,"exthdr_ah_res_not_null_delta":0,"hopopts_unknown_opt":0,"hopopts_unknown_opt_delta":0,"hopopts_only_padding":0,"hopopts_only_padding_delta":0,"dstopts_unknown_opt":0,"dstopts_unknown_opt_delta":0,"dstopts_only_padding":0,"dstopts_only_padding_delta":0,"rh_type_0":0,"rh_type_0_delta":0,"zero_len_padn":0,"zero_len_padn_delta":0,"fh_non_zero_reserved_field":0,"fh_non_zero_reserved_field_delta":0,"data_after_none_header":0,"data_after_none_header_delta":0,"unknown_next_header":0,"unknown_next_header_delta":0,"icmpv4":0,"icmpv4_delta":0,"frag_pkt_too_large":0,"frag_pkt_too_large_delta":0,"frag_overlap":0,"frag_overlap_delta":0,"frag_ignored":0,"frag_ignored_delta":0,"ipv4_in_ipv6_too_small":0,"ipv4_in_ipv6_too_small_delta":0,"ipv4_in_ipv6_wrong_version":0,"ipv4_in_ipv6_wrong_version_delta":0,"ipv6_in_ipv6_too_small":0,"ipv6_in_ipv6_too_small_delta":0,"ipv6_in_ipv6_wrong_version":0,"ipv6_in_ipv6_wrong_version_delta":0},"tcp":{"pkt_too_small":0,"pkt_too_small_delta":0,"hlen_too_small":0,"hlen_too_small_delta":0,"invalid_optlen":0,"invalid_optlen_delta":0,"opt_invalid_len":0,"opt_invalid_len_delta":0,"opt_duplicate":0,"opt_duplicate_delta":0},"udp":{"pkt_too_small":0,"pkt_too_small_delta":0,"hlen_too_small":0,"hlen_too_small_delta":0,"hlen_invalid":0,"hlen_invalid_delta":0},"sll":{"pkt_too_small":0,"pkt_too_small_delta":0},"ethernet":{"pkt_too_small":0,"pkt_too_small_delta":0},"ppp":{"pkt_too_small":0,"pkt_too_small_delta":0,"vju_pkt_too_small":0,"vju_pkt_too_small_delta":0,"ip4_pkt_too_small":0,"ip4_pkt_too_small_delta":0,"ip6_pkt_too_small":0,"ip6_pkt_too_small_delta":0,"wrong_type":0,"wrong_type_delta":0,"unsup_proto":0,"unsup_proto_delta":0},"pppoe":{"pkt_too_small":0,"pkt_too_small_delta":0,"wrong_code":0,"wrong_code_delta":0,"malformed_tags":0,"malformed_tags_delta":0},"gre":{"pkt_too_small":0,"pkt_too_small_delta":0,"wrong_version":0,"wrong_version_delta":0,"version0_recur":0,"version0_recur_delta":0,"version0_flags":0,"version0_flags_delta":0,"version0_hdr_too_big":0,"version0_hdr_too_big_delta":0,"version0_malformed_sre_hdr":0,"version0_malformed_sre_hdr_delta":0,"version1_chksum":0,"version1_chksum_delta":0,"version1_route":0,"version1_route_delta":0,"version1_ssr":0,"version1_ssr_delta":0,"version1_recur":0,"version1_recur_delta":0,"version1_flags":0,"version1_flags_delta":0,"version1_no_key":0,"version1_no_key_delta":0,"version1_wrong_protocol":0,"version1_wrong_protocol_delta":0,"version1_malformed_sre_hdr":0,"version1_malformed_sre_hdr_delta":0,"version1_hdr_too_big":0,"version1_hdr_too_big_delta":0},"vlan":{"header_too_small":0,"header_too_small_delta":0,"unknown_type":0,"unknown_type_delta":0,"too_many_layers":0,"too_many_layers_delta":0},"ieee8021ah":{"header_too_small":0,"header_too_small_delta":0},"ipraw":{"invalid_ip_version":0,"invalid_ip_version_delta":0},"ltnull":{"pkt_too_small":0,"pkt_too_small_delta":0,"unsupported_type":0,"unsupported_type_delta":0},"sctp":{"pkt_too_small":0,"pkt_too_small_delta":0},"mpls":{"header_too_small":0,"header_too_small_delta":0,"pkt_too_small":0,"pkt_too_small_delta":0,"bad_label_router_alert":0,"bad_label_router_alert_delta":0,"bad_label_implicit_null":0,"bad_label_implicit_null_delta":0,"bad_label_reserved":0,"bad_label_reserved_delta":0,"unknown_payload_type":0,"unknown_payload_type_delta":0},"erspan":{"header_too_small":0,"header_too_small_delta":0,"unsupported_version":0,"unsupported_version_delta":0,"too_many_vlan_layers":0,"too_many_vlan_layers_delta":0}},"dce":{"pkt_too_small":0,"pkt_too_small_delta":0}},"flow":{"memcap":0,"memcap_delta":0,"tcp":1,"tcp_delta":1,"udp":0,"udp_delta":0,"icmpv4":0,"icmpv4_delta":0,"icmpv6":0,"icmpv6_delta":0},"defrag":{"ipv4":{"fragments":0,"fragments_delta":0,"reassembled":0,"reassembled_delta":0,"timeouts":0,"timeouts_delta":0},"ipv6":{"fragments":0,"fragments_delta":0,"reassembled":0,"reassembled_delta":0,"timeouts":0,"timeouts_delta":0},"max_frag_hits":0,"max_frag_hits_delta":0},"stream":{"3whs_ack_in_wrong_dir":0,"3whs_ack_in_wrong_dir_delta":0,"3whs_async_wrong_seq":0,"3whs_async_wrong_seq_delta":0,"3whs_right_seq_wrong_ack_evasion":0,"3whs_right_seq_wrong_ack_evasion_delta":0,"3whs_synack_in_wrong_direction":0,"3whs_synack_in_wrong_direction_delta":0,"3whs_synack_resend_with_diff_ack":0,"3whs_synack_resend_with_diff_ack_delta":0,"3whs_synack_resend_with_diff_seq":0,"3whs_synack_resend_with_diff_seq_delta":0,"3whs_synack_toserver_on_syn_recv":0,"3whs_synack_toserver_on_syn_recv_delta":0,"3whs_synack_with_wrong_ack":0,"3whs_synack_with_wrong_ack_delta":0,"3whs_synack_flood":0,"3whs_synack_flood_delta":0,"3whs_syn_resend_diff_seq_on_syn_recv":0,"3whs_syn_resend_diff_seq_on_syn_recv_delta":0,"3whs_syn_toclient_on_syn_recv":0,"3whs_syn_toclient_on_syn_recv_delta":0,"3whs_wrong_seq_wrong_ack":0,"3whs_wrong_seq_wrong_ack_delta":0,"3whs_ack_data_inject":0,"3whs_ack_data_inject_delta":0,"4whs_synack_with_wrong_ack":0,"4whs_synack_with_wrong_ack_delta":0,"4whs_synack_with_wrong_syn":0,"4whs_synack_with_wrong_syn_delta":0,"4whs_wrong_seq":0,"4whs_wrong_seq_delta":0,"4whs_invalid_ack":0,"4whs_invalid_ack_delta":0,"closewait_ack_out_of_window":0,"closewait_ack_out_of_window_delta":0,"closewait_fin_out_of_window":0,"closewait_fin_out_of_window_delta":0,"closewait_pkt_before_last_ack":0,"closewait_pkt_before_last_ack_delta":0,"closewait_invalid_ack":0,"closewait_invalid_ack_delta":0,"closing_ack_wrong_seq":0,"closing_ack_wrong_seq_delta":0,"closing_invalid_ack":0,"closing_invalid_ack_delta":0,"est_packet_out_of_window":0,"est_packet_out_of_window_delta":0,"est_pkt_before_last_ack":0,"est_pkt_before_last_ack_delta":0,"est_synack_resend":0,"est_synack_resend_delta":0,"est_synack_resend_with_diff_ack":0,"est_synack_resend_with_diff_ack_delta":0,"est_synack_resend_with_diff_seq":0,"est_synack_resend_with_diff_seq_delta":0,"est_synack_toserver":0,"est_synack_toserver_delta":0,"est_syn_resend":0,"est_syn_resend_delta":0,"est_syn_resend_diff_seq":0,"est_syn_resend_diff_seq_delta":0,"est_syn_toclient":0,"est_syn_toclient_delta":0,"est_invalid_ack":0,"est_invalid_ack_delta":0,"fin_invalid_ack":0,"fin_invalid_ack_delta":0,"fin1_ack_wrong_seq":0,"fin1_ack_wrong_seq_delta":0,"fin1_fin_wrong_seq":0,"fin1_fin_wrong_seq_delta":0,"fin1_invalid_ack":0,"fin1_invalid_ack_delta":0,"fin2_ack_wrong_seq":0,"fin2_ack_wrong_seq_delta":0,"fin2_fin_wrong_seq":0,"fin2_fin_wrong_seq_delta":0,"fin2_invalid_ack":0,"fin2_invalid_ack_delta":0,"fin_but_no_session":0,"fin_but_no_session_delta":0,"fin_out_of_window":0,"fin_out_of_window_delta":0,"lastack_ack_wrong_seq":0,"lastack_ack_wrong_seq_delta":0,"lastack_invalid_ack":0,"lastack_invalid_ack_delta":0,"rst_but_no_session":0,"rst_but_no_session_delta":0,"timewait_ack_wrong_seq":0,"timewait_ack_wrong_seq_delta":0,"timewait_invalid_ack":0,"timewait_invalid_ack_delta":0,"shutdown_syn_resend":0,"shutdown_syn_resend_delta":0,"pkt_invalid_timestamp":0,"pkt_invalid_timestamp_delta":0,"pkt_invalid_ack":0,"pkt_invalid_ack_delta":0,"pkt_broken_ack":0,"pkt_broken_ack_delta":0,"rst_invalid_ack":0,"rst_invalid_ack_delta":0,"pkt_retransmission":0,"pkt_retransmission_delta":0,"pkt_bad_window_update":0,"pkt_bad_window_update_delta":0,"suspected_rst_inject":0,"suspected_rst_inject_delta":0,"wrong_thread":0,"wrong_thread_delta":0,"reassembly_segment_before_base_seq":0,"reassembly_segment_before_base_seq_delta":0,"reassembly_no_segment":0,"reassembly_no_segment_delta":0,"reassembly_seq_gap":0,"reassembly_seq_gap_delta":0,"reassembly_overlap_different_data":0,"reassembly_overlap_different_data_delta":0},"tcp":{"sessions":0,"sessions_delta":0,"ssn_memcap_drop":0,"ssn_memcap_drop_delta":0,"pseudo":0,"pseudo_delta":0,"pseudo_failed":0,"pseudo_failed_delta":0,"invalid_checksum":0,"invalid_checksum_delta":0,"no_flow":0,"no_flow_delta":0,"syn":0,"syn_delta":0,"synack":0,"synack_delta":0,"rst":0,"rst_delta":0,"midstream_pickups":0,"midstream_pickups_delta":0,"pkt_on_wrong_thread":0,"pkt_on_wrong_thread_delta":0,"segment_memcap_drop":0,"segment_memcap_drop_delta":0,"stream_depth_reached":0,"stream_depth_reached_delta":0,"reassembly_gap":0,"reassembly_gap_delta":0,"overlap":0,"overlap_delta":0,"overlap_diff_data":0,"overlap_diff_data_delta":0,"insert_data_normal_fail":0,"insert_data_normal_fail_delta":0,"insert_data_overlap_fail":0,"insert_data_overlap_fail_delta":0,"insert_list_fail":0,"insert_list_fail_delta":0},"detect":{"engines":[{"id":0,"last_reload":"2019-10-02T05:32:10.214936+0000","rules_loaded":19231,"rules_failed":0}],"alert":2,"alert_delta":2},"file_store":{"open_files_max_hit":0,"open_files_max_hit_delta":0,"fs_errors":0,"fs_errors_delta":0},"app_layer":{"flow":{"http":0,"http_delta":0,"ftp":0,"ftp_delta":0,"smtp":0,"smtp_delta":0,"tls":0,"tls_delta":0,"ssh":0,"ssh_delta":0,"imap":0,"imap_delta":0,"msn":0,"msn_delta":0,"smb":0,"smb_delta":0,"dcerpc_tcp":0,"dcerpc_tcp_delta":0,"dns_tcp":0,"dns_tcp_delta":0,"modbus":0,"modbus_delta":0,"enip_tcp":0,"enip_tcp_delta":0,"dnp3":0,"dnp3_delta":0,"nfs_tcp":0,"nfs_tcp_delta":0,"ntp":0,"ntp_delta":0,"ftp-data":0,"ftp-data_delta":0,"tftp":0,"tftp_delta":0,"ikev2":0,"ikev2_delta":0,"krb5_tcp":0,"krb5_tcp_delta":0,"dhcp":0,"dhcp_delta":0,"failed_tcp":0,"failed_tcp_delta":0,"dcerpc_udp":0,"dcerpc_udp_delta":0,"dns_udp":0,"dns_udp_delta":0,"enip_udp":0,"enip_udp_delta":0,"nfs_udp":0,"nfs_udp_delta":0,"krb5_udp":0,"krb5_udp_delta":0,"failed_udp":0,"failed_udp_delta":0},"tx":{"http":0,"http_delta":0,"ftp":0,"ftp_delta":0,"smtp":0,"smtp_delta":0,"tls":0,"tls_delta":0,"ssh":0,"ssh_delta":0,"smb":0,"smb_delta":0,"dcerpc_tcp":0,"dcerpc_tcp_delta":0,"dns_tcp":0,"dns_tcp_delta":0,"modbus":0,"modbus_delta":0,"enip_tcp":0,"enip_tcp_delta":0,"dnp3":0,"dnp3_delta":0,"nfs_tcp":0,"nfs_tcp_delta":0,"ftp-data":0,"ftp-data_delta":0,"krb5_tcp":0,"krb5_tcp_delta":0,"dcerpc_udp":0,"dcerpc_udp_delta":0,"dns_udp":0,"dns_udp_delta":0,"enip_udp":0,"enip_udp_delta":0,"nfs_udp":0,"nfs_udp_delta":0,"ntp":0,"ntp_delta":0,"tftp":0,"tftp_delta":0,"ikev2":0,"ikev2_delta":0,"krb5_udp":0,"krb5_udp_delta":0,"dhcp":0,"dhcp_delta":0}}},"W#06":{"decoder":{"pkts":0,"pkts_delta":0,"bytes":0,"bytes_delta":0,"invalid":0,"invalid_delta":0,"ipv4":0,"ipv4_delta":0,"ipv6":0,"ipv6_delta":0,"ethernet":0,"ethernet_delta":0,"raw":0,"raw_delta":0,"null":0,"null_delta":0,"sll":0,"sll_delta":0,"tcp":0,"tcp_delta":0,"udp":0,"udp_delta":0,"sctp":0,"sctp_delta":0,"icmpv4":0,"icmpv4_delta":0,"icmpv6":0,"icmpv6_delta":0,"ppp":0,"ppp_delta":0,"pppoe":0,"pppoe_delta":0,"gre":0,"gre_delta":0,"vlan":0,"vlan_delta":0,"vlan_qinq":0,"vlan_qinq_delta":0,"ieee8021ah":0,"ieee8021ah_delta":0,"teredo":0,"teredo_delta":0,"ipv4_in_ipv6":0,"ipv4_in_ipv6_delta":0,"ipv6_in_ipv6":0,"ipv6_in_ipv6_delta":0,"mpls":0,"mpls_delta":0,"avg_pkt_size":0,"avg_pkt_size_delta":0,"max_pkt_size":0,"max_pkt_size_delta":0,"erspan":0,"erspan_delta":0,"event":{"ipv4":{"pkt_too_small":0,"pkt_too_small_delta":0,"hlen_too_small":0,"hlen_too_small_delta":0,"iplen_smaller_than_hlen":0,"iplen_smaller_than_hlen_delta":0,"trunc_pkt":0,"trunc_pkt_delta":0,"opt_invalid":0,"opt_invalid_delta":0,"opt_invalid_len":0,"opt_invalid_len_delta":0,"opt_malformed":0,"opt_malformed_delta":0,"opt_pad_required":0,"opt_pad_required_delta":0,"opt_eol_required":0,"opt_eol_required_delta":0,"opt_duplicate":0,"opt_duplicate_delta":0,"opt_unknown":0,"opt_unknown_delta":0,"wrong_ip_version":0,"wrong_ip_version_delta":0,"icmpv6":0,"icmpv6_delta":0,"frag_pkt_too_large":0,"frag_pkt_too_large_delta":0,"frag_overlap":0,"frag_overlap_delta":0,"frag_ignored":0,"frag_ignored_delta":0},"icmpv4":{"pkt_too_small":0,"pkt_too_small_delta":0,"unknown_type":0,"unknown_type_delta":0,"unknown_code":0,"unknown_code_delta":0,"ipv4_trunc_pkt":0,"ipv4_trunc_pkt_delta":0,"ipv4_unknown_ver":0,"ipv4_unknown_ver_delta":0},"icmpv6":{"unknown_type":0,"unknown_type_delta":0,"unknown_code":0,"unknown_code_delta":0,"pkt_too_small":0,"pkt_too_small_delta":0,"ipv6_unknown_version":0,"ipv6_unknown_version_delta":0,"ipv6_trunc_pkt":0,"ipv6_trunc_pkt_delta":0,"mld_message_with_invalid_hl":0,"mld_message_with_invalid_hl_delta":0,"unassigned_type":0,"unassigned_type_delta":0,"experimentation_type":0,"experimentation_type_delta":0},"ipv6":{"pkt_too_small":0,"pkt_too_small_delta":0,"trunc_pkt":0,"trunc_pkt_delta":0,"trunc_exthdr":0,"trunc_exthdr_delta":0,"exthdr_dupl_fh":0,"exthdr_dupl_fh_delta":0,"exthdr_useless_fh":0,"exthdr_useless_fh_delta":0,"exthdr_dupl_rh":0,"exthdr_dupl_rh_