Project

General

Profile

Bug #3075 » statline.json

Simeon Miteff, 02/07/2023 02:48 AM

 
{
"timestamp": "2023-02-07T00:50:31.067509+0000",
"event_type": "stats",
"stats": {
"uptime": 72096,
"decoder": {
"pkts": 39525480,
"pkts_delta": 0,
"bytes": 8601149709,
"bytes_delta": 0,
"invalid": 20,
"invalid_delta": 0,
"ipv4": 39253780,
"ipv4_delta": 0,
"ipv6": 275735,
"ipv6_delta": 0,
"ethernet": 39526649,
"ethernet_delta": 0,
"chdlc": 0,
"chdlc_delta": 0,
"raw": 0,
"raw_delta": 0,
"null": 0,
"null_delta": 0,
"sll": 0,
"sll_delta": 0,
"tcp": 36388270,
"tcp_delta": 0,
"udp": 3102941,
"udp_delta": 0,
"sctp": 0,
"sctp_delta": 0,
"esp": 41,
"esp_delta": 0,
"icmpv4": 0,
"icmpv4_delta": 0,
"icmpv6": 33709,
"icmpv6_delta": 0,
"ppp": 0,
"ppp_delta": 0,
"pppoe": 0,
"pppoe_delta": 0,
"geneve": 0,
"geneve_delta": 0,
"gre": 3816,
"gre_delta": 0,
"vlan": 0,
"vlan_delta": 0,
"vlan_qinq": 0,
"vlan_qinq_delta": 0,
"vxlan": 0,
"vxlan_delta": 0,
"vntag": 0,
"vntag_delta": 0,
"ieee8021ah": 0,
"ieee8021ah_delta": 0,
"teredo": 0,
"teredo_delta": 0,
"ipv4_in_ipv6": 0,
"ipv4_in_ipv6_delta": 0,
"ipv6_in_ipv6": 0,
"ipv6_in_ipv6_delta": 0,
"mpls": 0,
"mpls_delta": 0,
"avg_pkt_size": 217,
"avg_pkt_size_delta": 0,
"max_pkt_size": 8192,
"max_pkt_size_delta": 0,
"max_mac_addrs_src": 0,
"max_mac_addrs_src_delta": 0,
"max_mac_addrs_dst": 0,
"max_mac_addrs_dst_delta": 0,
"erspan": 0,
"erspan_delta": 0,
"nsh": 0,
"nsh_delta": 0,
"event": {
"ipv4": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"hlen_too_small": 0,
"hlen_too_small_delta": 0,
"iplen_smaller_than_hlen": 0,
"iplen_smaller_than_hlen_delta": 0,
"trunc_pkt": 0,
"trunc_pkt_delta": 0,
"opt_invalid": 0,
"opt_invalid_delta": 0,
"opt_invalid_len": 0,
"opt_invalid_len_delta": 0,
"opt_malformed": 0,
"opt_malformed_delta": 0,
"opt_pad_required": 36,
"opt_pad_required_delta": 0,
"opt_eol_required": 0,
"opt_eol_required_delta": 0,
"opt_duplicate": 0,
"opt_duplicate_delta": 0,
"opt_unknown": 0,
"opt_unknown_delta": 0,
"wrong_ip_version": 0,
"wrong_ip_version_delta": 0,
"icmpv6": 0,
"icmpv6_delta": 0,
"frag_pkt_too_large": 0,
"frag_pkt_too_large_delta": 0,
"frag_overlap": 9,
"frag_overlap_delta": 0,
"frag_ignored": 0,
"frag_ignored_delta": 0
},
"icmpv4": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"unknown_type": 0,
"unknown_type_delta": 0,
"unknown_code": 0,
"unknown_code_delta": 0,
"ipv4_trunc_pkt": 0,
"ipv4_trunc_pkt_delta": 0,
"ipv4_unknown_ver": 0,
"ipv4_unknown_ver_delta": 0
},
"icmpv6": {
"unknown_type": 0,
"unknown_type_delta": 0,
"unknown_code": 0,
"unknown_code_delta": 0,
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"ipv6_unknown_version": 0,
"ipv6_unknown_version_delta": 0,
"ipv6_trunc_pkt": 0,
"ipv6_trunc_pkt_delta": 0,
"mld_message_with_invalid_hl": 0,
"mld_message_with_invalid_hl_delta": 0,
"unassigned_type": 0,
"unassigned_type_delta": 0,
"experimentation_type": 0,
"experimentation_type_delta": 0
},
"ipv6": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"trunc_pkt": 3,
"trunc_pkt_delta": 0,
"trunc_exthdr": 0,
"trunc_exthdr_delta": 0,
"exthdr_dupl_fh": 0,
"exthdr_dupl_fh_delta": 0,
"exthdr_useless_fh": 0,
"exthdr_useless_fh_delta": 0,
"exthdr_dupl_rh": 0,
"exthdr_dupl_rh_delta": 0,
"exthdr_dupl_hh": 0,
"exthdr_dupl_hh_delta": 0,
"exthdr_dupl_dh": 0,
"exthdr_dupl_dh_delta": 0,
"exthdr_dupl_ah": 0,
"exthdr_dupl_ah_delta": 0,
"exthdr_dupl_eh": 0,
"exthdr_dupl_eh_delta": 0,
"exthdr_invalid_optlen": 0,
"exthdr_invalid_optlen_delta": 0,
"wrong_ip_version": 0,
"wrong_ip_version_delta": 0,
"exthdr_ah_res_not_null": 0,
"exthdr_ah_res_not_null_delta": 0,
"hopopts_unknown_opt": 0,
"hopopts_unknown_opt_delta": 0,
"hopopts_only_padding": 0,
"hopopts_only_padding_delta": 0,
"dstopts_unknown_opt": 0,
"dstopts_unknown_opt_delta": 0,
"dstopts_only_padding": 0,
"dstopts_only_padding_delta": 0,
"rh_type_0": 0,
"rh_type_0_delta": 0,
"zero_len_padn": 60,
"zero_len_padn_delta": 0,
"fh_non_zero_reserved_field": 0,
"fh_non_zero_reserved_field_delta": 0,
"data_after_none_header": 0,
"data_after_none_header_delta": 0,
"unknown_next_header": 0,
"unknown_next_header_delta": 0,
"icmpv4": 0,
"icmpv4_delta": 0,
"frag_pkt_too_large": 0,
"frag_pkt_too_large_delta": 0,
"frag_overlap": 0,
"frag_overlap_delta": 0,
"frag_invalid_length": 0,
"frag_invalid_length_delta": 0,
"frag_ignored": 0,
"frag_ignored_delta": 0,
"ipv4_in_ipv6_too_small": 0,
"ipv4_in_ipv6_too_small_delta": 0,
"ipv4_in_ipv6_wrong_version": 0,
"ipv4_in_ipv6_wrong_version_delta": 0,
"ipv6_in_ipv6_too_small": 0,
"ipv6_in_ipv6_too_small_delta": 0,
"ipv6_in_ipv6_wrong_version": 0,
"ipv6_in_ipv6_wrong_version_delta": 0
},
"tcp": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"hlen_too_small": 2,
"hlen_too_small_delta": 0,
"invalid_optlen": 0,
"invalid_optlen_delta": 0,
"opt_invalid_len": 9087,
"opt_invalid_len_delta": 0,
"opt_duplicate": 0,
"opt_duplicate_delta": 0
},
"udp": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"hlen_too_small": 0,
"hlen_too_small_delta": 0,
"hlen_invalid": 0,
"hlen_invalid_delta": 0
},
"sll": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"ethernet": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"ppp": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"vju_pkt_too_small": 0,
"vju_pkt_too_small_delta": 0,
"ip4_pkt_too_small": 0,
"ip4_pkt_too_small_delta": 0,
"ip6_pkt_too_small": 0,
"ip6_pkt_too_small_delta": 0,
"wrong_type": 0,
"wrong_type_delta": 0,
"unsup_proto": 0,
"unsup_proto_delta": 0
},
"pppoe": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"wrong_code": 0,
"wrong_code_delta": 0,
"malformed_tags": 0,
"malformed_tags_delta": 0
},
"gre": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"wrong_version": 0,
"wrong_version_delta": 0,
"version0_recur": 0,
"version0_recur_delta": 0,
"version0_flags": 0,
"version0_flags_delta": 0,
"version0_hdr_too_big": 0,
"version0_hdr_too_big_delta": 0,
"version0_malformed_sre_hdr": 0,
"version0_malformed_sre_hdr_delta": 0,
"version1_chksum": 0,
"version1_chksum_delta": 0,
"version1_route": 0,
"version1_route_delta": 0,
"version1_ssr": 0,
"version1_ssr_delta": 0,
"version1_recur": 0,
"version1_recur_delta": 0,
"version1_flags": 0,
"version1_flags_delta": 0,
"version1_no_key": 0,
"version1_no_key_delta": 0,
"version1_wrong_protocol": 0,
"version1_wrong_protocol_delta": 0,
"version1_malformed_sre_hdr": 0,
"version1_malformed_sre_hdr_delta": 0,
"version1_hdr_too_big": 0,
"version1_hdr_too_big_delta": 0
},
"vlan": {
"header_too_small": 0,
"header_too_small_delta": 0,
"unknown_type": 0,
"unknown_type_delta": 0,
"too_many_layers": 0,
"too_many_layers_delta": 0
},
"ieee8021ah": {
"header_too_small": 0,
"header_too_small_delta": 0
},
"vntag": {
"header_too_small": 0,
"header_too_small_delta": 0,
"unknown_type": 0,
"unknown_type_delta": 0
},
"ipraw": {
"invalid_ip_version": 0,
"invalid_ip_version_delta": 0
},
"ltnull": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"unsupported_type": 0,
"unsupported_type_delta": 0
},
"sctp": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"esp": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"mpls": {
"header_too_small": 0,
"header_too_small_delta": 0,
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"bad_label_router_alert": 0,
"bad_label_router_alert_delta": 0,
"bad_label_implicit_null": 0,
"bad_label_implicit_null_delta": 0,
"bad_label_reserved": 0,
"bad_label_reserved_delta": 0,
"unknown_payload_type": 0,
"unknown_payload_type_delta": 0
},
"vxlan": {
"unknown_payload_type": 0,
"unknown_payload_type_delta": 0
},
"geneve": {
"unknown_payload_type": 0,
"unknown_payload_type_delta": 0
},
"erspan": {
"header_too_small": 0,
"header_too_small_delta": 0,
"unsupported_version": 0,
"unsupported_version_delta": 0,
"too_many_vlan_layers": 0,
"too_many_vlan_layers_delta": 0
},
"dce": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"chdlc": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"nsh": {
"header_too_small": 0,
"header_too_small_delta": 0,
"unsupported_version": 0,
"unsupported_version_delta": 0,
"bad_header_length": 0,
"bad_header_length_delta": 0,
"reserved_type": 0,
"reserved_type_delta": 0,
"unsupported_type": 0,
"unsupported_type_delta": 0,
"unknown_payload": 0,
"unknown_payload_delta": 0
}
},
"too_many_layers": 0,
"too_many_layers_delta": 0
},
"flow": {
"memcap": 0,
"memcap_delta": 0,
"total": 19100537,
"total_delta": 0,
"active": 1505441,
"active_delta": 0,
"tcp": 18979925,
"tcp_delta": 0,
"udp": 104424,
"udp_delta": 0,
"icmpv4": 0,
"icmpv4_delta": 0,
"icmpv6": 16127,
"icmpv6_delta": 0,
"tcp_reuse": 3198,
"tcp_reuse_delta": 0,
"get_used": 0,
"get_used_delta": 0,
"get_used_eval": 0,
"get_used_eval_delta": 0,
"get_used_eval_reject": 0,
"get_used_eval_reject_delta": 0,
"get_used_eval_busy": 0,
"get_used_eval_busy_delta": 0,
"get_used_failed": 0,
"get_used_failed_delta": 0,
"wrk": {
"spare_sync_avg": 97,
"spare_sync_avg_delta": 0,
"spare_sync": 1697401,
"spare_sync_delta": 0,
"spare_sync_incomplete": 1442,
"spare_sync_incomplete_delta": 0,
"spare_sync_empty": 1649674,
"spare_sync_empty_delta": 0,
"flows_evicted_needs_work": 324220,
"flows_evicted_needs_work_delta": 0,
"flows_evicted_pkt_inject": 422610,
"flows_evicted_pkt_inject_delta": 0,
"flows_evicted": 18288689,
"flows_evicted_delta": 0,
"flows_injected": 129370,
"flows_injected_delta": 0,
"flows_injected_max": 26,
"flows_injected_max_delta": 0
},
"end": {
"state": {
"new": 15639403,
"new_delta": 0,
"established": 106210,
"established_delta": 0,
"closed": 1849483,
"closed_delta": 0,
"local_bypassed": 0,
"local_bypassed_delta": 0,
"capture_bypassed": 0,
"capture_bypassed_delta": 0
},
"tcp_state": {
"none": 0,
"none_delta": 0,
"syn_sent": 15528669,
"syn_sent_delta": 0,
"syn_recv": 4430,
"syn_recv_delta": 0,
"established": 8346,
"established_delta": 0,
"fin_wait1": 1754,
"fin_wait1_delta": 0,
"fin_wait2": 991,
"fin_wait2_delta": 0,
"time_wait": 4201,
"time_wait_delta": 0,
"last_ack": 21360,
"last_ack_delta": 0,
"close_wait": 5294,
"close_wait_delta": 0,
"closing": 0,
"closing_delta": 0,
"closed": 1823922,
"closed_delta": 0
},
"tcp_liberal": 1597,
"tcp_liberal_delta": 0
},
"mgr": {
"full_hash_pass": 185,
"full_hash_pass_delta": 0,
"rows_per_sec": 13106,
"rows_per_sec_delta": 0,
"rows_maxlen": 30,
"rows_maxlen_delta": 0,
"flows_checked": 56134060,
"flows_checked_delta": 0,
"flows_notimeout": 51489181,
"flows_notimeout_delta": 0,
"flows_timeout": 4644879,
"flows_timeout_delta": 0,
"flows_timeout_inuse": 0,
"flows_timeout_inuse_delta": 0,
"flows_evicted": 4644879,
"flows_evicted_delta": 0,
"flows_evicted_needs_work": 129370,
"flows_evicted_needs_work_delta": 0
},
"spare": 28123,
"spare_delta": 0,
"emerg_mode_entered": 0,
"emerg_mode_entered_delta": 0,
"emerg_mode_over": 0,
"emerg_mode_over_delta": 0,
"recycler": {
"recycled": 4515509,
"recycled_delta": 0,
"queue_avg": 0,
"queue_avg_delta": 0,
"queue_max": 957,
"queue_max_delta": 0
},
"memuse": 490129728,
"memuse_delta": 0
},
"tcp": {
"active_sessions": 1493311,
"active_sessions_delta": 0,
"sessions": 18892278,
"sessions_delta": 0,
"ssn_memcap_drop": 0,
"ssn_memcap_drop_delta": 0,
"ssn_from_cache": 12652082,
"ssn_from_cache_delta": 0,
"ssn_from_pool": 6240196,
"ssn_from_pool_delta": 0,
"pseudo": 1512,
"pseudo_delta": 0,
"pseudo_failed": 0,
"pseudo_failed_delta": 0,
"invalid_checksum": 0,
"invalid_checksum_delta": 0,
"no_flow": 0,
"no_flow_delta": 0,
"syn": 19743199,
"syn_delta": 0,
"synack": 751286,
"synack_delta": 0,
"rst": 1848497,
"rst_delta": 0,
"midstream_pickups": 0,
"midstream_pickups_delta": 0,
"pkt_on_wrong_thread": 0,
"pkt_on_wrong_thread_delta": 0,
"segment_memcap_drop": 0,
"segment_memcap_drop_delta": 0,
"segment_from_cache": 7095762,
"segment_from_cache_delta": 0,
"segment_from_pool": 432270,
"segment_from_pool_delta": 0,
"stream_depth_reached": 10,
"stream_depth_reached_delta": 0,
"reassembly_gap": 8964,
"reassembly_gap_delta": 0,
"overlap": 28775,
"overlap_delta": 0,
"overlap_diff_data": 0,
"overlap_diff_data_delta": 0,
"insert_data_normal_fail": 0,
"insert_data_normal_fail_delta": 0,
"insert_data_overlap_fail": 0,
"insert_data_overlap_fail_delta": 0,
"memuse": 442054088,
"memuse_delta": 0,
"reassembly_memuse": 334194968,
"reassembly_memuse_delta": 0
},
"defrag": {
"ipv4": {
"fragments": 227,
"fragments_delta": 0,
"reassembled": 0,
"reassembled_delta": 0,
"timeouts": 0,
"timeouts_delta": 0
},
"ipv6": {
"fragments": 0,
"fragments_delta": 0,
"reassembled": 0,
"reassembled_delta": 0,
"timeouts": 0,
"timeouts_delta": 0
},
"max_frag_hits": 0,
"max_frag_hits_delta": 0
},
"stream": {
"3whs_ack_in_wrong_dir": 0,
"3whs_ack_in_wrong_dir_delta": 0,
"3whs_async_wrong_seq": 0,
"3whs_async_wrong_seq_delta": 0,
"3whs_right_seq_wrong_ack_evasion": 1,
"3whs_right_seq_wrong_ack_evasion_delta": 0,
"3whs_synack_in_wrong_direction": 0,
"3whs_synack_in_wrong_direction_delta": 0,
"3whs_synack_resend_with_diff_ack": 0,
"3whs_synack_resend_with_diff_ack_delta": 0,
"3whs_synack_resend_with_diff_seq": 0,
"3whs_synack_resend_with_diff_seq_delta": 0,
"3whs_synack_toserver_on_syn_recv": 0,
"3whs_synack_toserver_on_syn_recv_delta": 0,
"3whs_synack_with_wrong_ack": 6,
"3whs_synack_with_wrong_ack_delta": 0,
"3whs_synack_flood": 63,
"3whs_synack_flood_delta": 0,
"3whs_syn_resend_diff_seq_on_syn_recv": 0,
"3whs_syn_resend_diff_seq_on_syn_recv_delta": 0,
"3whs_syn_toclient_on_syn_recv": 0,
"3whs_syn_toclient_on_syn_recv_delta": 0,
"3whs_wrong_seq_wrong_ack": 167,
"3whs_wrong_seq_wrong_ack_delta": 0,
"3whs_ack_data_inject": 0,
"3whs_ack_data_inject_delta": 0,
"4whs_synack_with_wrong_ack": 0,
"4whs_synack_with_wrong_ack_delta": 0,
"4whs_synack_with_wrong_syn": 2,
"4whs_synack_with_wrong_syn_delta": 0,
"4whs_wrong_seq": 0,
"4whs_wrong_seq_delta": 0,
"4whs_invalid_ack": 0,
"4whs_invalid_ack_delta": 0,
"closewait_ack_out_of_window": 0,
"closewait_ack_out_of_window_delta": 0,
"closewait_fin_out_of_window": 22,
"closewait_fin_out_of_window_delta": 0,
"closewait_pkt_before_last_ack": 75,
"closewait_pkt_before_last_ack_delta": 0,
"closewait_invalid_ack": 0,
"closewait_invalid_ack_delta": 0,
"closing_ack_wrong_seq": 0,
"closing_ack_wrong_seq_delta": 0,
"closing_invalid_ack": 0,
"closing_invalid_ack_delta": 0,
"est_packet_out_of_window": 2656,
"est_packet_out_of_window_delta": 0,
"est_pkt_before_last_ack": 516,
"est_pkt_before_last_ack_delta": 0,
"est_synack_resend": 0,
"est_synack_resend_delta": 0,
"est_synack_resend_with_diff_ack": 53,
"est_synack_resend_with_diff_ack_delta": 0,
"est_synack_resend_with_diff_seq": 0,
"est_synack_resend_with_diff_seq_delta": 0,
"est_synack_toserver": 0,
"est_synack_toserver_delta": 0,
"est_syn_resend": 1,
"est_syn_resend_delta": 0,
"est_syn_resend_diff_seq": 53,
"est_syn_resend_diff_seq_delta": 0,
"est_syn_toclient": 0,
"est_syn_toclient_delta": 0,
"est_invalid_ack": 2796,
"est_invalid_ack_delta": 0,
"fin_invalid_ack": 9492,
"fin_invalid_ack_delta": 0,
"fin1_ack_wrong_seq": 0,
"fin1_ack_wrong_seq_delta": 0,
"fin1_fin_wrong_seq": 58,
"fin1_fin_wrong_seq_delta": 0,
"fin1_invalid_ack": 4,
"fin1_invalid_ack_delta": 0,
"fin2_ack_wrong_seq": 25,
"fin2_ack_wrong_seq_delta": 0,
"fin2_fin_wrong_seq": 4,
"fin2_fin_wrong_seq_delta": 0,
"fin2_invalid_ack": 5,
"fin2_invalid_ack_delta": 0,
"fin_but_no_session": 25883,
"fin_but_no_session_delta": 0,
"fin_out_of_window": 8727,
"fin_out_of_window_delta": 0,
"fin_syn": 0,
"fin_syn_delta": 0,
"lastack_ack_wrong_seq": 0,
"lastack_ack_wrong_seq_delta": 0,
"lastack_invalid_ack": 0,
"lastack_invalid_ack_delta": 0,
"rst_but_no_session": 20876,
"rst_but_no_session_delta": 0,
"timewait_ack_wrong_seq": 37,
"timewait_ack_wrong_seq_delta": 0,
"timewait_invalid_ack": 0,
"timewait_invalid_ack_delta": 0,
"shutdown_syn_resend": 2,
"shutdown_syn_resend_delta": 0,
"pkt_invalid_timestamp": 175,
"pkt_invalid_timestamp_delta": 0,
"pkt_invalid_ack": 13507,
"pkt_invalid_ack_delta": 0,
"pkt_broken_ack": 72093,
"pkt_broken_ack_delta": 0,
"rst_invalid_ack": 1209,
"rst_invalid_ack_delta": 0,
"pkt_retransmission": 7266,
"pkt_retransmission_delta": 0,
"pkt_spurious_retransmission": 2358,
"pkt_spurious_retransmission_delta": 0,
"pkt_bad_window_update": 13,
"pkt_bad_window_update_delta": 0,
"suspected_rst_inject": 10,
"suspected_rst_inject_delta": 0,
"wrong_thread": 0,
"wrong_thread_delta": 0,
"reassembly_segment_before_base_seq": 0,
"reassembly_segment_before_base_seq_delta": 0,
"reassembly_no_segment": 0,
"reassembly_no_segment_delta": 0,
"reassembly_seq_gap": 8964,
"reassembly_seq_gap_delta": 0,
"reassembly_overlap_different_data": 0,
"reassembly_overlap_different_data_delta": 0,
"reassembly_depth_reached": 10,
"reassembly_depth_reached_delta": 0
},
"flow_bypassed": {
"local_pkts": 0,
"local_pkts_delta": 0,
"local_bytes": 0,
"local_bytes_delta": 0,
"local_capture_pkts": 0,
"local_capture_pkts_delta": 0,
"local_capture_bytes": 0,
"local_capture_bytes_delta": 0,
"closed": 0,
"closed_delta": 0,
"pkts": 0,
"pkts_delta": 0,
"bytes": 0,
"bytes_delta": 0
},
"detect": {
"engines": [
{
"id": 0,
"last_reload": "2023-02-06T04:49:58.690772+0000",
"rules_loaded": 45183,
"rules_failed": 2
}
],
"alert": 1354,
"alert_delta": 0,
"alert_queue_overflow": 0,
"alert_queue_overflow_delta": 0,
"alerts_suppressed": 82446,
"alerts_suppressed_delta": 0,
"mpm_list": 1,
"mpm_list_delta": 0,
"nonmpm_list": 22,
"nonmpm_list_delta": 0,
"fnonmpm_list": 10,
"fnonmpm_list_delta": 0,
"match_list": 11,
"match_list_delta": 0
},
"app_layer": {
"flow": {
"http": 8320,
"http_delta": 0,
"ftp": 15,
"ftp_delta": 0,
"smtp": 0,
"smtp_delta": 0,
"tls": 356780,
"tls_delta": 0,
"ssh": 413,
"ssh_delta": 0,
"imap": 0,
"imap_delta": 0,
"smb": 1,
"smb_delta": 0,
"dcerpc_tcp": 0,
"dcerpc_tcp_delta": 0,
"dns_tcp": 0,
"dns_tcp_delta": 0,
"nfs_tcp": 0,
"nfs_tcp_delta": 0,
"ntp": 0,
"ntp_delta": 0,
"ftp-data": 15,
"ftp-data_delta": 0,
"tftp": 0,
"tftp_delta": 0,
"ike": 0,
"ike_delta": 0,
"krb5_tcp": 0,
"krb5_tcp_delta": 0,
"quic": 95968,
"quic_delta": 0,
"dhcp": 0,
"dhcp_delta": 0,
"snmp": 0,
"snmp_delta": 0,
"sip": 0,
"sip_delta": 0,
"rfb": 758,
"rfb_delta": 0,
"mqtt": 0,
"mqtt_delta": 0,
"pgsql": 513,
"pgsql_delta": 0,
"telnet": 0,
"telnet_delta": 0,
"rdp": 338,
"rdp_delta": 0,
"bittorrent-dht": 0,
"bittorrent-dht_delta": 0,
"failed_tcp": 25732,
"failed_tcp_delta": 0,
"dcerpc_udp": 0,
"dcerpc_udp_delta": 0,
"dns_udp": 0,
"dns_udp_delta": 0,
"nfs_udp": 0,
"nfs_udp_delta": 0,
"krb5_udp": 0,
"krb5_udp_delta": 0,
"failed_udp": 8456,
"failed_udp_delta": 0
},
"tx": {
"http": 10149,
"http_delta": 0,
"ftp": 141,
"ftp_delta": 0,
"smtp": 0,
"smtp_delta": 0,
"tls": 0,
"tls_delta": 0,
"ssh": 0,
"ssh_delta": 0,
"imap": 0,
"imap_delta": 0,
"smb": 67,
"smb_delta": 0,
"dcerpc_tcp": 0,
"dcerpc_tcp_delta": 0,
"dns_tcp": 0,
"dns_tcp_delta": 0,
"nfs_tcp": 0,
"nfs_tcp_delta": 0,
"ntp": 0,
"ntp_delta": 0,
"ftp-data": 0,
"ftp-data_delta": 0,
"tftp": 0,
"tftp_delta": 0,
"ike": 0,
"ike_delta": 0,
"krb5_tcp": 0,
"krb5_tcp_delta": 0,
"quic": 226798,
"quic_delta": 0,
"dhcp": 0,
"dhcp_delta": 0,
"snmp": 0,
"snmp_delta": 0,
"sip": 0,
"sip_delta": 0,
"rfb": 761,
"rfb_delta": 0,
"mqtt": 0,
"mqtt_delta": 0,
"pgsql": 893,
"pgsql_delta": 0,
"telnet": 0,
"telnet_delta": 0,
"rdp": 1014,
"rdp_delta": 0,
"bittorrent-dht": 0,
"bittorrent-dht_delta": 0,
"dcerpc_udp": 0,
"dcerpc_udp_delta": 0,
"dns_udp": 0,
"dns_udp_delta": 0,
"nfs_udp": 0,
"nfs_udp_delta": 0,
"krb5_udp": 0,
"krb5_udp_delta": 0
},
"error": {
"http": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"ftp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"smtp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"tls": {
"gap": 1669,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 21200,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"ssh": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"imap": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"smb": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"dcerpc_tcp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"dns_tcp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"nfs_tcp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"ntp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"ftp-data": {
"gap": 1,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"tftp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"ike": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"krb5_tcp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"quic": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 13634,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"dhcp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"snmp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"sip": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"rfb": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 272,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"mqtt": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"pgsql": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 134,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"telnet": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"rdp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"bittorrent-dht": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"failed_tcp": {
"gap": 0,
"gap_delta": 0
},
"dcerpc_udp": {
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"dns_udp": {
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"nfs_udp": {
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"krb5_udp": {
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
}
},
"expectations": 0,
"expectations_delta": 0
},
"http": {
"memuse": 1235221,
"memuse_delta": 0,
"memcap": 0,
"memcap_delta": 0
},
"ftp": {
"memuse": 1049381,
"memuse_delta": 0,
"memcap": 0,
"memcap_delta": 0
},
"file_store": {
"open_files": 0,
"open_files_delta": 0
},
"threads": {
"RX#01": {
"decoder": {
"pkts": 39525480,
"pkts_delta": 0,
"bytes": 8601149709,
"bytes_delta": 0,
"invalid": 20,
"invalid_delta": 0,
"ipv4": 39253780,
"ipv4_delta": 0,
"ipv6": 275735,
"ipv6_delta": 0,
"ethernet": 39526649,
"ethernet_delta": 0,
"chdlc": 0,
"chdlc_delta": 0,
"raw": 0,
"raw_delta": 0,
"null": 0,
"null_delta": 0,
"sll": 0,
"sll_delta": 0,
"tcp": 36388270,
"tcp_delta": 0,
"udp": 3102941,
"udp_delta": 0,
"sctp": 0,
"sctp_delta": 0,
"esp": 41,
"esp_delta": 0,
"icmpv4": 0,
"icmpv4_delta": 0,
"icmpv6": 33709,
"icmpv6_delta": 0,
"ppp": 0,
"ppp_delta": 0,
"pppoe": 0,
"pppoe_delta": 0,
"geneve": 0,
"geneve_delta": 0,
"gre": 3816,
"gre_delta": 0,
"vlan": 0,
"vlan_delta": 0,
"vlan_qinq": 0,
"vlan_qinq_delta": 0,
"vxlan": 0,
"vxlan_delta": 0,
"vntag": 0,
"vntag_delta": 0,
"ieee8021ah": 0,
"ieee8021ah_delta": 0,
"teredo": 0,
"teredo_delta": 0,
"ipv4_in_ipv6": 0,
"ipv4_in_ipv6_delta": 0,
"ipv6_in_ipv6": 0,
"ipv6_in_ipv6_delta": 0,
"mpls": 0,
"mpls_delta": 0,
"avg_pkt_size": 217,
"avg_pkt_size_delta": 0,
"max_pkt_size": 8192,
"max_pkt_size_delta": 0,
"max_mac_addrs_src": 0,
"max_mac_addrs_src_delta": 0,
"max_mac_addrs_dst": 0,
"max_mac_addrs_dst_delta": 0,
"erspan": 0,
"erspan_delta": 0,
"nsh": 0,
"nsh_delta": 0,
"event": {
"ipv4": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"hlen_too_small": 0,
"hlen_too_small_delta": 0,
"iplen_smaller_than_hlen": 0,
"iplen_smaller_than_hlen_delta": 0,
"trunc_pkt": 0,
"trunc_pkt_delta": 0,
"opt_invalid": 0,
"opt_invalid_delta": 0,
"opt_invalid_len": 0,
"opt_invalid_len_delta": 0,
"opt_malformed": 0,
"opt_malformed_delta": 0,
"opt_pad_required": 0,
"opt_pad_required_delta": 0,
"opt_eol_required": 0,
"opt_eol_required_delta": 0,
"opt_duplicate": 0,
"opt_duplicate_delta": 0,
"opt_unknown": 0,
"opt_unknown_delta": 0,
"wrong_ip_version": 0,
"wrong_ip_version_delta": 0,
"icmpv6": 0,
"icmpv6_delta": 0,
"frag_pkt_too_large": 0,
"frag_pkt_too_large_delta": 0,
"frag_overlap": 0,
"frag_overlap_delta": 0,
"frag_ignored": 0,
"frag_ignored_delta": 0
},
"icmpv4": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"unknown_type": 0,
"unknown_type_delta": 0,
"unknown_code": 0,
"unknown_code_delta": 0,
"ipv4_trunc_pkt": 0,
"ipv4_trunc_pkt_delta": 0,
"ipv4_unknown_ver": 0,
"ipv4_unknown_ver_delta": 0
},
"icmpv6": {
"unknown_type": 0,
"unknown_type_delta": 0,
"unknown_code": 0,
"unknown_code_delta": 0,
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"ipv6_unknown_version": 0,
"ipv6_unknown_version_delta": 0,
"ipv6_trunc_pkt": 0,
"ipv6_trunc_pkt_delta": 0,