delta":0,"exthdr_dupl_hh":0,"exthdr_dupl_hh_delta":0,"exthdr_dupl_dh":0,"exthdr_dupl_dh_delta":0,"exthdr_dupl_ah":0,"exthdr_dupl_ah_delta":0,"exthdr_dupl_eh":0,"exthdr_dupl_eh_delta":0,"exthdr_invalid_optlen":0,"exthdr_invalid_optlen_delta":0,"wrong_ip_version":0,"wrong_ip_version_delta":0,"exthdr_ah_res_not_null":0,"exthdr_ah_res_not_null_delta":0,"hopopts_unknown_opt":0,"hopopts_unknown_opt_delta":0,"hopopts_only_padding":0,"hopopts_only_padding_delta":0,"dstopts_unknown_opt":0,"dstopts_unknown_opt_delta":0,"dstopts_only_padding":0,"dstopts_only_padding_delta":0,"rh_type_0":0,"rh_type_0_delta":0,"zero_len_padn":0,"zero_len_padn_delta":0,"fh_non_zero_reserved_field":0,"fh_non_zero_reserved_field_delta":0,"data_after_none_header":0,"data_after_none_header_delta":0,"unknown_next_header":0,"unknown_next_header_delta":0,"icmpv4":0,"icmpv4_delta":0,"frag_pkt_too_large":0,"frag_pkt_too_large_delta":0,"frag_overlap":0,"frag_overlap_delta":0,"frag_ignored":0,"frag_ignored_delta":0,"ipv4_in_ipv6_too_small":0,"ipv4_in_ipv6_too_small_delta":0,"ipv4_in_ipv6_wrong_version":0,"ipv4_in_ipv6_wrong_version_delta":0,"ipv6_in_ipv6_too_small":0,"ipv6_in_ipv6_too_small_delta":0,"ipv6_in_ipv6_wrong_version":0,"ipv6_in_ipv6_wrong_version_delta":0},"tcp":{"pkt_too_small":0,"pkt_too_small_delta":0,"hlen_too_small":0,"hlen_too_small_delta":0,"invalid_optlen":0,"invalid_optlen_delta":0,"opt_invalid_len":0,"opt_invalid_len_delta":0,"opt_duplicate":0,"opt_duplicate_delta":0},"udp":{"pkt_too_small":0,"pkt_too_small_delta":0,"hlen_too_small":0,"hlen_too_small_delta":0,"hlen_invalid":0,"hlen_invalid_delta":0},"sll":{"pkt_too_small":0,"pkt_too_small_delta":0},"ethernet":{"pkt_too_small":0,"pkt_too_small_delta":0},"ppp":{"pkt_too_small":0,"pkt_too_small_delta":0,"vju_pkt_too_small":0,"vju_pkt_too_small_delta":0,"ip4_pkt_too_small":0,"ip4_pkt_too_small_delta":0,"ip6_pkt_too_small":0,"ip6_pkt_too_small_delta":0,"wrong_type":0,"wrong_type_delta":0,"unsup_proto":0,"unsup_proto_delta":0},"pppoe":{"pkt_too_small":0,"pkt_too_small_delta":0,"wrong_code":0,"wrong_code_delta":0,"malformed_tags":0,"malformed_tags_delta":0},"gre":{"pkt_too_small":0,"pkt_too_small_delta":0,"wrong_version":0,"wrong_version_delta":0,"version0_recur":0,"version0_recur_delta":0,"version0_flags":0,"version0_flags_delta":0,"version0_hdr_too_big":0,"version0_hdr_too_big_delta":0,"version0_malformed_sre_hdr":0,"version0_malformed_sre_hdr_delta":0,"version1_chksum":0,"version1_chksum_delta":0,"version1_route":0,"version1_route_delta":0,"version1_ssr":0,"version1_ssr_delta":0,"version1_recur":0,"version1_recur_delta":0,"version1_flags":0,"version1_flags_delta":0,"version1_no_key":0,"version1_no_key_delta":0,"version1_wrong_protocol":0,"version1_wrong_protocol_delta":0,"version1_malformed_sre_hdr":0,"version1_malformed_sre_hdr_delta":0,"version1_hdr_too_big":0,"version1_hdr_too_big_delta":0},"vlan":{"header_too_small":0,"header_too_small_delta":0,"unknown_type":0,"unknown_type_delta":0,"too_many_layers":0,"too_many_layers_delta":0},"ieee8021ah":{"header_too_small":0,"header_too_small_delta":0},"ipraw":{"invalid_ip_version":0,"invalid_ip_version_delta":0},"ltnull":{"pkt_too_small":0,"pkt_too_small_delta":0,"unsupported_type":0,"unsupported_type_delta":0},"sctp":{"pkt_too_small":0,"pkt_too_small_delta":0},"mpls":{"header_too_small":0,"header_too_small_delta":0,"pkt_too_small":0,"pkt_too_small_delta":0,"bad_label_router_alert":0,"bad_label_router_alert_delta":0,"bad_label_implicit_null":0,"bad_label_implicit_null_delta":0,"bad_label_reserved":0,"bad_label_reserved_delta":0,"unknown_payload_type":0,"unknown_payload_type_delta":0},"erspan":{"header_too_small":0,"header_too_small_delta":0,"unsupported_version":0,"unsupported_version_delta":0,"too_many_vlan_layers":0,"too_many_vlan_layers_delta":0}},"dce":{"pkt_too_small":0,"pkt_too_small_delta":0}},"flow":{"memcap":0,"memcap_delta":0,"tcp":0,"tcp_delta":0,"udp":0,"udp_delta":0,"icmpv4":0,"icmpv4_delta":0,"icmpv6":0,"icmpv6_delta":0},"defrag":{"ipv4":{"fragments":0,"fragments_delta":0,"reassembled":0,"reassembled_delta":0,"timeouts":0,"timeouts_delta":0},"ipv6":{"fragments":0,"fragments_delta":0,"reassembled":0,"reassembled_delta":0,"timeouts":0,"timeouts_delta":0},"max_frag_hits":0,"max_frag_hits_delta":0},"stream":{"3whs_ack_in_wrong_dir":0,"3whs_ack_in_wrong_dir_delta":0,"3whs_async_wrong_seq":0,"3whs_async_wrong_seq_delta":0,"3whs_right_seq_wrong_ack_evasion":0,"3whs_right_seq_wrong_ack_evasion_delta":0,"3whs_synack_in_wrong_direction":0,"3whs_synack_in_wrong_direction_delta":0,"3whs_synack_resend_with_diff_ack":0,"3whs_synack_resend_with_diff_ack_delta":0,"3whs_synack_resend_with_diff_seq":0,"3whs_synack_resend_with_diff_seq_delta":0,"3whs_synack_toserver_on_syn_recv":0,"3whs_synack_toserver_on_syn_recv_delta":0,"3whs_synack_with_wrong_ack":0,"3whs_synack_with_wrong_ack_delta":0,"3whs_synack_flood":0,"3whs_synack_flood_delta":0,"3whs_syn_resend_diff_seq_on_syn_recv":0,"3whs_syn_resend_diff_seq_on_syn_recv_delta":0,"3whs_syn_toclient_on_syn_recv":0,"3whs_syn_toclient_on_syn_recv_delta":0,"3whs_wrong_seq_wrong_ack":0,"3whs_wrong_seq_wrong_ack_delta":0,"3whs_ack_data_inject":0,"3whs_ack_data_inject_delta":0,"4whs_synack_with_wrong_ack":0,"4whs_synack_with_wrong_ack_delta":0,"4whs_synack_with_wrong_syn":0,"4whs_synack_with_wrong_syn_delta":0,"4whs_wrong_seq":0,"4whs_wrong_seq_delta":0,"4whs_invalid_ack":0,"4whs_invalid_ack_delta":0,"closewait_ack_out_of_window":0,"closewait_ack_out_of_window_delta":0,"closewait_fin_out_of_window":0,"closewait_fin_out_of_window_delta":0,"closewait_pkt_before_last_ack":0,"closewait_pkt_before_last_ack_delta":0,"closewait_invalid_ack":0,"closewait_invalid_ack_delta":0,"closing_ack_wrong_seq":0,"closing_ack_wrong_seq_delta":0,"closing_invalid_ack":0,"closing_invalid_ack_delta":0,"est_packet_out_of_window":0,"est_packet_out_of_window_delta":0,"est_pkt_before_last_ack":0,"est_pkt_before_last_ack_delta":0,"est_synack_resend":0,"est_synack_resend_delta":0,"est_synack_resend_with_diff_ack":0,"est_synack_resend_with_diff_ack_delta":0,"est_synack_resend_with_diff_seq":0,"est_synack_resend_with_diff_seq_delta":0,"est_synack_toserver":0,"est_synack_toserver_delta":0,"est_syn_resend":0,"est_syn_resend_delta":0,"est_syn_resend_diff_seq":0,"est_syn_resend_diff_seq_delta":0,"est_syn_toclient":0,"est_syn_toclient_delta":0,"est_invalid_ack":0,"est_invalid_ack_delta":0,"fin_invalid_ack":0,"fin_invalid_ack_delta":0,"fin1_ack_wrong_seq":0,"fin1_ack_wrong_seq_delta":0,"fin1_fin_wrong_seq":0,"fin1_fin_wrong_seq_delta":0,"fin1_invalid_ack":0,"fin1_invalid_ack_delta":0,"fin2_ack_wrong_seq":0,"fin2_ack_wrong_seq_delta":0,"fin2_fin_wrong_seq":0,"fin2_fin_wrong_seq_delta":0,"fin2_invalid_ack":0,"fin2_invalid_ack_delta":0,"fin_but_no_session":0,"fin_but_no_session_delta":0,"fin_out_of_window":0,"fin_out_of_window_delta":0,"lastack_ack_wrong_seq":0,"lastack_ack_wrong_seq_delta":0,"lastack_invalid_ack":0,"lastack_invalid_ack_delta":0,"rst_but_no_session":0,"rst_but_no_session_delta":0,"timewait_ack_wrong_seq":0,"timewait_ack_wrong_seq_delta":0,"timewait_invalid_ack":0,"timewait_invalid_ack_delta":0,"shutdown_syn_resend":0,"shutdown_syn_resend_delta":0,"pkt_invalid_timestamp":0,"pkt_invalid_timestamp_delta":0,"pkt_invalid_ack":0,"pkt_invalid_ack_delta":0,"pkt_broken_ack":0,"pkt_broken_ack_delta":0,"rst_invalid_ack":0,"rst_invalid_ack_delta":0,"pkt_retransmission":0,"pkt_retransmission_delta":0,"pkt_bad_window_update":0,"pkt_bad_window_update_delta":0,"suspected_rst_inject":0,"suspected_rst_inject_delta":0,"wrong_thread":0,"wrong_thread_delta":0,"reassembly_segment_before_base_seq":0,"reassembly_segment_before_base_seq_delta":0,"reassembly_no_segment":0,"reassembly_no_segment_delta":0,"reassembly_seq_gap":0,"reassembly_seq_gap_delta":0,"reassembly_overlap_different_data":0,"reassembly_overlap_different_data_delta":0},"tcp":{"sessions":0,"sessions_delta":0,"ssn_memcap_drop":0,"ssn_memcap_drop_delta":0,"pseudo":0,"pseudo_delta":0,"pseudo_failed":0,"pseudo_failed_delta":0,"invalid_checksum":0,"invalid_checksum_delta":0,"no_flow":0,"no_flow_delta":0,"syn":0,"syn_delta":0,"synack":0,"synack_delta":0,"rst":0,"rst_delta":0,"midstream_pickups":0,"midstream_pickups_delta":0,"pkt_on_wrong_thread":0,"pkt_on_wrong_thread_delta":0,"segment_memcap_drop":0,"segment_memcap_drop_delta":0,"stream_depth_reached":0,"stream_depth_reached_delta":0,"reassembly_gap":0,"reassembly_gap_delta":0,"overlap":0,"overlap_delta":0,"overlap_diff_data":0,"overlap_diff_data_delta":0,"insert_data_normal_fail":0,"insert_data_normal_fail_delta":0,"insert_data_overlap_fail":0,"insert_data_overlap_fail_delta":0,"insert_list_fail":0,"insert_list_fail_delta":0},"detect":{"engines":[{"id":0,"last_reload":"2019-10-02T05:32:10.214936+0000","rules_loaded":19231,"rules_failed":0}],"alert":0,"alert_delta":0},"file_store":{"open_files_max_hit":0,"open_files_max_hit_delta":0,"fs_errors":0,"fs_errors_delta":0},"app_layer":{"flow":{"http":0,"http_delta":0,"ftp":0,"ftp_delta":0,"smtp":0,"smtp_delta":0,"tls":0,"tls_delta":0,"ssh":0,"ssh_delta":0,"imap":0,"imap_delta":0,"msn":0,"msn_delta":0,"smb":0,"smb_delta":0,"dcerpc_tcp":0,"dcerpc_tcp_delta":0,"dns_tcp":0,"dns_tcp_delta":0,"modbus":0,"modbus_delta":0,"enip_tcp":0,"enip_tcp_delta":0,"dnp3":0,"dnp3_delta":0,"nfs_tcp":0,"nfs_tcp_delta":0,"ntp":0,"ntp_delta":0,"ftp-data":0,"ftp-data_delta":0,"tftp":0,"tftp_delta":0,"ikev2":0,"ikev2_delta":0,"krb5_tcp":0,"krb5_tcp_delta":0,"dhcp":0,"dhcp_delta":0,"failed_tcp":0,"failed_tcp_delta":0,"dcerpc_udp":0,"dcerpc_udp_delta":0,"dns_udp":0,"dns_udp_delta":0,"enip_udp":0,"enip_udp_delta":0,"nfs_udp":0,"nfs_udp_delta":0,"krb5_udp":0,"krb5_udp_delta":0,"failed_udp":0,"failed_udp_delta":0},"tx":{"http":0,"http_delta":0,"ftp":0,"ftp_delta":0,"smtp":0,"smtp_delta":0,"tls":0,"tls_delta":0,"ssh":0,"ssh_delta":0,"smb":0,"smb_delta":0,"dcerpc_tcp":0,"dcerpc_tcp_delta":0,"dns_tcp":0,"dns_tcp_delta":0,"modbus":0,"modbus_delta":0,"enip_tcp":0,"enip_tcp_delta":0,"dnp3":0,"dnp3_delta":0,"nfs_tcp":0,"nfs_tcp_delta":0,"ftp-data":0,"ftp-data_delta":0,"krb5_tcp":0,"krb5_tcp_delta":0,"dcerpc_udp":0,"dcerpc_udp_delta":0,"dns_udp":0,"dns_udp_delta":0,"enip_udp":0,"enip_udp_delta":0,"nfs_udp":0,"nfs_udp_delta":0,"ntp":0,"ntp_delta":0,"tftp":0,"tftp_delta":0,"ikev2":0,"ikev2_delta":0,"krb5_udp":0,"krb5_udp_delta":0,"dhcp":0,"dhcp_delta":0}}},"W#07":{"decoder":{"pkts":0,"pkts_delta":0,"bytes":0,"bytes_delta":0,"invalid":0,"invalid_delta":0,"ipv4":0,"ipv4_delta":0,"ipv6":0,"ipv6_delta":0,"ethernet":0,"ethernet_delta":0,"raw":0,"raw_delta":0,"null":0,"null_delta":0,"sll":0,"sll_delta":0,"tcp":0,"tcp_delta":0,"udp":0,"udp_delta":0,"sctp":0,"sctp_delta":0,"icmpv4":0,"icmpv4_delta":0,"icmpv6":0,"icmpv6_delta":0,"ppp":0,"ppp_delta":0,"pppoe":0,"pppoe_delta":0,"gre":0,"gre_delta":0,"vlan":0,"vlan_delta":0,"vlan_qinq":0,"vlan_qinq_delta":0,"ieee8021ah":0,"ieee8021ah_delta":0,"teredo":0,"teredo_delta":0,"ipv4_in_ipv6":0,"ipv4_in_ipv6_delta":0,"ipv6_in_ipv6":0,"ipv6_in_ipv6_delta":0,"mpls":0,"mpls_delta":0,"avg_pkt_size":0,"avg_pkt_size_delta":0,"max_pkt_size":0,"max_pkt_size_delta":0,"erspan":0,"erspan_delta":0,"event":{"ipv4":{"pkt_too_small":0,"pkt_too_small_delta":0,"hlen_too_small":0,"hlen_too_small_delta":0,"iplen_smaller_than_hlen":0,"iplen_smaller_than_hlen_delta":0,"trunc_pkt":0,"trunc_pkt_delta":0,"opt_invalid":0,"opt_invalid_delta":0,"opt_invalid_len":0,"opt_invalid_len_delta":0,"opt_malformed":0,"opt_malformed_delta":0,"opt_pad_required":0,"opt_pad_required_delta":0,"opt_eol_required":0,"opt_eol_required_delta":0,"opt_duplicate":0,"opt_duplicate_delta":0,"opt_unknown":0,"opt_unknown_delta":0,"wrong_ip_version":0,"wrong_ip_version_delta":0,"icmpv6":0,"icmpv6_delta":0,"frag_pkt_too_large":0,"frag_pkt_too_large_delta":0,"frag_overlap":0,"frag_overlap_delta":0,"frag_ignored":0,"frag_ignored_delta":0},"icmpv4":{"pkt_too_small":0,"pkt_too_small_delta":0,"unknown_type":0,"unknown_type_delta":0,"unknown_code":0,"unknown_code_delta":0,"ipv4_trunc_pkt":0,"ipv4_trunc_pkt_delta":0,"ipv4_unknown_ver":0,"ipv4_unknown_ver_delta":0},"icmpv6":{"unknown_type":0,"unknown_type_delta":0,"unknown_code":0,"unknown_code_delta":0,"pkt_too_small":0,"pkt_too_small_delta":0,"ipv6_unknown_version":0,"ipv6_unknown_version_delta":0,"ipv6_trunc_pkt":0,"ipv6_trunc_pkt_delta":0,"mld_message_with_invalid_hl":0,"mld_message_with_invalid_hl_delta":0,"unassigned_type":0,"unassigned_type_delta":0,"experimentation_type":0,"experimentation_type_delta":0},"ipv6":{"pkt_too_small":0,"pkt_too_small_delta":0,"trunc_pkt":0,"trunc_pkt_delta":0,"trunc_exthdr":0,"trunc_exthdr_delta":0,"exthdr_dupl_fh":0,"exthdr_dupl_fh_delta":0,"exthdr_useless_fh":0,"exthdr_useless_fh_delta":0,"exthdr_dupl_rh":0,"exthdr_dupl_rh_delta":0,"exthdr_dupl_hh":0,"exthdr_dupl_hh_delta":0,"exthdr_dupl_dh":0,"exthdr_dupl_dh_delta":0,"exthdr_dupl_ah":0,"exthdr_dupl_ah_delta":0,"exthdr_dupl_eh":0,"exthdr_dupl_eh_delta":0,"exthdr_invalid_optlen":0,"exthdr_invalid_optlen_delta":0,"wrong_ip_version":0,"wrong_ip_version_delta":0,"exthdr_ah_res_not_null":0,"exthdr_ah_res_not_null_delta":0,"hopopts_unknown_opt":0,"hopopts_unknown_opt_delta":0,"hopopts_only_padding":0,"hopopts_only_padding_delta":0,"dstopts_unknown_opt":0,"dstopts_unknown_opt_delta":0,"dstopts_only_padding":0,"dstopts_only_padding_delta":0,"rh_type_0":0,"rh_type_0_delta":0,"zero_len_padn":0,"zero_len_padn_delta":0,"fh_non_zero_reserved_field":0,"fh_non_zero_reserved_field_delta":0,"data_after_none_header":0,"data_after_none_header_delta":0,"unknown_next_header":0,"unknown_next_header_delta":0,"icmpv4":0,"icmpv4_delta":0,"frag_pkt_too_large":0,"frag_pkt_too_large_delta":0,"frag_overlap":0,"frag_overlap_delta":0,"frag_ignored":0,"frag_ignored_delta":0,"ipv4_in_ipv6_too_small":0,"ipv4_in_ipv6_too_small_delta":0,"ipv4_in_ipv6_wrong_version":0,"ipv4_in_ipv6_wrong_version_delta":0,"ipv6_in_ipv6_too_small":0,"ipv6_in_ipv6_too_small_delta":0,"ipv6_in_ipv6_wrong_version":0,"ipv6_in_ipv6_wrong_version_delta":0},"tcp":{"pkt_too_small":0,"pkt_too_small_delta":0,"hlen_too_small":0,"hlen_too_small_delta":0,"invalid_optlen":0,"invalid_optlen_delta":0,"opt_invalid_len":0,"opt_invalid_len_delta":0,"opt_duplicate":0,"opt_duplicate_delta":0},"udp":{"pkt_too_small":0,"pkt_too_small_delta":0,"hlen_too_small":0,"hlen_too_small_delta":0,"hlen_invalid":0,"hlen_invalid_delta":0},"sll":{"pkt_too_small":0,"pkt_too_small_delta":0},"ethernet":{"pkt_too_small":0,"pkt_too_small_delta":0},"ppp":{"pkt_too_small":0,"pkt_too_small_delta":0,"vju_pkt_too_small":0,"vju_pkt_too_small_delta":0,"ip4_pkt_too_small":0,"ip4_pkt_too_small_delta":0,"ip6_pkt_too_small":0,"ip6_pkt_too_small_delta":0,"wrong_type":0,"wrong_type_delta":0,"unsup_proto":0,"unsup_proto_delta":0},"pppoe":{"pkt_too_small":0,"pkt_too_small_delta":0,"wrong_code":0,"wrong_code_delta":0,"malformed_tags":0,"malformed_tags_delta":0},"gre":{"pkt_too_small":0,"pkt_too_small_delta":0,"wrong_version":0,"wrong_version_delta":0,"version0_recur":0,"version0_recur_delta":0,"version0_flags":0,"version0_flags_delta":0,"version0_hdr_too_big":0,"version0_hdr_too_big_delta":0,"version0_malformed_sre_hdr":0,"version0_malformed_sre_hdr_delta":0,"version1_chksum":0,"version1_chksum_delta":0,"version1_route":0,"version1_route_delta":0,"version1_ssr":0,"version1_ssr_delta":0,"version1_recur":0,"version1_recur_delta":0,"version1_flags":0,"version1_flags_delta":0,"version1_no_key":0,"version1_no_key_delta":0,"version1_wrong_protocol":0,"version1_wrong_protocol_delta":0,"version1_malformed_sre_hdr":0,"version1_malformed_sre_hdr_delta":0,"version1_hdr_too_big":0,"version1_hdr_too_big_delta":0},"vlan":{"header_too_small":0,"header_too_small_delta":0,"unknown_type":0,"unknown_type_delta":0,"too_many_layers":0,"too_many_layers_delta":0},"ieee8021ah":{"header_too_small":0,"header_too_small_delta":0},"ipraw":{"invalid_ip_version":0,"invalid_ip_version_delta":0},"ltnull":{"pkt_too_small":0,"pkt_too_small_delta":0,"unsupported_type":0,"unsupported_type_delta":0},"sctp":{"pkt_too_small":0,"pkt_too_small_delta":0},"mpls":{"header_too_small":0,"header_too_small_delta":0,"pkt_too_small":0,"pkt_too_small_delta":0,"bad_label_router_alert":0,"bad_label_router_alert_delta":0,"bad_label_implicit_null":0,"bad_label_implicit_null_delta":0,"bad_label_reserved":0,"bad_label_reserved_delta":0,"unknown_payload_type":0,"unknown_payload_type_delta":0},"erspan":{"header_too_small":0,"header_too_small_delta":0,"unsupported_version":0,"unsupported_version_delta":0,"too_many_vlan_layers":0,"too_many_vlan_layers_delta":0}},"dce":{"pkt_too_small":0,"pkt_too_small_delta":0}},"flow":{"memcap":0,"memcap_delta":0,"tcp":3,"tcp_delta":3,"udp":0,"udp_delta":0,"icmpv4":0,"icmpv4_delta":0,"icmpv6":0,"icmpv6_delta":0},"defrag":{"ipv4":{"fragments":0,"fragments_delta":0,"reassembled":0,"reassembled_delta":0,"timeouts":0,"timeouts_delta":0},"ipv6":{"fragments":0,"fragments_delta":0,"reassembled":0,"reassembled_delta":0,"timeouts":0,"timeouts_delta":0},"max_frag_hits":0,"max_frag_hits_delta":0},"stream":{"3whs_ack_in_wrong_dir":0,"3whs_ack_in_wrong_dir_delta":0,"3whs_async_wrong_seq":0,"3whs_async_wrong_seq_delta":0,"3whs_right_seq_wrong_ack_evasion":0,"3whs_right_seq_wrong_ack_evasion_delta":0,"3whs_synack_in_wrong_direction":0,"3whs_synack_in_wrong_direction_delta":0,"3whs_synack_resend_with_diff_ack":0,"3whs_synack_resend_with_diff_ack_delta":0,"3whs_synack_resend_with_diff_seq":0,"3whs_synack_resend_with_diff_seq_delta":0,"3whs_synack_toserver_on_syn_recv":0,"3whs_synack_toserver_on_syn_recv_delta":0,"3whs_synack_with_wrong_ack":0,"3whs_synack_with_wrong_ack_delta":0,"3whs_synack_flood":0,"3whs_synack_flood_delta":0,"3whs_syn_resend_diff_seq_on_syn_recv":0,"3whs_syn_resend_diff_seq_on_syn_recv_delta":0,"3whs_syn_toclient_on_syn_recv":0,"3whs_syn_toclient_on_syn_recv_delta":0,"3whs_wrong_seq_wrong_ack":0,"3whs_wrong_seq_wrong_ack_delta":0,"3whs_ack_data_inject":0,"3whs_ack_data_inject_delta":0,"4whs_synack_with_wrong_ack":0,"4whs_synack_with_wrong_ack_delta":0,"4whs_synack_with_wrong_syn":0,"4whs_synack_with_wrong_syn_delta":0,"4whs_wrong_seq":0,"4whs_wrong_seq_delta":0,"4whs_invalid_ack":0,"4whs_invalid_ack_delta":0,"closewait_ack_out_of_window":0,"closewait_ack_out_of_window_delta":0,"closewait_fin_out_of_window":0,"closewait_fin_out_of_window_delta":0,"closewait_pkt_before_last_ack":0,"closewait_pkt_before_last_ack_delta":0,"closewait_invalid_ack":0,"closewait_invalid_ack_delta":0,"closing_ack_wrong_seq":0,"closing_ack_wrong_seq_delta":0,"closing_invalid_ack":0,"closing_invalid_ack_delta":0,"est_packet_out_of_window":0,"est_packet_out_of_window_delta":0,"est_pkt_before_