"mld_message_with_invalid_hl": 0,
"mld_message_with_invalid_hl_delta": 0,
"unassigned_type": 0,
"unassigned_type_delta": 0,
"experimentation_type": 0,
"experimentation_type_delta": 0
},
"ipv6": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"trunc_pkt": 0,
"trunc_pkt_delta": 0,
"trunc_exthdr": 0,
"trunc_exthdr_delta": 0,
"exthdr_dupl_fh": 0,
"exthdr_dupl_fh_delta": 0,
"exthdr_useless_fh": 0,
"exthdr_useless_fh_delta": 0,
"exthdr_dupl_rh": 0,
"exthdr_dupl_rh_delta": 0,
"exthdr_dupl_hh": 0,
"exthdr_dupl_hh_delta": 0,
"exthdr_dupl_dh": 0,
"exthdr_dupl_dh_delta": 0,
"exthdr_dupl_ah": 0,
"exthdr_dupl_ah_delta": 0,
"exthdr_dupl_eh": 0,
"exthdr_dupl_eh_delta": 0,
"exthdr_invalid_optlen": 0,
"exthdr_invalid_optlen_delta": 0,
"wrong_ip_version": 0,
"wrong_ip_version_delta": 0,
"exthdr_ah_res_not_null": 0,
"exthdr_ah_res_not_null_delta": 0,
"hopopts_unknown_opt": 0,
"hopopts_unknown_opt_delta": 0,
"hopopts_only_padding": 0,
"hopopts_only_padding_delta": 0,
"dstopts_unknown_opt": 0,
"dstopts_unknown_opt_delta": 0,
"dstopts_only_padding": 0,
"dstopts_only_padding_delta": 0,
"rh_type_0": 0,
"rh_type_0_delta": 0,
"zero_len_padn": 0,
"zero_len_padn_delta": 0,
"fh_non_zero_reserved_field": 0,
"fh_non_zero_reserved_field_delta": 0,
"data_after_none_header": 0,
"data_after_none_header_delta": 0,
"unknown_next_header": 0,
"unknown_next_header_delta": 0,
"icmpv4": 0,
"icmpv4_delta": 0,
"frag_pkt_too_large": 0,
"frag_pkt_too_large_delta": 0,
"frag_overlap": 0,
"frag_overlap_delta": 0,
"frag_invalid_length": 0,
"frag_invalid_length_delta": 0,
"frag_ignored": 0,
"frag_ignored_delta": 0,
"ipv4_in_ipv6_too_small": 0,
"ipv4_in_ipv6_too_small_delta": 0,
"ipv4_in_ipv6_wrong_version": 0,
"ipv4_in_ipv6_wrong_version_delta": 0,
"ipv6_in_ipv6_too_small": 0,
"ipv6_in_ipv6_too_small_delta": 0,
"ipv6_in_ipv6_wrong_version": 0,
"ipv6_in_ipv6_wrong_version_delta": 0
},
"tcp": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"hlen_too_small": 0,
"hlen_too_small_delta": 0,
"invalid_optlen": 0,
"invalid_optlen_delta": 0,
"opt_invalid_len": 0,
"opt_invalid_len_delta": 0,
"opt_duplicate": 0,
"opt_duplicate_delta": 0
},
"udp": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"hlen_too_small": 0,
"hlen_too_small_delta": 0,
"hlen_invalid": 0,
"hlen_invalid_delta": 0
},
"sll": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"ethernet": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"ppp": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"vju_pkt_too_small": 0,
"vju_pkt_too_small_delta": 0,
"ip4_pkt_too_small": 0,
"ip4_pkt_too_small_delta": 0,
"ip6_pkt_too_small": 0,
"ip6_pkt_too_small_delta": 0,
"wrong_type": 0,
"wrong_type_delta": 0,
"unsup_proto": 0,
"unsup_proto_delta": 0
},
"pppoe": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"wrong_code": 0,
"wrong_code_delta": 0,
"malformed_tags": 0,
"malformed_tags_delta": 0
},
"gre": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"wrong_version": 0,
"wrong_version_delta": 0,
"version0_recur": 0,
"version0_recur_delta": 0,
"version0_flags": 0,
"version0_flags_delta": 0,
"version0_hdr_too_big": 0,
"version0_hdr_too_big_delta": 0,
"version0_malformed_sre_hdr": 0,
"version0_malformed_sre_hdr_delta": 0,
"version1_chksum": 0,
"version1_chksum_delta": 0,
"version1_route": 0,
"version1_route_delta": 0,
"version1_ssr": 0,
"version1_ssr_delta": 0,
"version1_recur": 0,
"version1_recur_delta": 0,
"version1_flags": 0,
"version1_flags_delta": 0,
"version1_no_key": 0,
"version1_no_key_delta": 0,
"version1_wrong_protocol": 0,
"version1_wrong_protocol_delta": 0,
"version1_malformed_sre_hdr": 0,
"version1_malformed_sre_hdr_delta": 0,
"version1_hdr_too_big": 0,
"version1_hdr_too_big_delta": 0
},
"vlan": {
"header_too_small": 0,
"header_too_small_delta": 0,
"unknown_type": 0,
"unknown_type_delta": 0,
"too_many_layers": 0,
"too_many_layers_delta": 0
},
"ieee8021ah": {
"header_too_small": 0,
"header_too_small_delta": 0
},
"vntag": {
"header_too_small": 0,
"header_too_small_delta": 0,
"unknown_type": 0,
"unknown_type_delta": 0
},
"ipraw": {
"invalid_ip_version": 0,
"invalid_ip_version_delta": 0
},
"ltnull": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"unsupported_type": 0,
"unsupported_type_delta": 0
},
"sctp": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"esp": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"mpls": {
"header_too_small": 0,
"header_too_small_delta": 0,
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"bad_label_router_alert": 0,
"bad_label_router_alert_delta": 0,
"bad_label_implicit_null": 0,
"bad_label_implicit_null_delta": 0,
"bad_label_reserved": 0,
"bad_label_reserved_delta": 0,
"unknown_payload_type": 0,
"unknown_payload_type_delta": 0
},
"vxlan": {
"unknown_payload_type": 0,
"unknown_payload_type_delta": 0
},
"geneve": {
"unknown_payload_type": 0,
"unknown_payload_type_delta": 0
},
"erspan": {
"header_too_small": 0,
"header_too_small_delta": 0,
"unsupported_version": 0,
"unsupported_version_delta": 0,
"too_many_vlan_layers": 0,
"too_many_vlan_layers_delta": 0
},
"dce": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"chdlc": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"nsh": {
"header_too_small": 0,
"header_too_small_delta": 0,
"unsupported_version": 0,
"unsupported_version_delta": 0,
"bad_header_length": 0,
"bad_header_length_delta": 0,
"reserved_type": 0,
"reserved_type_delta": 0,
"unsupported_type": 0,
"unsupported_type_delta": 0,
"unknown_payload": 0,
"unknown_payload_delta": 0
}
},
"too_many_layers": 0,
"too_many_layers_delta": 0
},
"flow": {
"memcap": 0,
"memcap_delta": 0,
"total": 0,
"total_delta": 0,
"active": 0,
"active_delta": 0,
"tcp": 0,
"tcp_delta": 0,
"udp": 0,
"udp_delta": 0,
"icmpv4": 0,
"icmpv4_delta": 0,
"icmpv6": 0,
"icmpv6_delta": 0,
"tcp_reuse": 0,
"tcp_reuse_delta": 0,
"get_used": 0,
"get_used_delta": 0,
"get_used_eval": 0,
"get_used_eval_delta": 0,
"get_used_eval_reject": 0,
"get_used_eval_reject_delta": 0,
"get_used_eval_busy": 0,
"get_used_eval_busy_delta": 0,
"get_used_failed": 0,
"get_used_failed_delta": 0,
"wrk": {
"spare_sync_avg": 0,
"spare_sync_avg_delta": 0,
"spare_sync": 0,
"spare_sync_delta": 0,
"spare_sync_incomplete": 0,
"spare_sync_incomplete_delta": 0,
"spare_sync_empty": 0,
"spare_sync_empty_delta": 0
}
},
"tcp": {
"active_sessions": 0,
"active_sessions_delta": 0
},
"defrag": {
"ipv4": {
"fragments": 227,
"fragments_delta": 0,
"reassembled": 0,
"reassembled_delta": 0,
"timeouts": 0,
"timeouts_delta": 0
},
"ipv6": {
"fragments": 0,
"fragments_delta": 0,
"reassembled": 0,
"reassembled_delta": 0,
"timeouts": 0,
"timeouts_delta": 0
},
"max_frag_hits": 0,
"max_frag_hits_delta": 0
},
"stream": {
"3whs_ack_in_wrong_dir": 0,
"3whs_ack_in_wrong_dir_delta": 0,
"3whs_async_wrong_seq": 0,
"3whs_async_wrong_seq_delta": 0,
"3whs_right_seq_wrong_ack_evasion": 0,
"3whs_right_seq_wrong_ack_evasion_delta": 0,
"3whs_synack_in_wrong_direction": 0,
"3whs_synack_in_wrong_direction_delta": 0,
"3whs_synack_resend_with_diff_ack": 0,
"3whs_synack_resend_with_diff_ack_delta": 0,
"3whs_synack_resend_with_diff_seq": 0,
"3whs_synack_resend_with_diff_seq_delta": 0,
"3whs_synack_toserver_on_syn_recv": 0,
"3whs_synack_toserver_on_syn_recv_delta": 0,
"3whs_synack_with_wrong_ack": 0,
"3whs_synack_with_wrong_ack_delta": 0,
"3whs_synack_flood": 0,
"3whs_synack_flood_delta": 0,
"3whs_syn_resend_diff_seq_on_syn_recv": 0,
"3whs_syn_resend_diff_seq_on_syn_recv_delta": 0,
"3whs_syn_toclient_on_syn_recv": 0,
"3whs_syn_toclient_on_syn_recv_delta": 0,
"3whs_wrong_seq_wrong_ack": 0,
"3whs_wrong_seq_wrong_ack_delta": 0,
"3whs_ack_data_inject": 0,
"3whs_ack_data_inject_delta": 0,
"4whs_synack_with_wrong_ack": 0,
"4whs_synack_with_wrong_ack_delta": 0,
"4whs_synack_with_wrong_syn": 0,
"4whs_synack_with_wrong_syn_delta": 0,
"4whs_wrong_seq": 0,
"4whs_wrong_seq_delta": 0,
"4whs_invalid_ack": 0,
"4whs_invalid_ack_delta": 0,
"closewait_ack_out_of_window": 0,
"closewait_ack_out_of_window_delta": 0,
"closewait_fin_out_of_window": 0,
"closewait_fin_out_of_window_delta": 0,
"closewait_pkt_before_last_ack": 0,
"closewait_pkt_before_last_ack_delta": 0,
"closewait_invalid_ack": 0,
"closewait_invalid_ack_delta": 0,
"closing_ack_wrong_seq": 0,
"closing_ack_wrong_seq_delta": 0,
"closing_invalid_ack": 0,
"closing_invalid_ack_delta": 0,
"est_packet_out_of_window": 0,
"est_packet_out_of_window_delta": 0,
"est_pkt_before_last_ack": 0,
"est_pkt_before_last_ack_delta": 0,
"est_synack_resend": 0,
"est_synack_resend_delta": 0,
"est_synack_resend_with_diff_ack": 0,
"est_synack_resend_with_diff_ack_delta": 0,
"est_synack_resend_with_diff_seq": 0,
"est_synack_resend_with_diff_seq_delta": 0,
"est_synack_toserver": 0,
"est_synack_toserver_delta": 0,
"est_syn_resend": 0,
"est_syn_resend_delta": 0,
"est_syn_resend_diff_seq": 0,
"est_syn_resend_diff_seq_delta": 0,
"est_syn_toclient": 0,
"est_syn_toclient_delta": 0,
"est_invalid_ack": 0,
"est_invalid_ack_delta": 0,
"fin_invalid_ack": 0,
"fin_invalid_ack_delta": 0,
"fin1_ack_wrong_seq": 0,
"fin1_ack_wrong_seq_delta": 0,
"fin1_fin_wrong_seq": 0,
"fin1_fin_wrong_seq_delta": 0,
"fin1_invalid_ack": 0,
"fin1_invalid_ack_delta": 0,
"fin2_ack_wrong_seq": 0,
"fin2_ack_wrong_seq_delta": 0,
"fin2_fin_wrong_seq": 0,
"fin2_fin_wrong_seq_delta": 0,
"fin2_invalid_ack": 0,
"fin2_invalid_ack_delta": 0,
"fin_but_no_session": 0,
"fin_but_no_session_delta": 0,
"fin_out_of_window": 0,
"fin_out_of_window_delta": 0,
"fin_syn": 0,
"fin_syn_delta": 0,
"lastack_ack_wrong_seq": 0,
"lastack_ack_wrong_seq_delta": 0,
"lastack_invalid_ack": 0,
"lastack_invalid_ack_delta": 0,
"rst_but_no_session": 0,
"rst_but_no_session_delta": 0,
"timewait_ack_wrong_seq": 0,
"timewait_ack_wrong_seq_delta": 0,
"timewait_invalid_ack": 0,
"timewait_invalid_ack_delta": 0,
"shutdown_syn_resend": 0,
"shutdown_syn_resend_delta": 0,
"pkt_invalid_timestamp": 0,
"pkt_invalid_timestamp_delta": 0,
"pkt_invalid_ack": 0,
"pkt_invalid_ack_delta": 0,
"pkt_broken_ack": 0,
"pkt_broken_ack_delta": 0,
"rst_invalid_ack": 0,
"rst_invalid_ack_delta": 0,
"pkt_retransmission": 0,
"pkt_retransmission_delta": 0,
"pkt_spurious_retransmission": 0,
"pkt_spurious_retransmission_delta": 0,
"pkt_bad_window_update": 0,
"pkt_bad_window_update_delta": 0,
"suspected_rst_inject": 0,
"suspected_rst_inject_delta": 0,
"wrong_thread": 0,
"wrong_thread_delta": 0,
"reassembly_segment_before_base_seq": 0,
"reassembly_segment_before_base_seq_delta": 0,
"reassembly_no_segment": 0,
"reassembly_no_segment_delta": 0,
"reassembly_seq_gap": 0,
"reassembly_seq_gap_delta": 0,
"reassembly_overlap_different_data": 0,
"reassembly_overlap_different_data_delta": 0,
"reassembly_depth_reached": 0,
"reassembly_depth_reached_delta": 0
}
},
"W#01": {
"decoder": {
"pkts": 0,
"pkts_delta": 0,
"bytes": 0,
"bytes_delta": 0,
"invalid": 0,
"invalid_delta": 0,
"ipv4": 0,
"ipv4_delta": 0,
"ipv6": 0,
"ipv6_delta": 0,
"ethernet": 0,
"ethernet_delta": 0,
"chdlc": 0,
"chdlc_delta": 0,
"raw": 0,
"raw_delta": 0,
"null": 0,
"null_delta": 0,
"sll": 0,
"sll_delta": 0,
"tcp": 0,
"tcp_delta": 0,
"udp": 0,
"udp_delta": 0,
"sctp": 0,
"sctp_delta": 0,
"esp": 0,
"esp_delta": 0,
"icmpv4": 0,
"icmpv4_delta": 0,
"icmpv6": 0,
"icmpv6_delta": 0,
"ppp": 0,
"ppp_delta": 0,
"pppoe": 0,
"pppoe_delta": 0,
"geneve": 0,
"geneve_delta": 0,
"gre": 0,
"gre_delta": 0,
"vlan": 0,
"vlan_delta": 0,
"vlan_qinq": 0,
"vlan_qinq_delta": 0,
"vxlan": 0,
"vxlan_delta": 0,
"vntag": 0,
"vntag_delta": 0,
"ieee8021ah": 0,
"ieee8021ah_delta": 0,
"teredo": 0,
"teredo_delta": 0,
"ipv4_in_ipv6": 0,
"ipv4_in_ipv6_delta": 0,
"ipv6_in_ipv6": 0,
"ipv6_in_ipv6_delta": 0,
"mpls": 0,
"mpls_delta": 0,
"avg_pkt_size": 0,
"avg_pkt_size_delta": 0,
"max_pkt_size": 0,
"max_pkt_size_delta": 0,
"max_mac_addrs_src": 0,
"max_mac_addrs_src_delta": 0,
"max_mac_addrs_dst": 0,
"max_mac_addrs_dst_delta": 0,
"erspan": 0,
"erspan_delta": 0,
"nsh": 0,
"nsh_delta": 0,
"event": {
"ipv4": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"hlen_too_small": 0,
"hlen_too_small_delta": 0,
"iplen_smaller_than_hlen": 0,
"iplen_smaller_than_hlen_delta": 0,
"trunc_pkt": 0,
"trunc_pkt_delta": 0,
"opt_invalid": 0,
"opt_invalid_delta": 0,
"opt_invalid_len": 0,
"opt_invalid_len_delta": 0,
"opt_malformed": 0,
"opt_malformed_delta": 0,
"opt_pad_required": 9,
"opt_pad_required_delta": 0,
"opt_eol_required": 0,
"opt_eol_required_delta": 0,
"opt_duplicate": 0,
"opt_duplicate_delta": 0,
"opt_unknown": 0,
"opt_unknown_delta": 0,
"wrong_ip_version": 0,
"wrong_ip_version_delta": 0,
"icmpv6": 0,
"icmpv6_delta": 0,
"frag_pkt_too_large": 0,
"frag_pkt_too_large_delta": 0,
"frag_overlap": 4,
"frag_overlap_delta": 0,
"frag_ignored": 0,
"frag_ignored_delta": 0
},
"icmpv4": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"unknown_type": 0,
"unknown_type_delta": 0,
"unknown_code": 0,
"unknown_code_delta": 0,
"ipv4_trunc_pkt": 0,
"ipv4_trunc_pkt_delta": 0,
"ipv4_unknown_ver": 0,
"ipv4_unknown_ver_delta": 0
},
"icmpv6": {
"unknown_type": 0,
"unknown_type_delta": 0,
"unknown_code": 0,
"unknown_code_delta": 0,
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"ipv6_unknown_version": 0,
"ipv6_unknown_version_delta": 0,
"ipv6_trunc_pkt": 0,
"ipv6_trunc_pkt_delta": 0,
"mld_message_with_invalid_hl": 0,
"mld_message_with_invalid_hl_delta": 0,
"unassigned_type": 0,
"unassigned_type_delta": 0,
"experimentation_type": 0,
"experimentation_type_delta": 0
},
"ipv6": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"trunc_pkt": 0,
"trunc_pkt_delta": 0,
"trunc_exthdr": 0,
"trunc_exthdr_delta": 0,
"exthdr_dupl_fh": 0,
"exthdr_dupl_fh_delta": 0,
"exthdr_useless_fh": 0,
"exthdr_useless_fh_delta": 0,
"exthdr_dupl_rh": 0,
"exthdr_dupl_rh_delta": 0,
"exthdr_dupl_hh": 0,
"exthdr_dupl_hh_delta": 0,
"exthdr_dupl_dh": 0,
"exthdr_dupl_dh_delta": 0,
"exthdr_dupl_ah": 0,
"exthdr_dupl_ah_delta": 0,
"exthdr_dupl_eh": 0,
"exthdr_dupl_eh_delta": 0,
"exthdr_invalid_optlen": 0,
"exthdr_invalid_optlen_delta": 0,
"wrong_ip_version": 0,
"wrong_ip_version_delta": 0,
"exthdr_ah_res_not_null": 0,
"exthdr_ah_res_not_null_delta": 0,
"hopopts_unknown_opt": 0,
"hopopts_unknown_opt_delta": 0,
"hopopts_only_padding": 0,
"hopopts_only_padding_delta": 0,
"dstopts_unknown_opt": 0,
"dstopts_unknown_opt_delta": 0,
"dstopts_only_padding": 0,
"dstopts_only_padding_delta": 0,
"rh_type_0": 0,
"rh_type_0_delta": 0,
"zero_len_padn": 12,
"zero_len_padn_delta": 0,
"fh_non_zero_reserved_field": 0,
"fh_non_zero_reserved_field_delta": 0,
"data_after_none_header": 0,
"data_after_none_header_delta": 0,
"unknown_next_header": 0,
"unknown_next_header_delta": 0,
"icmpv4": 0,
"icmpv4_delta": 0,
"frag_pkt_too_large": 0,
"frag_pkt_too_large_delta": 0,
"frag_overlap": 0,
"frag_overlap_delta": 0,
"frag_invalid_length": 0,
"frag_invalid_length_delta": 0,
"frag_ignored": 0,
"frag_ignored_delta": 0,
"ipv4_in_ipv6_too_small": 0,
"ipv4_in_ipv6_too_small_delta": 0,
"ipv4_in_ipv6_wrong_version": 0,
"ipv4_in_ipv6_wrong_version_delta": 0,
"ipv6_in_ipv6_too_small": 0,
"ipv6_in_ipv6_too_small_delta": 0,
"ipv6_in_ipv6_wrong_version": 0,
"ipv6_in_ipv6_wrong_version_delta": 0
},
"tcp": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"hlen_too_small": 0,
"hlen_too_small_delta": 0,
"invalid_optlen": 0,
"invalid_optlen_delta": 0,
"opt_invalid_len": 2297,
"opt_invalid_len_delta": 0,
"opt_duplicate": 0,
"opt_duplicate_delta": 0
},
"udp": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"hlen_too_small": 0,
"hlen_too_small_delta": 0,
"hlen_invalid": 0,
"hlen_invalid_delta": 0
},
"sll": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"ethernet": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"ppp": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"vju_pkt_too_small": 0,
"vju_pkt_too_small_delta": 0,
"ip4_pkt_too_small": 0,
"ip4_pkt_too_small_delta": 0,
"ip6_pkt_too_small": 0,
"ip6_pkt_too_small_delta": 0,
"wrong_type": 0,
"wrong_type_delta": 0,
"unsup_proto": 0,
"unsup_proto_delta": 0
},
"pppoe": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"wrong_code": 0,
"wrong_code_delta": 0,
"malformed_tags": 0,
"malformed_tags_delta": 0
},
"gre": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"wrong_version": 0,
"wrong_version_delta": 0,
"version0_recur": 0,
"version0_recur_delta": 0,
"version0_flags": 0,
"version0_flags_delta": 0,
"version0_hdr_too_big": 0,
"version0_hdr_too_big_delta": 0,
"version0_malformed_sre_hdr": 0,
"version0_malformed_sre_hdr_delta": 0,
"version1_chksum": 0,
"version1_chksum_delta": 0,
"version1_route": 0,
"version1_route_delta": 0,
"version1_ssr": 0,
"version1_ssr_delta": 0,
"version1_recur": 0,
"version1_recur_delta": 0,
"version1_flags": 0,
"version1_flags_delta": 0,
"version1_no_key": 0,
"version1_no_key_delta": 0,
"version1_wrong_protocol": 0,
"version1_wrong_protocol_delta": 0,
"version1_malformed_sre_hdr": 0,
"version1_malformed_sre_hdr_delta": 0,
"version1_hdr_too_big": 0,
"version1_hdr_too_big_delta": 0
},
"vlan": {
"header_too_small": 0,
"header_too_small_delta": 0,
"unknown_type": 0,
"unknown_type_delta": 0,
"too_many_layers": 0,
"too_many_layers_delta": 0
},
"ieee8021ah": {
"header_too_small": 0,
"header_too_small_delta": 0
},
"vntag": {
"header_too_small": 0,
"header_too_small_delta": 0,
"unknown_type": 0,
"unknown_type_delta": 0
},
"ipraw": {
"invalid_ip_version": 0,
"invalid_ip_version_delta": 0
},
"ltnull": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"unsupported_type": 0,
"unsupported_type_delta": 0
},
"sctp": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"esp": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"mpls": {
"header_too_small": 0,
"header_too_small_delta": 0,
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"bad_label_router_alert": 0,
"bad_label_router_alert_delta": 0,
"bad_label_implicit_null": 0,
"bad_label_implicit_null_delta": 0,
"bad_label_reserved": 0,
"bad_label_reserved_delta": 0,
"unknown_payload_type": 0,
"unknown_payload_type_delta": 0
},
"vxlan": {
"unknown_payload_type": 0,
"unknown_payload_type_delta": 0
},
"geneve": {
"unknown_payload_type": 0,
"unknown_payload_type_delta": 0
},
"erspan": {
"header_too_small": 0,
"header_too_small_delta": 0,
"unsupported_version": 0,
"unsupported_version_delta": 0,
"too_many_vlan_layers": 0,
"too_many_vlan_layers_delta": 0
},
"dce": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"chdlc": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"nsh": {
"header_too_small": 0,
"header_too_small_delta": 0,
"unsupported_version": 0,
"unsupported_version_delta": 0,
"bad_header_length": 0,
"bad_header_length_delta": 0,
"reserved_type": 0,
"reserved_type_delta": 0,
"unsupported_type": 0,
"unsupported_type_delta": 0,
"unknown_payload": 0,
"unknown_payload_delta": 0
}
},
"too_many_layers": 0,
"too_many_layers_delta": 0
},
"flow": {
"memcap": 0,
"memcap_delta": 0,
"total": 4778707,
"total_delta": 0,
"active": 1506467,
"active_delta": 0,
"tcp": 4748739,
"tcp_delta": 0,
"udp": 25991,
"udp_delta": 0,
"icmpv4": 0,
"icmpv4_delta": 0,
"icmpv6": 3958,
"icmpv6_delta": 0,
"tcp_reuse": 971,
"tcp_reuse_delta": 0,
"get_used": 0,
"get_used_delta": 0,
"get_used_eval": 0,
"get_used_eval_delta": 0,
"get_used_eval_reject": 0,
"get_used_eval_reject_delta": 0,
"get_used_eval_busy": 0,
"get_used_eval_busy_delta": 0,
"get_used_failed": 0,
"get_used_failed_delta": 0,
"wrk": {
"spare_sync_avg": 97,
"spare_sync_avg_delta": 0,
"spare_sync": 424945,
"spare_sync_delta": 0,
"spare_sync_incomplete": 366,
"spare_sync_incomplete_delta": 0,
"spare_sync_empty": 413001,
"spare_sync_empty_delta": 0,
"flows_evicted_needs_work": 80866,
"flows_evicted_needs_work_delta": 0,
"flows_evicted_pkt_inject": 105374,
"flows_evicted_pkt_inject_delta": 0,
"flows_evicted": 4576123,
"flows_evicted_delta": 0,
"flows_injected": 31950,
"flows_injected_delta": 0,
"flows_injected_max": 26,
"flows_injected_max_delta": 0
},
"end": {
"state": {
"new": 2908667,
"new_delta": 0,
"established": 16459,
"established_delta": 0,
"closed": 347114,
"closed_delta": 0,
"local_bypassed": 0,
"local_bypassed_delta": 0,
"capture_bypassed": 0,
"capture_bypassed_delta": 0
},
"tcp_state": {
"none": 0,
"none_delta": 0,
"syn_sent": 2890282,
"syn_sent_delta": 0,
"syn_recv": 685,
"syn_recv_delta": 0,
"established": 2030,
"established_delta": 0,
"fin_wait1": 429,
"fin_wait1_delta": 0,
"fin_wait2": 250,
"fin_wait2_delta": 0,
"time_wait": 1048,
"time_wait_delta": 0,
"last_ack": 5328,
"last_ack_delta": 0,
"close_wait": 1309,
"close_wait_delta": 0,
"closing": 0,
"closing_delta": 0,
"closed": 340738,
"closed_delta": 0
},
"tcp_liberal": 382,
"tcp_liberal_delta": 0
}
},
"tcp": {
"active_sessions": 1484653,
"active_sessions_delta": 0,
"sessions": 4726752,
"sessions_delta": 0,
"ssn_memcap_drop": 0,
"ssn_memcap_drop_delta": 0,
"ssn_from_cache": 3165224,
"ssn_from_cache_delta": 0,
"ssn_from_pool": 1561528,
"ssn_from_pool_delta": 0,
"pseudo": 392,
"pseudo_delta": 0,
"pseudo_failed": 0,
"pseudo_failed_delta": 0,
"invalid_checksum": 0,
"invalid_checksum_delta": 0,
"no_flow": 0,
"no_flow_delta": 0,
"syn": 4941913,
"syn_delta": 0,
"synack": 187842,
"synack_delta": 0,
"rst": 461576,
"rst_delta": 0,
"midstream_pickups": 0,
"midstream_pickups_delta": 0,
"pkt_on_wrong_thread": 0,
"pkt_on_wrong_thread_delta": 0,
"segment_memcap_drop": 0,
"segment_memcap_drop_delta": 0,
"segment_from_cache": 1769147,
"segment_from_cache_delta": 0,
"segment_from_pool": 106164,
"segment_from_pool_delta": 0,
"stream_depth_reached": 3,
"stream_depth_reached_delta": 0,
"reassembly_gap": 401,
"reassembly_gap_delta": 0,
"overlap": 7341,
"overlap_delta": 0,
"overlap_diff_data": 0,
"overlap_diff_data_delta": 0,
"insert_data_normal_fail": 0,
"insert_data_normal_fail_delta": 0,
"insert_data_overlap_fail": 0,
"insert_data_overlap_fail_delta": 0
},
"defrag": {
"ipv4": {
"fragments": 0,
"fragments_delta": 0,
"reassembled": 0,
"reassembled_delta": 0,
"timeouts": 0,
"timeouts_delta": 0
},
"ipv6": {
"fragments": 0,
"fragments_delta": 0,
"reassembled": 0,
"reassembled_delta": 0,
"timeouts": 0,
"timeouts_delta": 0
},
"max_frag_hits": 0,
"max_frag_hits_delta": 0
},
"stream": {
"3whs_ack_in_wrong_dir": 0,
"3whs_ack_in_wrong_dir_delta": 0,
"3whs_async_wrong_seq": 0,
"3whs_async_wrong_seq_delta": 0,
"3whs_right_seq_wrong_ack_evasion": 0,
"3whs_right_seq_wrong_ack_evasion_delta": 0,
"3whs_synack_in_wrong_direction": 0,
"3whs_synack_in_wrong_direction_delta": 0,
"3whs_synack_resend_with_diff_ack": 0,
"3whs_synack_resend_with_diff_ack_delta": 0,
"3whs_synack_resend_with_diff_seq": 0,
"3whs_synack_resend_with_diff_seq_delta": 0,
"3whs_synack_toserver_on_syn_recv": 0,
"3whs_synack_toserver_on_syn_recv_delta": 0,
"3whs_synack_with_wrong_ack": 1,
"3whs_synack_with_wrong_ack_delta": 0,
"3whs_synack_flood": 17,
"3whs_synack_flood_delta": 0,
"3whs_syn_resend_diff_seq_on_syn_recv": 0,
"3whs_syn_resend_diff_seq_on_syn_recv_delta": 0,
"3whs_syn_toclient_on_syn_recv": 0,
"3whs_syn_toclient_on_syn_recv_delta": 0,
"3whs_wrong_seq_wrong_ack": 41,
"3whs_wrong_seq_wrong_ack_delta": 0,
"3whs_ack_data_inject": 0,
"3whs_ack_data_inject_delta": 0,
"4whs_synack_with_wrong_ack": 0,
"4whs_synack_with_wrong_ack_delta": 0,
"4whs_synack_with_wrong_syn": 0,
"4whs_synack_with_wrong_syn_delta": 0,
"4whs_wrong_seq": 0,
"4whs_wrong_seq_delta": 0,
"4whs_invalid_ack": 0,
"4whs_invalid_ack_delta": 0,
"closewait_ack_out_of_window": 0,
"closewait_ack_out_of_window_delta": 0,
"closewait_fin_out_of_window": 5,
"closewait_fin_out_of_window_delta": 0,
"closewait_pkt_before_last_ack": 24,
"closewait_pkt_before_last_ack_delta": 0,
"closewait_invalid_ack": 0,
"closewait_invalid_ack_delta": 0,
"closing_ack_wrong_seq": 0,
"closing_ack_wrong_seq_delta": 0,
"closing_invalid_ack": 0,
"closing_invalid_ack_delta": 0,
"est_packet_out_of_window": 1754,
"est_packet_out_of_window_delta": 0,
"est_pkt_before_last_ack": 126,
"est_pkt_before_last_ack_delta": 0,
"est_synack_resend": 0,
"est_synack_resend_delta": 0,
"est_synack_resend_with_diff_ack": 8,
"est_synack_resend_with_diff_ack_delta": 0,
"est_synack_resend_with_diff_seq": 0,
"est_synack_resend_with_diff_seq_delta": 0,
"est_synack_toserver": 0,
"est_synack_toserver_delta": 0,
"est_syn_resend": 1,
"est_syn_resend_delta": 0,
"est_syn_resend_diff_seq": 8,
"est_syn_resend_diff_seq_delta": 0,
"est_syn_toclient": 0,
"est_syn_toclient_delta": 0,
"est_invalid_ack": 2067,
"est_invalid_ack_delta": 0,