last_ack":0,"est_pkt_before_last_ack_delta":0,"est_synack_resend":0,"est_synack_resend_delta":0,"est_synack_resend_with_diff_ack":0,"est_synack_resend_with_diff_ack_delta":0,"est_synack_resend_with_diff_seq":0,"est_synack_resend_with_diff_seq_delta":0,"est_synack_toserver":0,"est_synack_toserver_delta":0,"est_syn_resend":0,"est_syn_resend_delta":0,"est_syn_resend_diff_seq":0,"est_syn_resend_diff_seq_delta":0,"est_syn_toclient":0,"est_syn_toclient_delta":0,"est_invalid_ack":0,"est_invalid_ack_delta":0,"fin_invalid_ack":0,"fin_invalid_ack_delta":0,"fin1_ack_wrong_seq":0,"fin1_ack_wrong_seq_delta":0,"fin1_fin_wrong_seq":0,"fin1_fin_wrong_seq_delta":0,"fin1_invalid_ack":0,"fin1_invalid_ack_delta":0,"fin2_ack_wrong_seq":0,"fin2_ack_wrong_seq_delta":0,"fin2_fin_wrong_seq":0,"fin2_fin_wrong_seq_delta":0,"fin2_invalid_ack":0,"fin2_invalid_ack_delta":0,"fin_but_no_session":0,"fin_but_no_session_delta":0,"fin_out_of_window":0,"fin_out_of_window_delta":0,"lastack_ack_wrong_seq":0,"lastack_ack_wrong_seq_delta":0,"lastack_invalid_ack":0,"lastack_invalid_ack_delta":0,"rst_but_no_session":0,"rst_but_no_session_delta":0,"timewait_ack_wrong_seq":0,"timewait_ack_wrong_seq_delta":0,"timewait_invalid_ack":0,"timewait_invalid_ack_delta":0,"shutdown_syn_resend":0,"shutdown_syn_resend_delta":0,"pkt_invalid_timestamp":0,"pkt_invalid_timestamp_delta":0,"pkt_invalid_ack":0,"pkt_invalid_ack_delta":0,"pkt_broken_ack":0,"pkt_broken_ack_delta":0,"rst_invalid_ack":0,"rst_invalid_ack_delta":0,"pkt_retransmission":0,"pkt_retransmission_delta":0,"pkt_bad_window_update":0,"pkt_bad_window_update_delta":0,"suspected_rst_inject":0,"suspected_rst_inject_delta":0,"wrong_thread":0,"wrong_thread_delta":0,"reassembly_segment_before_base_seq":0,"reassembly_segment_before_base_seq_delta":0,"reassembly_no_segment":0,"reassembly_no_segment_delta":0,"reassembly_seq_gap":0,"reassembly_seq_gap_delta":0,"reassembly_overlap_different_data":0,"reassembly_overlap_different_data_delta":0},"tcp":{"sessions":0,"sessions_delta":0,"ssn_memcap_drop":0,"ssn_memcap_drop_delta":0,"pseudo":0,"pseudo_delta":0,"pseudo_failed":0,"pseudo_failed_delta":0,"invalid_checksum":0,"invalid_checksum_delta":0,"no_flow":0,"no_flow_delta":0,"syn":0,"syn_delta":0,"synack":0,"synack_delta":0,"rst":0,"rst_delta":0,"midstream_pickups":0,"midstream_pickups_delta":0,"pkt_on_wrong_thread":0,"pkt_on_wrong_thread_delta":0,"segment_memcap_drop":0,"segment_memcap_drop_delta":0,"stream_depth_reached":0,"stream_depth_reached_delta":0,"reassembly_gap":0,"reassembly_gap_delta":0,"overlap":0,"overlap_delta":0,"overlap_diff_data":0,"overlap_diff_data_delta":0,"insert_data_normal_fail":0,"insert_data_normal_fail_delta":0,"insert_data_overlap_fail":0,"insert_data_overlap_fail_delta":0,"insert_list_fail":0,"insert_list_fail_delta":0},"detect":{"engines":[{"id":0,"last_reload":"2019-10-02T05:32:10.214936+0000","rules_loaded":19231,"rules_failed":0}],"alert":8,"alert_delta":8},"file_store":{"open_files_max_hit":0,"open_files_max_hit_delta":0,"fs_errors":0,"fs_errors_delta":0},"app_layer":{"flow":{"http":0,"http_delta":0,"ftp":0,"ftp_delta":0,"smtp":0,"smtp_delta":0,"tls":0,"tls_delta":0,"ssh":0,"ssh_delta":0,"imap":0,"imap_delta":0,"msn":0,"msn_delta":0,"smb":0,"smb_delta":0,"dcerpc_tcp":0,"dcerpc_tcp_delta":0,"dns_tcp":0,"dns_tcp_delta":0,"modbus":0,"modbus_delta":0,"enip_tcp":0,"enip_tcp_delta":0,"dnp3":0,"dnp3_delta":0,"nfs_tcp":0,"nfs_tcp_delta":0,"ntp":0,"ntp_delta":0,"ftp-data":0,"ftp-data_delta":0,"tftp":0,"tftp_delta":0,"ikev2":0,"ikev2_delta":0,"krb5_tcp":0,"krb5_tcp_delta":0,"dhcp":0,"dhcp_delta":0,"failed_tcp":0,"failed_tcp_delta":0,"dcerpc_udp":0,"dcerpc_udp_delta":0,"dns_udp":0,"dns_udp_delta":0,"enip_udp":0,"enip_udp_delta":0,"nfs_udp":0,"nfs_udp_delta":0,"krb5_udp":0,"krb5_udp_delta":0,"failed_udp":0,"failed_udp_delta":0},"tx":{"http":0,"http_delta":0,"ftp":0,"ftp_delta":0,"smtp":0,"smtp_delta":0,"tls":0,"tls_delta":0,"ssh":0,"ssh_delta":0,"smb":0,"smb_delta":0,"dcerpc_tcp":0,"dcerpc_tcp_delta":0,"dns_tcp":0,"dns_tcp_delta":0,"modbus":0,"modbus_delta":0,"enip_tcp":0,"enip_tcp_delta":0,"dnp3":0,"dnp3_delta":0,"nfs_tcp":0,"nfs_tcp_delta":0,"ftp-data":0,"ftp-data_delta":0,"krb5_tcp":0,"krb5_tcp_delta":0,"dcerpc_udp":0,"dcerpc_udp_delta":0,"dns_udp":0,"dns_udp_delta":0,"enip_udp":0,"enip_udp_delta":0,"nfs_udp":0,"nfs_udp_delta":0,"ntp":0,"ntp_delta":0,"tftp":0,"tftp_delta":0,"ikev2":0,"ikev2_delta":0,"krb5_udp":0,"krb5_udp_delta":0,"dhcp":0,"dhcp_delta":0}}},"W#08":{"decoder":{"pkts":0,"pkts_delta":0,"bytes":0,"bytes_delta":0,"invalid":0,"invalid_delta":0,"ipv4":0,"ipv4_delta":0,"ipv6":0,"ipv6_delta":0,"ethernet":0,"ethernet_delta":0,"raw":0,"raw_delta":0,"null":0,"null_delta":0,"sll":0,"sll_delta":0,"tcp":0,"tcp_delta":0,"udp":0,"udp_delta":0,"sctp":0,"sctp_delta":0,"icmpv4":0,"icmpv4_delta":0,"icmpv6":0,"icmpv6_delta":0,"ppp":0,"ppp_delta":0,"pppoe":0,"pppoe_delta":0,"gre":0,"gre_delta":0,"vlan":0,"vlan_delta":0,"vlan_qinq":0,"vlan_qinq_delta":0,"ieee8021ah":0,"ieee8021ah_delta":0,"teredo":0,"teredo_delta":0,"ipv4_in_ipv6":0,"ipv4_in_ipv6_delta":0,"ipv6_in_ipv6":0,"ipv6_in_ipv6_delta":0,"mpls":0,"mpls_delta":0,"avg_pkt_size":0,"avg_pkt_size_delta":0,"max_pkt_size":0,"max_pkt_size_delta":0,"erspan":0,"erspan_delta":0,"event":{"ipv4":{"pkt_too_small":0,"pkt_too_small_delta":0,"hlen_too_small":0,"hlen_too_small_delta":0,"iplen_smaller_than_hlen":0,"iplen_smaller_than_hlen_delta":0,"trunc_pkt":0,"trunc_pkt_delta":0,"opt_invalid":0,"opt_invalid_delta":0,"opt_invalid_len":0,"opt_invalid_len_delta":0,"opt_malformed":0,"opt_malformed_delta":0,"opt_pad_required":0,"opt_pad_required_delta":0,"opt_eol_required":0,"opt_eol_required_delta":0,"opt_duplicate":0,"opt_duplicate_delta":0,"opt_unknown":0,"opt_unknown_delta":0,"wrong_ip_version":0,"wrong_ip_version_delta":0,"icmpv6":0,"icmpv6_delta":0,"frag_pkt_too_large":0,"frag_pkt_too_large_delta":0,"frag_overlap":0,"frag_overlap_delta":0,"frag_ignored":0,"frag_ignored_delta":0},"icmpv4":{"pkt_too_small":0,"pkt_too_small_delta":0,"unknown_type":0,"unknown_type_delta":0,"unknown_code":0,"unknown_code_delta":0,"ipv4_trunc_pkt":0,"ipv4_trunc_pkt_delta":0,"ipv4_unknown_ver":0,"ipv4_unknown_ver_delta":0},"icmpv6":{"unknown_type