"fin_invalid_ack": 2284,
"fin_invalid_ack_delta": 0,
"fin1_ack_wrong_seq": 0,
"fin1_ack_wrong_seq_delta": 0,
"fin1_fin_wrong_seq": 23,
"fin1_fin_wrong_seq_delta": 0,
"fin1_invalid_ack": 0,
"fin1_invalid_ack_delta": 0,
"fin2_ack_wrong_seq": 0,
"fin2_ack_wrong_seq_delta": 0,
"fin2_fin_wrong_seq": 0,
"fin2_fin_wrong_seq_delta": 0,
"fin2_invalid_ack": 0,
"fin2_invalid_ack_delta": 0,
"fin_but_no_session": 6492,
"fin_but_no_session_delta": 0,
"fin_out_of_window": 2109,
"fin_out_of_window_delta": 0,
"fin_syn": 0,
"fin_syn_delta": 0,
"lastack_ack_wrong_seq": 0,
"lastack_ack_wrong_seq_delta": 0,
"lastack_invalid_ack": 0,
"lastack_invalid_ack_delta": 0,
"rst_but_no_session": 5120,
"rst_but_no_session_delta": 0,
"timewait_ack_wrong_seq": 1,
"timewait_ack_wrong_seq_delta": 0,
"timewait_invalid_ack": 0,
"timewait_invalid_ack_delta": 0,
"shutdown_syn_resend": 0,
"shutdown_syn_resend_delta": 0,
"pkt_invalid_timestamp": 37,
"pkt_invalid_timestamp_delta": 0,
"pkt_invalid_ack": 4653,
"pkt_invalid_ack_delta": 0,
"pkt_broken_ack": 17914,
"pkt_broken_ack_delta": 0,
"rst_invalid_ack": 301,
"rst_invalid_ack_delta": 0,
"pkt_retransmission": 1922,
"pkt_retransmission_delta": 0,
"pkt_spurious_retransmission": 543,
"pkt_spurious_retransmission_delta": 0,
"pkt_bad_window_update": 2,
"pkt_bad_window_update_delta": 0,
"suspected_rst_inject": 0,
"suspected_rst_inject_delta": 0,
"wrong_thread": 0,
"wrong_thread_delta": 0,
"reassembly_segment_before_base_seq": 0,
"reassembly_segment_before_base_seq_delta": 0,
"reassembly_no_segment": 0,
"reassembly_no_segment_delta": 0,
"reassembly_seq_gap": 401,
"reassembly_seq_gap_delta": 0,
"reassembly_overlap_different_data": 0,
"reassembly_overlap_different_data_delta": 0,
"reassembly_depth_reached": 3,
"reassembly_depth_reached_delta": 0
},
"flow_bypassed": {
"local_pkts": 0,
"local_pkts_delta": 0,
"local_bytes": 0,
"local_bytes_delta": 0,
"local_capture_pkts": 0,
"local_capture_pkts_delta": 0,
"local_capture_bytes": 0,
"local_capture_bytes_delta": 0
},
"detect": {
"engines": [
{
"id": 0,
"last_reload": "2023-02-06T04:49:58.690772+0000",
"rules_loaded": 45183,
"rules_failed": 2
}
],
"alert": 348,
"alert_delta": 0,
"alert_queue_overflow": 0,
"alert_queue_overflow_delta": 0,
"alerts_suppressed": 20665,
"alerts_suppressed_delta": 0,
"mpm_list": 1,
"mpm_list_delta": 0,
"nonmpm_list": 22,
"nonmpm_list_delta": 0,
"fnonmpm_list": 10,
"fnonmpm_list_delta": 0,
"match_list": 11,
"match_list_delta": 0
},
"app_layer": {
"flow": {
"http": 2205,
"http_delta": 0,
"ftp": 3,
"ftp_delta": 0,
"smtp": 0,
"smtp_delta": 0,
"tls": 88986,
"tls_delta": 0,
"ssh": 100,
"ssh_delta": 0,
"imap": 0,
"imap_delta": 0,
"smb": 0,
"smb_delta": 0,
"dcerpc_tcp": 0,
"dcerpc_tcp_delta": 0,
"dns_tcp": 0,
"dns_tcp_delta": 0,
"nfs_tcp": 0,
"nfs_tcp_delta": 0,
"ntp": 0,
"ntp_delta": 0,
"ftp-data": 3,
"ftp-data_delta": 0,
"tftp": 0,
"tftp_delta": 0,
"ike": 0,
"ike_delta": 0,
"krb5_tcp": 0,
"krb5_tcp_delta": 0,
"quic": 23827,
"quic_delta": 0,
"dhcp": 0,
"dhcp_delta": 0,
"snmp": 0,
"snmp_delta": 0,
"sip": 0,
"sip_delta": 0,
"rfb": 205,
"rfb_delta": 0,
"mqtt": 0,
"mqtt_delta": 0,
"pgsql": 134,
"pgsql_delta": 0,
"telnet": 0,
"telnet_delta": 0,
"rdp": 79,
"rdp_delta": 0,
"bittorrent-dht": 0,
"bittorrent-dht_delta": 0,
"failed_tcp": 6394,
"failed_tcp_delta": 0,
"dcerpc_udp": 0,
"dcerpc_udp_delta": 0,
"dns_udp": 0,
"dns_udp_delta": 0,
"nfs_udp": 0,
"nfs_udp_delta": 0,
"krb5_udp": 0,
"krb5_udp_delta": 0,
"failed_udp": 2164,
"failed_udp_delta": 0
},
"tx": {
"http": 2328,
"http_delta": 0,
"ftp": 34,
"ftp_delta": 0,
"smtp": 0,
"smtp_delta": 0,
"tls": 0,
"tls_delta": 0,
"ssh": 0,
"ssh_delta": 0,
"imap": 0,
"imap_delta": 0,
"smb": 1,
"smb_delta": 0,
"dcerpc_tcp": 0,
"dcerpc_tcp_delta": 0,
"dns_tcp": 0,
"dns_tcp_delta": 0,
"nfs_tcp": 0,
"nfs_tcp_delta": 0,
"ntp": 0,
"ntp_delta": 0,
"ftp-data": 0,
"ftp-data_delta": 0,
"tftp": 0,
"tftp_delta": 0,
"ike": 0,
"ike_delta": 0,
"krb5_tcp": 0,
"krb5_tcp_delta": 0,
"quic": 55718,
"quic_delta": 0,
"dhcp": 0,
"dhcp_delta": 0,
"snmp": 0,
"snmp_delta": 0,
"sip": 0,
"sip_delta": 0,
"rfb": 206,
"rfb_delta": 0,
"mqtt": 0,
"mqtt_delta": 0,
"pgsql": 206,
"pgsql_delta": 0,
"telnet": 0,
"telnet_delta": 0,
"rdp": 236,
"rdp_delta": 0,
"bittorrent-dht": 0,
"bittorrent-dht_delta": 0,
"dcerpc_udp": 0,
"dcerpc_udp_delta": 0,
"dns_udp": 0,
"dns_udp_delta": 0,
"nfs_udp": 0,
"nfs_udp_delta": 0,
"krb5_udp": 0,
"krb5_udp_delta": 0
},
"error": {
"http": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"ftp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"smtp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"tls": {
"gap": 394,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 5425,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"ssh": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"imap": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"smb": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"dcerpc_tcp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"dns_tcp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"nfs_tcp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"ntp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"ftp-data": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"tftp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"ike": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"krb5_tcp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"quic": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 3168,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"dhcp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"snmp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"sip": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"rfb": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 67,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"mqtt": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"pgsql": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 36,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"telnet": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"rdp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"bittorrent-dht": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"failed_tcp": {
"gap": 0,
"gap_delta": 0
},
"dcerpc_udp": {
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"dns_udp": {
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"nfs_udp": {
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"krb5_udp": {
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
}
}
}
},
"W#02": {
"decoder": {
"pkts": 0,
"pkts_delta": 0,
"bytes": 0,
"bytes_delta": 0,
"invalid": 0,
"invalid_delta": 0,
"ipv4": 0,
"ipv4_delta": 0,
"ipv6": 0,
"ipv6_delta": 0,
"ethernet": 0,
"ethernet_delta": 0,
"chdlc": 0,
"chdlc_delta": 0,
"raw": 0,
"raw_delta": 0,
"null": 0,
"null_delta": 0,
"sll": 0,
"sll_delta": 0,
"tcp": 0,
"tcp_delta": 0,
"udp": 0,
"udp_delta": 0,
"sctp": 0,
"sctp_delta": 0,
"esp": 0,
"esp_delta": 0,
"icmpv4": 0,
"icmpv4_delta": 0,
"icmpv6": 0,
"icmpv6_delta": 0,
"ppp": 0,
"ppp_delta": 0,
"pppoe": 0,
"pppoe_delta": 0,
"geneve": 0,
"geneve_delta": 0,
"gre": 0,
"gre_delta": 0,
"vlan": 0,
"vlan_delta": 0,
"vlan_qinq": 0,
"vlan_qinq_delta": 0,
"vxlan": 0,
"vxlan_delta": 0,
"vntag": 0,
"vntag_delta": 0,
"ieee8021ah": 0,
"ieee8021ah_delta": 0,
"teredo": 0,
"teredo_delta": 0,
"ipv4_in_ipv6": 0,
"ipv4_in_ipv6_delta": 0,
"ipv6_in_ipv6": 0,
"ipv6_in_ipv6_delta": 0,
"mpls": 0,
"mpls_delta": 0,
"avg_pkt_size": 0,
"avg_pkt_size_delta": 0,
"max_pkt_size": 0,
"max_pkt_size_delta": 0,
"max_mac_addrs_src": 0,
"max_mac_addrs_src_delta": 0,
"max_mac_addrs_dst": 0,
"max_mac_addrs_dst_delta": 0,
"erspan": 0,
"erspan_delta": 0,
"nsh": 0,
"nsh_delta": 0,
"event": {
"ipv4": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"hlen_too_small": 0,
"hlen_too_small_delta": 0,
"iplen_smaller_than_hlen": 0,
"iplen_smaller_than_hlen_delta": 0,
"trunc_pkt": 0,
"trunc_pkt_delta": 0,
"opt_invalid": 0,
"opt_invalid_delta": 0,
"opt_invalid_len": 0,
"opt_invalid_len_delta": 0,
"opt_malformed": 0,
"opt_malformed_delta": 0,
"opt_pad_required": 7,
"opt_pad_required_delta": 0,
"opt_eol_required": 0,
"opt_eol_required_delta": 0,
"opt_duplicate": 0,
"opt_duplicate_delta": 0,
"opt_unknown": 0,
"opt_unknown_delta": 0,
"wrong_ip_version": 0,
"wrong_ip_version_delta": 0,
"icmpv6": 0,
"icmpv6_delta": 0,
"frag_pkt_too_large": 0,
"frag_pkt_too_large_delta": 0,
"frag_overlap": 1,
"frag_overlap_delta": 0,
"frag_ignored": 0,
"frag_ignored_delta": 0
},
"icmpv4": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"unknown_type": 0,
"unknown_type_delta": 0,
"unknown_code": 0,
"unknown_code_delta": 0,
"ipv4_trunc_pkt": 0,
"ipv4_trunc_pkt_delta": 0,
"ipv4_unknown_ver": 0,
"ipv4_unknown_ver_delta": 0
},
"icmpv6": {
"unknown_type": 0,
"unknown_type_delta": 0,
"unknown_code": 0,
"unknown_code_delta": 0,
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"ipv6_unknown_version": 0,
"ipv6_unknown_version_delta": 0,
"ipv6_trunc_pkt": 0,
"ipv6_trunc_pkt_delta": 0,
"mld_message_with_invalid_hl": 0,
"mld_message_with_invalid_hl_delta": 0,
"unassigned_type": 0,
"unassigned_type_delta": 0,
"experimentation_type": 0,
"experimentation_type_delta": 0
},
"ipv6": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"trunc_pkt": 0,
"trunc_pkt_delta": 0,
"trunc_exthdr": 0,
"trunc_exthdr_delta": 0,
"exthdr_dupl_fh": 0,
"exthdr_dupl_fh_delta": 0,
"exthdr_useless_fh": 0,
"exthdr_useless_fh_delta": 0,
"exthdr_dupl_rh": 0,
"exthdr_dupl_rh_delta": 0,
"exthdr_dupl_hh": 0,
"exthdr_dupl_hh_delta": 0,
"exthdr_dupl_dh": 0,
"exthdr_dupl_dh_delta": 0,
"exthdr_dupl_ah": 0,
"exthdr_dupl_ah_delta": 0,
"exthdr_dupl_eh": 0,
"exthdr_dupl_eh_delta": 0,
"exthdr_invalid_optlen": 0,
"exthdr_invalid_optlen_delta": 0,
"wrong_ip_version": 0,
"wrong_ip_version_delta": 0,
"exthdr_ah_res_not_null": 0,
"exthdr_ah_res_not_null_delta": 0,
"hopopts_unknown_opt": 0,
"hopopts_unknown_opt_delta": 0,
"hopopts_only_padding": 0,
"hopopts_only_padding_delta": 0,
"dstopts_unknown_opt": 0,
"dstopts_unknown_opt_delta": 0,
"dstopts_only_padding": 0,
"dstopts_only_padding_delta": 0,
"rh_type_0": 0,
"rh_type_0_delta": 0,
"zero_len_padn": 0,
"zero_len_padn_delta": 0,
"fh_non_zero_reserved_field": 0,
"fh_non_zero_reserved_field_delta": 0,
"data_after_none_header": 0,
"data_after_none_header_delta": 0,
"unknown_next_header": 0,
"unknown_next_header_delta": 0,
"icmpv4": 0,
"icmpv4_delta": 0,
"frag_pkt_too_large": 0,
"frag_pkt_too_large_delta": 0,
"frag_overlap": 0,
"frag_overlap_delta": 0,
"frag_invalid_length": 0,
"frag_invalid_length_delta": 0,
"frag_ignored": 0,
"frag_ignored_delta": 0,
"ipv4_in_ipv6_too_small": 0,
"ipv4_in_ipv6_too_small_delta": 0,
"ipv4_in_ipv6_wrong_version": 0,
"ipv4_in_ipv6_wrong_version_delta": 0,
"ipv6_in_ipv6_too_small": 0,
"ipv6_in_ipv6_too_small_delta": 0,
"ipv6_in_ipv6_wrong_version": 0,
"ipv6_in_ipv6_wrong_version_delta": 0
},
"tcp": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"hlen_too_small": 0,
"hlen_too_small_delta": 0,
"invalid_optlen": 0,
"invalid_optlen_delta": 0,
"opt_invalid_len": 2331,
"opt_invalid_len_delta": 0,
"opt_duplicate": 0,
"opt_duplicate_delta": 0
},
"udp": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"hlen_too_small": 0,
"hlen_too_small_delta": 0,
"hlen_invalid": 0,
"hlen_invalid_delta": 0
},
"sll": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"ethernet": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"ppp": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"vju_pkt_too_small": 0,
"vju_pkt_too_small_delta": 0,
"ip4_pkt_too_small": 0,
"ip4_pkt_too_small_delta": 0,
"ip6_pkt_too_small": 0,
"ip6_pkt_too_small_delta": 0,
"wrong_type": 0,
"wrong_type_delta": 0,
"unsup_proto": 0,
"unsup_proto_delta": 0
},
"pppoe": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"wrong_code": 0,
"wrong_code_delta": 0,
"malformed_tags": 0,
"malformed_tags_delta": 0
},
"gre": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"wrong_version": 0,
"wrong_version_delta": 0,
"version0_recur": 0,
"version0_recur_delta": 0,
"version0_flags": 0,
"version0_flags_delta": 0,
"version0_hdr_too_big": 0,
"version0_hdr_too_big_delta": 0,
"version0_malformed_sre_hdr": 0,
"version0_malformed_sre_hdr_delta": 0,
"version1_chksum": 0,
"version1_chksum_delta": 0,
"version1_route": 0,
"version1_route_delta": 0,
"version1_ssr": 0,
"version1_ssr_delta": 0,
"version1_recur": 0,
"version1_recur_delta": 0,
"version1_flags": 0,
"version1_flags_delta": 0,
"version1_no_key": 0,
"version1_no_key_delta": 0,
"version1_wrong_protocol": 0,
"version1_wrong_protocol_delta": 0,
"version1_malformed_sre_hdr": 0,
"version1_malformed_sre_hdr_delta": 0,
"version1_hdr_too_big": 0,
"version1_hdr_too_big_delta": 0
},
"vlan": {
"header_too_small": 0,
"header_too_small_delta": 0,
"unknown_type": 0,
"unknown_type_delta": 0,
"too_many_layers": 0,
"too_many_layers_delta": 0
},
"ieee8021ah": {
"header_too_small": 0,
"header_too_small_delta": 0
},
"vntag": {
"header_too_small": 0,
"header_too_small_delta": 0,
"unknown_type": 0,
"unknown_type_delta": 0
},
"ipraw": {
"invalid_ip_version": 0,
"invalid_ip_version_delta": 0
},
"ltnull": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"unsupported_type": 0,
"unsupported_type_delta": 0
},
"sctp": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"esp": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"mpls": {
"header_too_small": 0,
"header_too_small_delta": 0,
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"bad_label_router_alert": 0,
"bad_label_router_alert_delta": 0,
"bad_label_implicit_null": 0,
"bad_label_implicit_null_delta": 0,
"bad_label_reserved": 0,
"bad_label_reserved_delta": 0,
"unknown_payload_type": 0,
"unknown_payload_type_delta": 0
},
"vxlan": {
"unknown_payload_type": 0,
"unknown_payload_type_delta": 0
},
"geneve": {
"unknown_payload_type": 0,
"unknown_payload_type_delta": 0
},
"erspan": {
"header_too_small": 0,
"header_too_small_delta": 0,
"unsupported_version": 0,
"unsupported_version_delta": 0,
"too_many_vlan_layers": 0,
"too_many_vlan_layers_delta": 0
},
"dce": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"chdlc": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"nsh": {
"header_too_small": 0,
"header_too_small_delta": 0,
"unsupported_version": 0,
"unsupported_version_delta": 0,
"bad_header_length": 0,
"bad_header_length_delta": 0,
"reserved_type": 0,
"reserved_type_delta": 0,
"unsupported_type": 0,
"unsupported_type_delta": 0,
"unknown_payload": 0,
"unknown_payload_delta": 0
}
},
"too_many_layers": 0,
"too_many_layers_delta": 0
},
"flow": {
"memcap": 0,
"memcap_delta": 0,
"total": 4776954,
"total_delta": 0,
"active": 1506758,
"active_delta": 0,
"tcp": 4746944,
"tcp_delta": 0,
"udp": 26064,
"udp_delta": 0,
"icmpv4": 0,
"icmpv4_delta": 0,
"icmpv6": 3935,
"icmpv6_delta": 0,
"tcp_reuse": 762,
"tcp_reuse_delta": 0,
"get_used": 0,
"get_used_delta": 0,
"get_used_eval": 0,
"get_used_eval_delta": 0,
"get_used_eval_reject": 0,
"get_used_eval_reject_delta": 0,
"get_used_eval_busy": 0,
"get_used_eval_busy_delta": 0,
"get_used_failed": 0,
"get_used_failed_delta": 0,
"wrk": {
"spare_sync_avg": 97,
"spare_sync_avg_delta": 0,
"spare_sync": 423834,
"spare_sync_delta": 0,
"spare_sync_incomplete": 326,
"spare_sync_incomplete_delta": 0,
"spare_sync_empty": 411904,
"spare_sync_empty_delta": 0,
"flows_evicted_needs_work": 81254,
"flows_evicted_needs_work_delta": 0,
"flows_evicted_pkt_inject": 105684,
"flows_evicted_pkt_inject_delta": 0,
"flows_evicted": 4575685,
"flows_evicted_delta": 0,
"flows_injected": 32542,
"flows_injected_delta": 0,
"flows_injected_max": 26,
"flows_injected_max_delta": 0
},
"end": {
"state": {
"new": 2907312,
"new_delta": 0,
"established": 16633,
"established_delta": 0,
"closed": 346251,
"closed_delta": 0,
"local_bypassed": 0,
"local_bypassed_delta": 0,
"capture_bypassed": 0,
"capture_bypassed_delta": 0
},
"tcp_state": {
"none": 0,
"none_delta": 0,
"syn_sent": 2889138,
"syn_sent_delta": 0,
"syn_recv": 686,
"syn_recv_delta": 0,
"established": 2045,
"established_delta": 0,
"fin_wait1": 438,
"fin_wait1_delta": 0,
"fin_wait2": 239,
"fin_wait2_delta": 0,
"time_wait": 1041,
"time_wait_delta": 0,
"last_ack": 5331,
"last_ack_delta": 0,
"close_wait": 1346,
"close_wait_delta": 0,
"closing": 0,
"closing_delta": 0,
"closed": 339879,
"closed_delta": 0
},
"tcp_liberal": 393,
"tcp_liberal_delta": 0
}
},
"tcp": {
"active_sessions": 1484848,
"active_sessions_delta": 0,
"sessions": 4724991,
"sessions_delta": 0,
"ssn_memcap_drop": 0,
"ssn_memcap_drop_delta": 0,
"ssn_from_cache": 3162828,
"ssn_from_cache_delta": 0,
"ssn_from_pool": 1562163,
"ssn_from_pool_delta": 0,
"pseudo": 360,
"pseudo_delta": 0,
"pseudo_failed": 0,
"pseudo_failed_delta": 0,
"invalid_checksum": 0,
"invalid_checksum_delta": 0,
"no_flow": 0,
"no_flow_delta": 0,
"syn": 4936931,
"syn_delta": 0,
"synack": 187646,
"synack_delta": 0,
"rst": 462418,
"rst_delta": 0,
"midstream_pickups": 0,
"midstream_pickups_delta": 0,
"pkt_on_wrong_thread": 0,
"pkt_on_wrong_thread_delta": 0,
"segment_memcap_drop": 0,
"segment_memcap_drop_delta": 0,
"segment_from_cache": 1767321,
"segment_from_cache_delta": 0,
"segment_from_pool": 106907,
"segment_from_pool_delta": 0,
"stream_depth_reached": 3,
"stream_depth_reached_delta": 0,
"reassembly_gap": 421,
"reassembly_gap_delta": 0,
"overlap": 7231,
"overlap_delta": 0,
"overlap_diff_data": 0,
"overlap_diff_data_delta": 0,
"insert_data_normal_fail": 0,
"insert_data_normal_fail_delta": 0,
"insert_data_overlap_fail": 0,
"insert_data_overlap_fail_delta": 0
},
"defrag": {
"ipv4": {
"fragments": 0,
"fragments_delta": 0,
"reassembled": 0,
"reassembled_delta": 0,
"timeouts": 0,
"timeouts_delta": 0
},
"ipv6": {
"fragments": 0,
"fragments_delta": 0,
"reassembled": 0,
"reassembled_delta": 0,
"timeouts": 0,
"timeouts_delta": 0
},
"max_frag_hits": 0,
"max_frag_hits_delta": 0
},
"stream": {
"3whs_ack_in_wrong_dir": 0,
"3whs_ack_in_wrong_dir_delta": 0,
"3whs_async_wrong_seq": 0,
"3whs_async_wrong_seq_delta": 0,
"3whs_right_seq_wrong_ack_evasion": 0,
"3whs_right_seq_wrong_ack_evasion_delta": 0,
"3whs_synack_in_wrong_direction": 0,
"3whs_synack_in_wrong_direction_delta": 0,
"3whs_synack_resend_with_diff_ack": 0,
"3whs_synack_resend_with_diff_ack_delta": 0,
"3whs_synack_resend_with_diff_seq": 0,
"3whs_synack_resend_with_diff_seq_delta": 0,
"3whs_synack_toserver_on_syn_recv": 0,
"3whs_synack_toserver_on_syn_recv_delta": 0,
"3whs_synack_with_wrong_ack": 1,
"3whs_synack_with_wrong_ack_delta": 0,
"3whs_synack_flood": 30,
"3whs_synack_flood_delta": 0,
"3whs_syn_resend_diff_seq_on_syn_recv": 0,
"3whs_syn_resend_diff_seq_on_syn_recv_delta": 0,
"3whs_syn_toclient_on_syn_recv": 0,
"3whs_syn_toclient_on_syn_recv_delta": 0,
"3whs_wrong_seq_wrong_ack": 66,
"3whs_wrong_seq_wrong_ack_delta": 0,
"3whs_ack_data_inject": 0,
"3whs_ack_data_inject_delta": 0,
"4whs_synack_with_wrong_ack": 0,
"4whs_synack_with_wrong_ack_delta": 0,
"4whs_synack_with_wrong_syn": 0,
"4whs_synack_with_wrong_syn_delta": 0,
"4whs_wrong_seq": 0,
"4whs_wrong_seq_delta": 0,
"4whs_invalid_ack": 0,
"4whs_invalid_ack_delta": 0,
"closewait_ack_out_of_window": 0,
"closewait_ack_out_of_window_delta": 0,
"closewait_fin_out_of_window": 8,
"closewait_fin_out_of_window_delta": 0,
"closewait_pkt_before_last_ack": 14,
"closewait_pkt_before_last_ack_delta": 0,
"closewait_invalid_ack": 0,
"closewait_invalid_ack_delta": 0,
"closing_ack_wrong_seq": 0,
"closing_ack_wrong_seq_delta": 0,
"closing_invalid_ack": 0,
"closing_invalid_ack_delta": 0,
"est_packet_out_of_window": 181,
"est_packet_out_of_window_delta": 0,
"est_pkt_before_last_ack": 162,
"est_pkt_before_last_ack_delta": 0,
"est_synack_resend": 0,
"est_synack_resend_delta": 0,
"est_synack_resend_with_diff_ack": 10,
"est_synack_resend_with_diff_ack_delta": 0,
"est_synack_resend_with_diff_seq": 0,
"est_synack_resend_with_diff_seq_delta": 0,
"est_synack_toserver": 0,
"est_synack_toserver_delta": 0,
"est_syn_resend": 0,
"est_syn_resend_delta": 0,
"est_syn_resend_diff_seq": 10,
"est_syn_resend_diff_seq_delta": 0,
"est_syn_toclient": 0,
"est_syn_toclient_delta": 0,
"est_invalid_ack": 259,
"est_invalid_ack_delta": 0,
"fin_invalid_ack": 2341,
"fin_invalid_ack_delta": 0,
"fin1_ack_wrong_seq": 0,
"fin1_ack_wrong_seq_delta": 0,
"fin1_fin_wrong_seq": 18,
"fin1_fin_wrong_seq_delta": 0,
"fin1_invalid_ack": 3,
"fin1_invalid_ack_delta": 0,
"fin2_ack_wrong_seq": 0,
"fin2_ack_wrong_seq_delta": 0,
"fin2_fin_wrong_seq": 0,
"fin2_fin_wrong_seq_delta": 0,
"fin2_invalid_ack": 0,
"fin2_invalid_ack_delta": 0,
"fin_but_no_session": 6228,
"fin_but_no_session_delta": 0,
"fin_out_of_window": 2209,
"fin_out_of_window_delta": 0,
"fin_syn": 0,
"fin_syn_delta": 0,
"lastack_ack_wrong_seq": 0,
"lastack_ack_wrong_seq_delta": 0,
"lastack_invalid_ack": 0,
"lastack_invalid_ack_delta": 0,
"rst_but_no_session": 5408,
"rst_but_no_session_delta": 0,
"timewait_ack_wrong_seq": 5,
"timewait_ack_wrong_seq_delta": 0,
"timewait_invalid_ack": 0,
"timewait_invalid_ack_delta": 0,
"shutdown_syn_resend": 0,
"shutdown_syn_resend_delta": 0,
"pkt_invalid_timestamp": 42,
"pkt_invalid_timestamp_delta": 0,
"pkt_invalid_ack": 2889,
"pkt_invalid_ack_delta": 0,
"pkt_broken_ack": 18052,
"pkt_broken_ack_delta": 0,
"rst_invalid_ack": 286,
"rst_invalid_ack_delta": 0,
"pkt_retransmission": 1783,
"pkt_retransmission_delta": 0,
"pkt_spurious_retransmission": 502,
"pkt_spurious_retransmission_delta": 0,
"pkt_bad_window_update": 4,
"pkt_bad_window_update_delta": 0,
"suspected_rst_inject": 3,
"suspected_rst_inject_delta": 0,
"wrong_thread": 0,
"wrong_thread_delta": 0,
"reassembly_segment_before_base_seq": 0,
"reassembly_segment_before_base_seq_delta": 0,
"reassembly_no_segment": 0,
"reassembly_no_segment_delta": 0,
"reassembly_seq_gap": 421,
"reassembly_seq_gap_delta": 0,
"reassembly_overlap_different_data": 0,
"reassembly_overlap_different_data_delta": 0,
"reassembly_depth_reached": 3,
"reassembly_depth_reached_delta": 0
},
"flow_bypassed": {
"local_pkts": 0,
"local_pkts_delta": 0,
"local_bytes": 0,
"local_bytes_delta": 0,
"local_capture_pkts": 0,
"local_capture_pkts_delta": 0,
"local_capture_bytes": 0,
"local_capture_bytes_delta": 0
},
"detect": {
"engines": [
{
"id": 0,
"last_reload": "2023-02-06T04:49:58.690772+0000",
"rules_loaded": 45183,
"rules_failed": 2
}
],
"alert": 311,
"alert_delta": 0,
"alert_queue_overflow": 0,
"alert_queue_overflow_delta": 0,
"alerts_suppressed": 20526,
"alerts_suppressed_delta": 0,
"mpm_list": 1,
"mpm_list_delta": 0,
"nonmpm_list": 22,
"nonmpm_list_delta": 0,
"fnonmpm_list": 10,
"fnonmpm_list_delta": 0,
"match_list": 11,
"match_list_delta": 0
},
"app_layer": {
"flow": {
"http": 1993,
"http_delta": 0,
"ftp": 2,
"ftp_delta": 0,
"smtp": 0,
"smtp_delta": 0,
"tls": 89419,
"tls_delta": 0,
"ssh": 102,
"ssh_delta": 0,
"imap": 0,
"imap_delta": 0,
"smb": 0,
"smb_delta": 0,
"dcerpc_tcp": 0,
"dcerpc_tcp_delta": 0,
"dns_tcp": 0,
"dns_tcp_delta": 0,
"nfs_tcp": 0,
"nfs_tcp_delta": 0,
"ntp": 0,
"ntp_delta": 0,
"ftp-data": 4,
"ftp-data_delta": 0,
"tftp": 0,
"tftp_delta": 0,
"ike": 0,
"ike_delta": 0,
"krb5_tcp": 0,
"krb5_tcp_delta": 0,
"quic": 23963,
"quic_delta": 0,
"dhcp": 0,
"dhcp_delta": 0,
"snmp": 0,
"snmp_delta": 0,
"sip": 0,
"sip_delta": 0,
"rfb": 186,
"rfb_delta": 0,
"mqtt": 0,
"mqtt_delta": 0,
"pgsql": 130,
"pgsql_delta": 0,
"telnet": 0,
"telnet_delta": 0,
"rdp": 83,
"rdp_delta": 0,
"bittorrent-dht": 0,
"bittorrent-dht_delta": 0,
"failed_tcp": 6466,
"failed_tcp_delta": 0,
"dcerpc_udp": 0,
"dcerpc_udp_delta": 0,
"dns_udp": 0,
"dns_udp_delta": 0,
"nfs_udp": 0,
"nfs_udp_delta": 0,
"krb5_udp": 0,
"krb5_udp_delta": 0,
"failed_udp": 2101,
"failed_udp_delta": 0
},
"tx": {
"http": 2457,
"http_delta": 0,
"ftp": 23,
"ftp_delta": 0,
"smtp": 0,
"smtp_delta": 0,
"tls": 0,
"tls_delta": 0,
"ssh": 0,
"ssh_delta": 0,
"imap": 0,
"imap_delta": 0,
"smb": 0,
"smb_delta": 0,
"dcerpc_tcp": 0,
"dcerpc_tcp_delta": 0,
"dns_tcp": 0,
"dns_tcp_delta": 0,
"nfs_tcp": 0,
"nfs_tcp_delta": 0,
"ntp": 0,
"ntp_delta": 0,
"ftp-data": 0,
"ftp-data_delta": 0,
"tftp": 0,
"tftp_delta": 0,
"ike": 0,
"ike_delta": 0,
"krb5_tcp": 0,
"krb5_tcp_delta": 0,
"quic": 56868,
"quic_delta": 0,
"dhcp": 0,
"dhcp_delta": 0,
"snmp": 0,
"snmp_delta": 0,
"sip": 0,
"sip_delta": 0,
"rfb": 186,
"rfb_delta": 0,
"mqtt": 0,
"mqtt_delta": 0,
"pgsql": 320,
"pgsql_delta": 0,
"telnet": 0,
"telnet_delta": 0,