":0,"unknown_type_delta":0,"unknown_code":0,"unknown_code_delta":0,"pkt_too_small":0,"pkt_too_small_delta":0,"ipv6_unknown_version":0,"ipv6_unknown_version_delta":0,"ipv6_trunc_pkt":0,"ipv6_trunc_pkt_delta":0,"mld_message_with_invalid_hl":0,"mld_message_with_invalid_hl_delta":0,"unassigned_type":0,"unassigned_type_delta":0,"experimentation_type":0,"experimentation_type_delta":0},"ipv6":{"pkt_too_small":0,"pkt_too_small_delta":0,"trunc_pkt":0,"trunc_pkt_delta":0,"trunc_exthdr":0,"trunc_exthdr_delta":0,"exthdr_dupl_fh":0,"exthdr_dupl_fh_delta":0,"exthdr_useless_fh":0,"exthdr_useless_fh_delta":0,"exthdr_dupl_rh":0,"exthdr_dupl_rh_delta":0,"exthdr_dupl_hh":0,"exthdr_dupl_hh_delta":0,"exthdr_dupl_dh":0,"exthdr_dupl_dh_delta":0,"exthdr_dupl_ah":0,"exthdr_dupl_ah_delta":0,"exthdr_dupl_eh":0,"exthdr_dupl_eh_delta":0,"exthdr_invalid_optlen":0,"exthdr_invalid_optlen_delta":0,"wrong_ip_version":0,"wrong_ip_version_delta":0,"exthdr_ah_res_not_null":0,"exthdr_ah_res_not_null_delta":0,"hopopts_unknown_opt":0,"hopopts_unknown_opt_delta":0,"hopopts_only_padding":0,"hopopts_only_padding_delta":0,"dstopts_unknown_opt":0,"dstopts_unknown_opt_delta":0,"dstopts_only_padding":0,"dstopts_only_padding_delta":0,"rh_type_0":0,"rh_type_0_delta":0,"zero_len_padn":0,"zero_len_padn_delta":0,"fh_non_zero_reserved_field":0,"fh_non_zero_reserved_field_delta":0,"data_after_none_header":0,"data_after_none_header_delta":0,"unknown_next_header":0,"unknown_next_header_delta":0,"icmpv4":0,"icmpv4_delta":0,"frag_pkt_too_large":0,"frag_pkt_too_large_delta":0,"frag_overlap":0,"frag_overlap_delta":0,"frag_ignored":0,"frag_ignored_delta":0,"ipv4_in_ipv6_too_small":0,"ipv4_in_ipv6_too_small_delta":0,"ipv4_in_ipv6_wrong_version":0,"ipv4_in_ipv6_wrong_version_delta":0,"ipv6_in_ipv6_too_small":0,"ipv6_in_ipv6_too_small_delta":0,"ipv6_in_ipv6_wrong_version":0,"ipv6_in_ipv6_wrong_version_delta":0},"tcp":{"pkt_too_small":0,"pkt_too_small_delta":0,"hlen_too_small":0,"hlen_too_small_delta":0,"invalid_optlen":0,"invalid_optlen_delta":0,"opt_invalid_len":0,"opt_invalid_len_delta":0,"opt_duplicate":0,"opt_duplicate_delta":0},"udp":{"pkt_too_small":0,"pkt_too_small_delta":0,"hlen_too_small":0,"hlen_too_small_delta":0,"hlen_invalid":0,"hlen_invalid_delta":0},"sll":{"pkt_too_small":0,"pkt_too_small_delta":0},"ethernet":{"pkt_too_small":0,"pkt_too_small_delta":0},"ppp":{"pkt_too_small":0,"pkt_too_small_delta":0,"vju_pkt_too_small":0,"vju_pkt_too_small_delta":0,"ip4_pkt_too_small":0,"ip4_pkt_too_small_delta":0,"ip6_pkt_too_small":0,"ip6_pkt_too_small_delta":0,"wrong_type":0,"wrong_type_delta":0,"unsup_proto":0,"unsup_proto_delta":0},"pppoe":{"pkt_too_small":0,"pkt_too_small_delta":0,"wrong_code":0,"wrong_code_delta":0,"malformed_tags":0,"malformed_tags_delta":0},"gre":{"pkt_too_small":0,"pkt_too_small_delta":0,"wrong_version":0,"wrong_version_delta":0,"version0_recur":0,"version0_recur_delta":0,"version0_flags":0,"version0_flags_delta":0,"version0_hdr_too_big":0,"version0_hdr_too_big_delta":0,"version0_malformed_sre_hdr":0,"version0_malformed_sre_hdr_delta":0,"version1_chksum":0,"version1_chksum_delta":0,"version1_route":0,"version1_route_delta":0,"version1_ssr":0,"version1_ssr_delta":0,"version1_recur":0,"version1_recur_delta":0,"version1_flags":0,"version1_flags_delta":0,"version1_no_key":0,"version1_no_key_delta":0,"version1_wrong_protocol":0,"version1_wrong_protocol_delta":0,"version1_malformed_sre_hdr":0,"version1_malformed_sre_hdr_delta":0,"version1_hdr_too_big":0,"version1_hdr_too_big_delta":0},"vlan":{"header_too_small":0,"header_too_small_delta":0,"unknown_type":0,"unknown_type_delta":0,"too_many_layers":0,"too_many_layers_delta":0},"ieee8021ah":{"header_too_small":0,"header_too_small_delta":0},"ipraw":{"invalid_ip_version":0,"invalid_ip_version_delta":0},"ltnull":{"pkt_too_small":0,"pkt_too_small_delta":0,"unsupported_type":0,"unsupported_type_delta":0},"sctp":{"pkt_too_small":0,"pkt_too_small_delta":0},"mpls":{"header_too_small":0,"header_too_small_delta":0,"pkt_too_small":0,"pkt_too_small_delta":0,"bad_label_router_alert":0,"bad_label_router_alert_delta":0,"bad_label_implicit_null":0,"bad_label_implicit_null_delta":0,"bad_label_reserved":0,"bad_label_reserved_delta":0,"unknown_payload_type":0,"unknown_payload_type_delta":0},"erspan":{"header_too_small":0,"header_too_small_delta":0,"unsupported_version":0,"unsupported_version_delta":0,"too_many_vlan_layers":0,"too_many_vlan_layers_delta":0}},"dce":{"pkt_too_small":0,"pkt_too_small_delta":0}},"flow":{"memcap":0,"memcap_delta":0,"tcp":0,"tcp_delta":0,"udp":0,"udp_delta":0,"icmpv4":0,"icmpv4_delta":0,"icmpv6":0,"icmpv6_delta":0},"defrag":{"ipv4":{"fragments":0,"fragments_delta":0,"reassembled":0,"reassembled_delta":0,"timeouts":0,"timeouts_delta":0},"ipv6":{"fragments":0,"fragments_delta":0,"reassembled":0,"reassembled_delta":0,"timeouts":0,"timeouts_delta":0},"max_frag_hits":0,"max_frag_hits_delta":0},"stream":{"3whs_ack_in_wrong_dir":0,"3whs_ack_in_wrong_dir_delta":0,"3whs_async_wrong_seq":0,"3whs_async_wrong_seq_delta":0,"3whs_right_seq_wrong_ack_evasion":0,"3whs_right_seq_wrong_ack_evasion_delta":0,"3whs_synack_in_wrong_direction":0,"3whs_synack_in_wrong_direction_delta":0,"3whs_synack_resend_with_diff_ack":0,"3whs_synack_resend_with_diff_ack_delta":0,"3whs_synack_resend_with_diff_seq":0,"3whs_synack_resend_with_diff_seq_delta":0,"3whs_synack_toserver_on_syn_recv":0,"3whs_synack_toserver_on_syn_recv_delta":0,"3whs_synack_with_wrong_ack":0,"3whs_synack_with_wrong_ack_delta":0,"3whs_synack_flood":0,"3whs_synack_flood_delta":0,"3whs_syn_resend_diff_seq_on_syn_recv":0,"3whs_syn_resend_diff_seq_on_syn_recv_delta":0,"3whs_syn_toclient_on_syn_recv":0,"3whs_syn_toclient_on_syn_recv_delta":0,"3whs_wrong_seq_wrong_ack":0,"3whs_wrong_seq_wrong_ack_delta":0,"3whs_ack_data_inject":0,"3whs_ack_data_inject_delta":0,"4whs_synack_with_wrong_ack":0,"4whs_synack_with_wrong_ack_delta":0,"4whs_synack_with_wrong_syn":0,"4whs_synack_with_wrong_syn_delta":0,"4whs_wrong_seq":0,"4whs_wrong_seq_delta":0,"4whs_invalid_ack":0,"4whs_invalid_ack_delta":0,"closewait_ack_out_of_window":0,"closewait_ack_out_of_window_delta":0,"closewait_fin_out_of_window":0,"closewait_fin_out_of_window_delta":0,"closewait_pkt_before_last_ack":0,"closewait_pkt_before_last_ack_delta":0,"closewait_invalid_ack":0,"closewait_invalid_ack_delta":0,"closing_ack_wrong_seq":0,"closing_ack_wrong_seq_delta":0,"closing_invalid_ack":0,"closing_invalid_ack_delta":0,"est_packet_out_of_window":0,"est_packet_out_of_window_delta":0,"est_pkt_before_last_ack":0,"est_pkt_before_last_ack_delta":0,"est_synack_resend":0,"est_synack_resend_delta":0,"est_synack_resend_with_diff_ack":0,"est_synack_resend_with_diff_ack_delta":0,"est_synack_resend_with_diff_seq":0,"est_synack_resend_with_diff_seq_delta":0,"est_synack_toserver":0,"est_synack_toserver_delta":0,"est_syn_resend":0,"est_syn_resend_delta":0,"est_syn_resend_diff_seq":0,"est_syn_resend_diff_seq_delta":0,"est_syn_toclient":0,"est_syn_toclient_delta":0,"est_invalid_ack":0,"est_invalid_ack_delta":0,"fin_invalid_ack":0,"fin_invalid_ack_delta":0,"fin1_ack_wrong_seq":0,"fin1_ack_wrong_seq_delta":0,"fin1_fin_wrong_seq":0,"fin1_fin_wrong_seq_delta":0,"fin1_invalid_ack":0,"fin1_invalid_ack_delta":0,"fin2_ack_wrong_seq":0,"fin2_ack_wrong_seq_delta":0,"fin2_fin_wrong_seq":0,"fin2_fin_wrong_seq_delta":0,"fin2_invalid_ack":0,"fin2_invalid_ack_delta":0,"fin_but_no_session":0,"fin_but_no_session_delta":0,"fin_out_of_window":0,"fin_out_of_window_delta":0,"lastack_ack_wrong_seq":0,"lastack_ack_wrong_seq_delta":0,"lastack_invalid_ack":0,"lastack_invalid_ack_delta":0,"rst_but_no_session":0,"rst_but_no_session_delta":0,"timewait_ack_wrong_seq":0,"timewait_ack_wrong_seq_delta":0,"timewait_invalid_ack":0,"timewait_invalid_ack_delta":0,"shutdown_syn_resend":0,"shutdown_syn_resend_delta":0,"pkt_invalid_timestamp":0,"pkt_invalid_timestamp_delta":0,"pkt_invalid_ack":0,"pkt_invalid_ack_delta":0,"pkt_broken_ack":0,"pkt_broken_ack_delta":0,"rst_invalid_ack":0,"rst_invalid_ack_delta":0,"pkt_retransmission":0,"pkt_retransmission_delta":0,"pkt_bad_window_update":0,"pkt_bad_window_update_delta":0,"suspected_rst_inject":0,"suspected_rst_inject_delta":0,"wrong_thread":0,"wrong_thread_delta":0,"reassembly_segment_before_base_seq":0,"reassembly_segment_before_base_seq_delta":0,"reassembly_no_segment":0,"reassembly_no_segment_delta":0,"reassembly_seq_gap":0,"reassembly_seq_gap_delta":0,"reassembly_overlap_different_data":0,"reassembly_overlap_different_data_delta":0},"tcp":{"sessions":0,"sessions_delta":0,"ssn_memcap_drop":0,"ssn_memcap_drop_delta":0,"pseudo":0,"pseudo_delta":0,"pseudo_failed":0,"pseudo_failed_delta":0,"invalid_checksum":0,"invalid_checksum_delta":0,"no_flow":0,"no_flow_delta":0,"syn":0,"syn_delta":0,"synack":0,"synack_delta":0,"rst":0,"rst_delta":0,"midstream_pickups":0,"midstream_pickups_delta":0,"pkt_on_wrong_thread":0,"pkt_on_wrong_thread_delta":0,"segment_memcap_drop":0,"segment_memcap_drop_delta":0,"stream_depth_reached":0,"stream_depth_reached_delta":0,"reassembly_gap":0,"reassembly_gap_delta":0,"overlap":0,"overlap_delta":0,"overlap_diff_data":0,"overlap_diff_data_delta":0,"insert_data_normal_fail":0,"insert_data_normal_fail_delta":0,"insert_data_overlap_fail":0,"insert_data_overlap_fail_delta":0,"insert_list_fail":0,"insert_list_fail_delta":0},"detect":{"engines":[{"id":0,"last_reload":"2019-10-02T05:32:10.214936+0000","rules_loaded":19231,"rules_failed":0}],"alert":0,"alert_delta":0},"file_store":{"open_files_max_hit":0,"open_files_max_hit_delta":0,"fs_errors":0,"fs_errors_delta":0},"app_layer":{"flow":{"http":0,"http_delta":0,"ftp":0,"ftp_delta":0,"smtp":0,"smtp_delta":0,"tls":0,"tls_delta":0,"ssh":0,"ssh_delta":0,"imap":0,"imap_delta":0,"msn":0,"msn_delta":0,"smb":0,"smb_delta":0,"dcerpc_tcp":0,"dcerpc_tcp_delta":0,"dns_tcp":0,"dns_tcp_delta":0,"modbus":0,"modbus_delta":0,"enip_tcp":0,"enip_tcp_delta":0,"dnp3":0,"dnp3_delta":0,"nfs_tcp":0,"nfs_tcp_delta":0,"ntp":0,"ntp_delta":0,"ftp-data":0,"ftp-data_delta":0,"tftp":0,"tftp_delta":0,"ikev2":0,"ikev2_delta":0,"krb5_tcp":0,"krb5_tcp_delta":0,"dhcp":0,"dhcp_delta":0,"failed_tcp":0,"failed_tcp_delta":0,"dcerpc_udp":0,"dcerpc_udp_delta":0,"dns_udp":0,"dns_udp_delta":0,"enip_udp":0,"enip_udp_delta":0,"nfs_udp":0,"nfs_udp_delta":0,"krb5_udp":0,"krb5_udp_delta":0,"failed_udp":0,"failed_udp_delta":0},"tx":{"http":0,"http_delta":0,"ftp":0,"ftp_delta":0,"smtp":0,"smtp_delta":0,"tls":0,"tls_delta":0,"ssh":0,"ssh_delta":0,"smb":0,"smb_delta":0,"dcerpc_tcp":0,"dcerpc_tcp_delta":0,"dns_tcp":0,"dns_tcp_delta":0,"modbus":0,"modbus_delta":0,"enip_tcp":0,"enip_tcp_delta":0,"dnp3":0,"dnp3_delta":0,"nfs_tcp":0,"nfs_tcp_delta":0,"ftp-data":0,"ftp-data_delta":0,"krb5_tcp":0,"krb5_tcp_delta":0,"dcerpc_udp":0,"dcerpc_udp_delta":0,"dns_udp":0,"dns_udp_delta":0,"enip_udp":0,"enip_udp_delta":0,"nfs_udp":0,"nfs_udp_delta":0,"ntp":0,"ntp_delta":0,"tftp":0,"tftp_delta":0,"ikev2":0,"ikev2_delta":0,"krb5_udp":0,"krb5_udp_delta":0,"dhcp":0,"dhcp_delta":0}}},"FM#01":{"flow_mgr":{"closed_pruned":0,"closed_pruned_delta":0,"new_pruned":3,"new_pruned_delta":3,"est_pruned":0,"est_pruned_delta":0,"bypassed_pruned":0,"bypassed_pruned_delta":0,"flows_checked":6,"flows_checked_delta":6,"flows_notimeout":3,"flows_notimeout_delta":3,"flows_timeout":3,"flows_timeout_delta":3,"flows_timeout_inuse":0,"flows_timeout_inuse_delta":0,"flows_removed":3,"flows_removed_delta":3,"rows_checked":65536,"rows_checked_delta":65536,"rows_skipped":65530,"rows_skipped_delta":65530,"rows_empty":0,"rows_empty_delta":0,"rows_busy":0,"rows_busy_delta":0,"rows_maxlen":1,"rows_maxlen_delta":1},"flow":{"spare":10000,"spare_delta":10000,"emerg_mode_entered":0,"emerg_mode_entered_delta":0,"emerg_mode_over":0,"emerg_mode_over_delta":0,"tcp_reuse":0,"tcp_reuse_delta":0}},"Global":{"tcp":{"memuse":4587520,"memuse_delta":4587520,"reassembly_memuse":786432,"reassembly_memuse_delta":786432},"dns":{"memuse":0,"memuse_delta":0,"memcap_state":0,"memcap_state_delta":0,"memcap_global":0,"memcap_global_delta":0},"http":{"memuse":0,"memuse_delta":0,"memcap":0,"memcap_delta":0},"ftp":{"memuse":0,"memuse_delta":0,"memcap":0,"memcap_delta":0},"app_layer":{"expectations":0,"expectations_delta":0},"file_store":{"open_files":0,"open_files_delta":0},"flow":{"memuse":7236128,"memuse_delta":7236128}}}},"pcap_filename":"\/pcaps\/msnms.pcap"}

(2-2/3)

Project

General

Profile

Suricata

Bug #3216 » eve.json