"rdp": 249,
"rdp_delta": 0,
"bittorrent-dht": 0,
"bittorrent-dht_delta": 0,
"dcerpc_udp": 0,
"dcerpc_udp_delta": 0,
"dns_udp": 0,
"dns_udp_delta": 0,
"nfs_udp": 0,
"nfs_udp_delta": 0,
"krb5_udp": 0,
"krb5_udp_delta": 0
},
"error": {
"http": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"ftp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"smtp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"tls": {
"gap": 419,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 5214,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"ssh": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"imap": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"smb": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"dcerpc_tcp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"dns_tcp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"nfs_tcp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"ntp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"ftp-data": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"tftp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"ike": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"krb5_tcp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"quic": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 3472,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"dhcp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"snmp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"sip": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"rfb": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 60,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"mqtt": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"pgsql": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 39,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"telnet": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"rdp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"bittorrent-dht": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"failed_tcp": {
"gap": 0,
"gap_delta": 0
},
"dcerpc_udp": {
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"dns_udp": {
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"nfs_udp": {
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"krb5_udp": {
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
}
}
}
},
"W#03": {
"decoder": {
"pkts": 0,
"pkts_delta": 0,
"bytes": 0,
"bytes_delta": 0,
"invalid": 0,
"invalid_delta": 0,
"ipv4": 0,
"ipv4_delta": 0,
"ipv6": 0,
"ipv6_delta": 0,
"ethernet": 0,
"ethernet_delta": 0,
"chdlc": 0,
"chdlc_delta": 0,
"raw": 0,
"raw_delta": 0,
"null": 0,
"null_delta": 0,
"sll": 0,
"sll_delta": 0,
"tcp": 0,
"tcp_delta": 0,
"udp": 0,
"udp_delta": 0,
"sctp": 0,
"sctp_delta": 0,
"esp": 0,
"esp_delta": 0,
"icmpv4": 0,
"icmpv4_delta": 0,
"icmpv6": 0,
"icmpv6_delta": 0,
"ppp": 0,
"ppp_delta": 0,
"pppoe": 0,
"pppoe_delta": 0,
"geneve": 0,
"geneve_delta": 0,
"gre": 0,
"gre_delta": 0,
"vlan": 0,
"vlan_delta": 0,
"vlan_qinq": 0,
"vlan_qinq_delta": 0,
"vxlan": 0,
"vxlan_delta": 0,
"vntag": 0,
"vntag_delta": 0,
"ieee8021ah": 0,
"ieee8021ah_delta": 0,
"teredo": 0,
"teredo_delta": 0,
"ipv4_in_ipv6": 0,
"ipv4_in_ipv6_delta": 0,
"ipv6_in_ipv6": 0,
"ipv6_in_ipv6_delta": 0,
"mpls": 0,
"mpls_delta": 0,
"avg_pkt_size": 0,
"avg_pkt_size_delta": 0,
"max_pkt_size": 0,
"max_pkt_size_delta": 0,
"max_mac_addrs_src": 0,
"max_mac_addrs_src_delta": 0,
"max_mac_addrs_dst": 0,
"max_mac_addrs_dst_delta": 0,
"erspan": 0,
"erspan_delta": 0,
"nsh": 0,
"nsh_delta": 0,
"event": {
"ipv4": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"hlen_too_small": 0,
"hlen_too_small_delta": 0,
"iplen_smaller_than_hlen": 0,
"iplen_smaller_than_hlen_delta": 0,
"trunc_pkt": 0,
"trunc_pkt_delta": 0,
"opt_invalid": 0,
"opt_invalid_delta": 0,
"opt_invalid_len": 0,
"opt_invalid_len_delta": 0,
"opt_malformed": 0,
"opt_malformed_delta": 0,
"opt_pad_required": 14,
"opt_pad_required_delta": 0,
"opt_eol_required": 0,
"opt_eol_required_delta": 0,
"opt_duplicate": 0,
"opt_duplicate_delta": 0,
"opt_unknown": 0,
"opt_unknown_delta": 0,
"wrong_ip_version": 0,
"wrong_ip_version_delta": 0,
"icmpv6": 0,
"icmpv6_delta": 0,
"frag_pkt_too_large": 0,
"frag_pkt_too_large_delta": 0,
"frag_overlap": 3,
"frag_overlap_delta": 0,
"frag_ignored": 0,
"frag_ignored_delta": 0
},
"icmpv4": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"unknown_type": 0,
"unknown_type_delta": 0,
"unknown_code": 0,
"unknown_code_delta": 0,
"ipv4_trunc_pkt": 0,
"ipv4_trunc_pkt_delta": 0,
"ipv4_unknown_ver": 0,
"ipv4_unknown_ver_delta": 0
},
"icmpv6": {
"unknown_type": 0,
"unknown_type_delta": 0,
"unknown_code": 0,
"unknown_code_delta": 0,
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"ipv6_unknown_version": 0,
"ipv6_unknown_version_delta": 0,
"ipv6_trunc_pkt": 0,
"ipv6_trunc_pkt_delta": 0,
"mld_message_with_invalid_hl": 0,
"mld_message_with_invalid_hl_delta": 0,
"unassigned_type": 0,
"unassigned_type_delta": 0,
"experimentation_type": 0,
"experimentation_type_delta": 0
},
"ipv6": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"trunc_pkt": 0,
"trunc_pkt_delta": 0,
"trunc_exthdr": 0,
"trunc_exthdr_delta": 0,
"exthdr_dupl_fh": 0,
"exthdr_dupl_fh_delta": 0,
"exthdr_useless_fh": 0,
"exthdr_useless_fh_delta": 0,
"exthdr_dupl_rh": 0,
"exthdr_dupl_rh_delta": 0,
"exthdr_dupl_hh": 0,
"exthdr_dupl_hh_delta": 0,
"exthdr_dupl_dh": 0,
"exthdr_dupl_dh_delta": 0,
"exthdr_dupl_ah": 0,
"exthdr_dupl_ah_delta": 0,
"exthdr_dupl_eh": 0,
"exthdr_dupl_eh_delta": 0,
"exthdr_invalid_optlen": 0,
"exthdr_invalid_optlen_delta": 0,
"wrong_ip_version": 0,
"wrong_ip_version_delta": 0,
"exthdr_ah_res_not_null": 0,
"exthdr_ah_res_not_null_delta": 0,
"hopopts_unknown_opt": 0,
"hopopts_unknown_opt_delta": 0,
"hopopts_only_padding": 0,
"hopopts_only_padding_delta": 0,
"dstopts_unknown_opt": 0,
"dstopts_unknown_opt_delta": 0,
"dstopts_only_padding": 0,
"dstopts_only_padding_delta": 0,
"rh_type_0": 0,
"rh_type_0_delta": 0,
"zero_len_padn": 24,
"zero_len_padn_delta": 0,
"fh_non_zero_reserved_field": 0,
"fh_non_zero_reserved_field_delta": 0,
"data_after_none_header": 0,
"data_after_none_header_delta": 0,
"unknown_next_header": 0,
"unknown_next_header_delta": 0,
"icmpv4": 0,
"icmpv4_delta": 0,
"frag_pkt_too_large": 0,
"frag_pkt_too_large_delta": 0,
"frag_overlap": 0,
"frag_overlap_delta": 0,
"frag_invalid_length": 0,
"frag_invalid_length_delta": 0,
"frag_ignored": 0,
"frag_ignored_delta": 0,
"ipv4_in_ipv6_too_small": 0,
"ipv4_in_ipv6_too_small_delta": 0,
"ipv4_in_ipv6_wrong_version": 0,
"ipv4_in_ipv6_wrong_version_delta": 0,
"ipv6_in_ipv6_too_small": 0,
"ipv6_in_ipv6_too_small_delta": 0,
"ipv6_in_ipv6_wrong_version": 0,
"ipv6_in_ipv6_wrong_version_delta": 0
},
"tcp": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"hlen_too_small": 0,
"hlen_too_small_delta": 0,
"invalid_optlen": 0,
"invalid_optlen_delta": 0,
"opt_invalid_len": 2193,
"opt_invalid_len_delta": 0,
"opt_duplicate": 0,
"opt_duplicate_delta": 0
},
"udp": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"hlen_too_small": 0,
"hlen_too_small_delta": 0,
"hlen_invalid": 0,
"hlen_invalid_delta": 0
},
"sll": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"ethernet": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"ppp": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"vju_pkt_too_small": 0,
"vju_pkt_too_small_delta": 0,
"ip4_pkt_too_small": 0,
"ip4_pkt_too_small_delta": 0,
"ip6_pkt_too_small": 0,
"ip6_pkt_too_small_delta": 0,
"wrong_type": 0,
"wrong_type_delta": 0,
"unsup_proto": 0,
"unsup_proto_delta": 0
},
"pppoe": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"wrong_code": 0,
"wrong_code_delta": 0,
"malformed_tags": 0,
"malformed_tags_delta": 0
},
"gre": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"wrong_version": 0,
"wrong_version_delta": 0,
"version0_recur": 0,
"version0_recur_delta": 0,
"version0_flags": 0,
"version0_flags_delta": 0,
"version0_hdr_too_big": 0,
"version0_hdr_too_big_delta": 0,
"version0_malformed_sre_hdr": 0,
"version0_malformed_sre_hdr_delta": 0,
"version1_chksum": 0,
"version1_chksum_delta": 0,
"version1_route": 0,
"version1_route_delta": 0,
"version1_ssr": 0,
"version1_ssr_delta": 0,
"version1_recur": 0,
"version1_recur_delta": 0,
"version1_flags": 0,
"version1_flags_delta": 0,
"version1_no_key": 0,
"version1_no_key_delta": 0,
"version1_wrong_protocol": 0,
"version1_wrong_protocol_delta": 0,
"version1_malformed_sre_hdr": 0,
"version1_malformed_sre_hdr_delta": 0,
"version1_hdr_too_big": 0,
"version1_hdr_too_big_delta": 0
},
"vlan": {
"header_too_small": 0,
"header_too_small_delta": 0,
"unknown_type": 0,
"unknown_type_delta": 0,
"too_many_layers": 0,
"too_many_layers_delta": 0
},
"ieee8021ah": {
"header_too_small": 0,
"header_too_small_delta": 0
},
"vntag": {
"header_too_small": 0,
"header_too_small_delta": 0,
"unknown_type": 0,
"unknown_type_delta": 0
},
"ipraw": {
"invalid_ip_version": 0,
"invalid_ip_version_delta": 0
},
"ltnull": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"unsupported_type": 0,
"unsupported_type_delta": 0
},
"sctp": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"esp": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"mpls": {
"header_too_small": 0,
"header_too_small_delta": 0,
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"bad_label_router_alert": 0,
"bad_label_router_alert_delta": 0,
"bad_label_implicit_null": 0,
"bad_label_implicit_null_delta": 0,
"bad_label_reserved": 0,
"bad_label_reserved_delta": 0,
"unknown_payload_type": 0,
"unknown_payload_type_delta": 0
},
"vxlan": {
"unknown_payload_type": 0,
"unknown_payload_type_delta": 0
},
"geneve": {
"unknown_payload_type": 0,
"unknown_payload_type_delta": 0
},
"erspan": {
"header_too_small": 0,
"header_too_small_delta": 0,
"unsupported_version": 0,
"unsupported_version_delta": 0,
"too_many_vlan_layers": 0,
"too_many_vlan_layers_delta": 0
},
"dce": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"chdlc": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"nsh": {
"header_too_small": 0,
"header_too_small_delta": 0,
"unsupported_version": 0,
"unsupported_version_delta": 0,
"bad_header_length": 0,
"bad_header_length_delta": 0,
"reserved_type": 0,
"reserved_type_delta": 0,
"unsupported_type": 0,
"unsupported_type_delta": 0,
"unknown_payload": 0,
"unknown_payload_delta": 0
}
},
"too_many_layers": 0,
"too_many_layers_delta": 0
},
"flow": {
"memcap": 0,
"memcap_delta": 0,
"total": 4771859,
"total_delta": 0,
"active": 1502761,
"active_delta": 0,
"tcp": 4741332,
"tcp_delta": 0,
"udp": 26371,
"udp_delta": 0,
"icmpv4": 0,
"icmpv4_delta": 0,
"icmpv6": 4143,
"icmpv6_delta": 0,
"tcp_reuse": 742,
"tcp_reuse_delta": 0,
"get_used": 0,
"get_used_delta": 0,
"get_used_eval": 0,
"get_used_eval_delta": 0,
"get_used_eval_reject": 0,
"get_used_eval_reject_delta": 0,
"get_used_eval_busy": 0,
"get_used_eval_busy_delta": 0,
"get_used_failed": 0,
"get_used_failed_delta": 0,
"wrk": {
"spare_sync_avg": 96,
"spare_sync_avg_delta": 0,
"spare_sync": 425083,
"spare_sync_delta": 0,
"spare_sync_incomplete": 403,
"spare_sync_incomplete_delta": 0,
"spare_sync_empty": 413151,
"spare_sync_empty_delta": 0,
"flows_evicted_needs_work": 81388,
"flows_evicted_needs_work_delta": 0,
"flows_evicted_pkt_inject": 106190,
"flows_evicted_pkt_inject_delta": 0,
"flows_evicted": 4574168,
"flows_evicted_delta": 0,
"flows_injected": 32559,
"flows_injected_delta": 0,
"flows_injected_max": 23,
"flows_injected_max_delta": 0
},
"end": {
"state": {
"new": 2905349,
"new_delta": 0,
"established": 16998,
"established_delta": 0,
"closed": 346751,
"closed_delta": 0,
"local_bypassed": 0,
"local_bypassed_delta": 0,
"capture_bypassed": 0,
"capture_bypassed_delta": 0
},
"tcp_state": {
"none": 0,
"none_delta": 0,
"syn_sent": 2887253,
"syn_sent_delta": 0,
"syn_recv": 719,
"syn_recv_delta": 0,
"established": 2190,
"established_delta": 0,
"fin_wait1": 447,
"fin_wait1_delta": 0,
"fin_wait2": 251,
"fin_wait2_delta": 0,
"time_wait": 1006,
"time_wait_delta": 0,
"last_ack": 5271,
"last_ack_delta": 0,
"close_wait": 1326,
"close_wait_delta": 0,
"closing": 0,
"closing_delta": 0,
"closed": 340474,
"closed_delta": 0
},
"tcp_liberal": 406,
"tcp_liberal_delta": 0
}
},
"tcp": {
"active_sessions": 1480710,
"active_sessions_delta": 0,
"sessions": 4719647,
"sessions_delta": 0,
"ssn_memcap_drop": 0,
"ssn_memcap_drop_delta": 0,
"ssn_from_cache": 3162738,
"ssn_from_cache_delta": 0,
"ssn_from_pool": 1556909,
"ssn_from_pool_delta": 0,
"pseudo": 388,
"pseudo_delta": 0,
"pseudo_failed": 0,
"pseudo_failed_delta": 0,
"invalid_checksum": 0,
"invalid_checksum_delta": 0,
"no_flow": 0,
"no_flow_delta": 0,
"syn": 4930016,
"syn_delta": 0,
"synack": 188625,
"synack_delta": 0,
"rst": 460525,
"rst_delta": 0,
"midstream_pickups": 0,
"midstream_pickups_delta": 0,
"pkt_on_wrong_thread": 0,
"pkt_on_wrong_thread_delta": 0,
"segment_memcap_drop": 0,
"segment_memcap_drop_delta": 0,
"segment_from_cache": 1772366,
"segment_from_cache_delta": 0,
"segment_from_pool": 108184,
"segment_from_pool_delta": 0,
"stream_depth_reached": 2,
"stream_depth_reached_delta": 0,
"reassembly_gap": 419,
"reassembly_gap_delta": 0,
"overlap": 7059,
"overlap_delta": 0,
"overlap_diff_data": 0,
"overlap_diff_data_delta": 0,
"insert_data_normal_fail": 0,
"insert_data_normal_fail_delta": 0,
"insert_data_overlap_fail": 0,
"insert_data_overlap_fail_delta": 0
},
"defrag": {
"ipv4": {
"fragments": 0,
"fragments_delta": 0,
"reassembled": 0,
"reassembled_delta": 0,
"timeouts": 0,
"timeouts_delta": 0
},
"ipv6": {
"fragments": 0,
"fragments_delta": 0,
"reassembled": 0,
"reassembled_delta": 0,
"timeouts": 0,
"timeouts_delta": 0
},
"max_frag_hits": 0,
"max_frag_hits_delta": 0
},
"stream": {
"3whs_ack_in_wrong_dir": 0,
"3whs_ack_in_wrong_dir_delta": 0,
"3whs_async_wrong_seq": 0,
"3whs_async_wrong_seq_delta": 0,
"3whs_right_seq_wrong_ack_evasion": 0,
"3whs_right_seq_wrong_ack_evasion_delta": 0,
"3whs_synack_in_wrong_direction": 0,
"3whs_synack_in_wrong_direction_delta": 0,
"3whs_synack_resend_with_diff_ack": 0,
"3whs_synack_resend_with_diff_ack_delta": 0,
"3whs_synack_resend_with_diff_seq": 0,
"3whs_synack_resend_with_diff_seq_delta": 0,
"3whs_synack_toserver_on_syn_recv": 0,
"3whs_synack_toserver_on_syn_recv_delta": 0,
"3whs_synack_with_wrong_ack": 3,
"3whs_synack_with_wrong_ack_delta": 0,
"3whs_synack_flood": 9,
"3whs_synack_flood_delta": 0,
"3whs_syn_resend_diff_seq_on_syn_recv": 0,
"3whs_syn_resend_diff_seq_on_syn_recv_delta": 0,
"3whs_syn_toclient_on_syn_recv": 0,
"3whs_syn_toclient_on_syn_recv_delta": 0,
"3whs_wrong_seq_wrong_ack": 18,
"3whs_wrong_seq_wrong_ack_delta": 0,
"3whs_ack_data_inject": 0,
"3whs_ack_data_inject_delta": 0,
"4whs_synack_with_wrong_ack": 0,
"4whs_synack_with_wrong_ack_delta": 0,
"4whs_synack_with_wrong_syn": 0,
"4whs_synack_with_wrong_syn_delta": 0,
"4whs_wrong_seq": 0,
"4whs_wrong_seq_delta": 0,
"4whs_invalid_ack": 0,
"4whs_invalid_ack_delta": 0,
"closewait_ack_out_of_window": 0,
"closewait_ack_out_of_window_delta": 0,
"closewait_fin_out_of_window": 5,
"closewait_fin_out_of_window_delta": 0,
"closewait_pkt_before_last_ack": 24,
"closewait_pkt_before_last_ack_delta": 0,
"closewait_invalid_ack": 0,
"closewait_invalid_ack_delta": 0,
"closing_ack_wrong_seq": 0,
"closing_ack_wrong_seq_delta": 0,
"closing_invalid_ack": 0,
"closing_invalid_ack_delta": 0,
"est_packet_out_of_window": 210,
"est_packet_out_of_window_delta": 0,
"est_pkt_before_last_ack": 121,
"est_pkt_before_last_ack_delta": 0,
"est_synack_resend": 0,
"est_synack_resend_delta": 0,
"est_synack_resend_with_diff_ack": 24,
"est_synack_resend_with_diff_ack_delta": 0,
"est_synack_resend_with_diff_seq": 0,
"est_synack_resend_with_diff_seq_delta": 0,
"est_synack_toserver": 0,
"est_synack_toserver_delta": 0,
"est_syn_resend": 0,
"est_syn_resend_delta": 0,
"est_syn_resend_diff_seq": 24,
"est_syn_resend_diff_seq_delta": 0,
"est_syn_toclient": 0,
"est_syn_toclient_delta": 0,
"est_invalid_ack": 296,
"est_invalid_ack_delta": 0,
"fin_invalid_ack": 2467,
"fin_invalid_ack_delta": 0,
"fin1_ack_wrong_seq": 0,
"fin1_ack_wrong_seq_delta": 0,
"fin1_fin_wrong_seq": 9,
"fin1_fin_wrong_seq_delta": 0,
"fin1_invalid_ack": 0,
"fin1_invalid_ack_delta": 0,
"fin2_ack_wrong_seq": 0,
"fin2_ack_wrong_seq_delta": 0,
"fin2_fin_wrong_seq": 0,
"fin2_fin_wrong_seq_delta": 0,
"fin2_invalid_ack": 0,
"fin2_invalid_ack_delta": 0,
"fin_but_no_session": 6697,
"fin_but_no_session_delta": 0,
"fin_out_of_window": 2237,
"fin_out_of_window_delta": 0,
"fin_syn": 0,
"fin_syn_delta": 0,
"lastack_ack_wrong_seq": 0,
"lastack_ack_wrong_seq_delta": 0,
"lastack_invalid_ack": 0,
"lastack_invalid_ack_delta": 0,
"rst_but_no_session": 4971,
"rst_but_no_session_delta": 0,
"timewait_ack_wrong_seq": 30,
"timewait_ack_wrong_seq_delta": 0,
"timewait_invalid_ack": 0,
"timewait_invalid_ack_delta": 0,
"shutdown_syn_resend": 2,
"shutdown_syn_resend_delta": 0,
"pkt_invalid_timestamp": 47,
"pkt_invalid_timestamp_delta": 0,
"pkt_invalid_ack": 3109,
"pkt_invalid_ack_delta": 0,
"pkt_broken_ack": 17980,
"pkt_broken_ack_delta": 0,
"rst_invalid_ack": 346,
"rst_invalid_ack_delta": 0,
"pkt_retransmission": 1775,
"pkt_retransmission_delta": 0,
"pkt_spurious_retransmission": 700,
"pkt_spurious_retransmission_delta": 0,
"pkt_bad_window_update": 4,
"pkt_bad_window_update_delta": 0,
"suspected_rst_inject": 1,
"suspected_rst_inject_delta": 0,
"wrong_thread": 0,
"wrong_thread_delta": 0,
"reassembly_segment_before_base_seq": 0,
"reassembly_segment_before_base_seq_delta": 0,
"reassembly_no_segment": 0,
"reassembly_no_segment_delta": 0,
"reassembly_seq_gap": 419,
"reassembly_seq_gap_delta": 0,
"reassembly_overlap_different_data": 0,
"reassembly_overlap_different_data_delta": 0,
"reassembly_depth_reached": 2,
"reassembly_depth_reached_delta": 0
},
"flow_bypassed": {
"local_pkts": 0,
"local_pkts_delta": 0,
"local_bytes": 0,
"local_bytes_delta": 0,
"local_capture_pkts": 0,
"local_capture_pkts_delta": 0,
"local_capture_bytes": 0,
"local_capture_bytes_delta": 0
},
"detect": {
"engines": [
{
"id": 0,
"last_reload": "2023-02-06T04:49:58.690772+0000",
"rules_loaded": 45183,
"rules_failed": 2
}
],
"alert": 371,
"alert_delta": 0,
"alert_queue_overflow": 0,
"alert_queue_overflow_delta": 0,
"alerts_suppressed": 20747,
"alerts_suppressed_delta": 0,
"mpm_list": 1,
"mpm_list_delta": 0,
"nonmpm_list": 22,
"nonmpm_list_delta": 0,
"fnonmpm_list": 10,
"fnonmpm_list_delta": 0,
"match_list": 11,
"match_list_delta": 0
},
"app_layer": {
"flow": {
"http": 2093,
"http_delta": 0,
"ftp": 7,
"ftp_delta": 0,
"smtp": 0,
"smtp_delta": 0,
"tls": 89544,
"tls_delta": 0,
"ssh": 115,
"ssh_delta": 0,
"imap": 0,
"imap_delta": 0,
"smb": 1,
"smb_delta": 0,
"dcerpc_tcp": 0,
"dcerpc_tcp_delta": 0,
"dns_tcp": 0,
"dns_tcp_delta": 0,
"nfs_tcp": 0,
"nfs_tcp_delta": 0,
"ntp": 0,
"ntp_delta": 0,
"ftp-data": 3,
"ftp-data_delta": 0,
"tftp": 0,
"tftp_delta": 0,
"ike": 0,
"ike_delta": 0,
"krb5_tcp": 0,
"krb5_tcp_delta": 0,
"quic": 24337,
"quic_delta": 0,
"dhcp": 0,
"dhcp_delta": 0,
"snmp": 0,
"snmp_delta": 0,
"sip": 0,
"sip_delta": 0,
"rfb": 201,
"rfb_delta": 0,
"mqtt": 0,
"mqtt_delta": 0,
"pgsql": 126,
"pgsql_delta": 0,
"telnet": 0,
"telnet_delta": 0,
"rdp": 84,
"rdp_delta": 0,
"bittorrent-dht": 0,
"bittorrent-dht_delta": 0,
"failed_tcp": 6424,
"failed_tcp_delta": 0,
"dcerpc_udp": 0,
"dcerpc_udp_delta": 0,
"dns_udp": 0,
"dns_udp_delta": 0,
"nfs_udp": 0,
"nfs_udp_delta": 0,
"krb5_udp": 0,
"krb5_udp_delta": 0,
"failed_udp": 2034,
"failed_udp_delta": 0
},
"tx": {
"http": 3213,
"http_delta": 0,
"ftp": 61,
"ftp_delta": 0,
"smtp": 0,
"smtp_delta": 0,
"tls": 0,
"tls_delta": 0,
"ssh": 0,
"ssh_delta": 0,
"imap": 0,
"imap_delta": 0,
"smb": 66,
"smb_delta": 0,
"dcerpc_tcp": 0,
"dcerpc_tcp_delta": 0,
"dns_tcp": 0,
"dns_tcp_delta": 0,
"nfs_tcp": 0,
"nfs_tcp_delta": 0,
"ntp": 0,
"ntp_delta": 0,
"ftp-data": 0,
"ftp-data_delta": 0,
"tftp": 0,
"tftp_delta": 0,
"ike": 0,
"ike_delta": 0,
"krb5_tcp": 0,
"krb5_tcp_delta": 0,
"quic": 57734,
"quic_delta": 0,
"dhcp": 0,
"dhcp_delta": 0,
"snmp": 0,
"snmp_delta": 0,
"sip": 0,
"sip_delta": 0,
"rfb": 201,
"rfb_delta": 0,
"mqtt": 0,
"mqtt_delta": 0,
"pgsql": 184,
"pgsql_delta": 0,
"telnet": 0,
"telnet_delta": 0,
"rdp": 253,
"rdp_delta": 0,
"bittorrent-dht": 0,
"bittorrent-dht_delta": 0,
"dcerpc_udp": 0,
"dcerpc_udp_delta": 0,
"dns_udp": 0,
"dns_udp_delta": 0,
"nfs_udp": 0,
"nfs_udp_delta": 0,
"krb5_udp": 0,
"krb5_udp_delta": 0
},
"error": {
"http": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"ftp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"smtp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"tls": {
"gap": 418,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 5419,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"ssh": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"imap": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"smb": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"dcerpc_tcp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"dns_tcp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"nfs_tcp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"ntp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"ftp-data": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"tftp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"ike": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"krb5_tcp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"quic": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 3647,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"dhcp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"snmp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"sip": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"rfb": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 70,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"mqtt": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"pgsql": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 29,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"telnet": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"rdp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"bittorrent-dht": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"failed_tcp": {
"gap": 0,
"gap_delta": 0
},
"dcerpc_udp": {
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"dns_udp": {
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"nfs_udp": {
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"krb5_udp": {
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
}
}
}
},
"W#04": {
"decoder": {
"pkts": 0,
"pkts_delta": 0,
"bytes": 0,
"bytes_delta": 0,
"invalid": 0,
"invalid_delta": 0,
"ipv4": 0,
"ipv4_delta": 0,
"ipv6": 0,
"ipv6_delta": 0,
"ethernet": 0,
"ethernet_delta": 0,
"chdlc": 0,
"chdlc_delta": 0,
"raw": 0,
"raw_delta": 0,
"null": 0,
"null_delta": 0,
"sll": 0,
"sll_delta": 0,
"tcp": 0,
"tcp_delta": 0,
"udp": 0,
"udp_delta": 0,
"sctp": 0,
"sctp_delta": 0,
"esp": 0,
"esp_delta": 0,
"icmpv4": 0,
"icmpv4_delta": 0,
"icmpv6": 0,
"icmpv6_delta": 0,
"ppp": 0,
"ppp_delta": 0,
"pppoe": 0,
"pppoe_delta": 0,
"geneve": 0,
"geneve_delta": 0,
"gre": 0,
"gre_delta": 0,
"vlan": 0,
"vlan_delta": 0,
"vlan_qinq": 0,
"vlan_qinq_delta": 0,
"vxlan": 0,
"vxlan_delta": 0,
"vntag": 0,
"vntag_delta": 0,
"ieee8021ah": 0,
"ieee8021ah_delta": 0,
"teredo": 0,
"teredo_delta": 0,
"ipv4_in_ipv6": 0,
"ipv4_in_ipv6_delta": 0,
"ipv6_in_ipv6": 0,
"ipv6_in_ipv6_delta": 0,
"mpls": 0,
"mpls_delta": 0,
"avg_pkt_size": 0,
"avg_pkt_size_delta": 0,
"max_pkt_size": 0,
"max_pkt_size_delta": 0,
"max_mac_addrs_src": 0,
"max_mac_addrs_src_delta": 0,
"max_mac_addrs_dst": 0,
"max_mac_addrs_dst_delta": 0,
"erspan": 0,
"erspan_delta": 0,
"nsh": 0,
"nsh_delta": 0,
"event": {
"ipv4": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"hlen_too_small": 0,
"hlen_too_small_delta": 0,
"iplen_smaller_than_hlen": 0,
"iplen_smaller_than_hlen_delta": 0,
"trunc_pkt": 0,
"trunc_pkt_delta": 0,
"opt_invalid": 0,
"opt_invalid_delta": 0,
"opt_invalid_len": 0,
"opt_invalid_len_delta": 0,
"opt_malformed": 0,
"opt_malformed_delta": 0,
"opt_pad_required": 6,
"opt_pad_required_delta": 0,
"opt_eol_required": 0,
"opt_eol_required_delta": 0,
"opt_duplicate": 0,
"opt_duplicate_delta": 0,
"opt_unknown": 0,
"opt_unknown_delta": 0,
"wrong_ip_version": 0,
"wrong_ip_version_delta": 0,
"icmpv6": 0,
"icmpv6_delta": 0,
"frag_pkt_too_large": 0,
"frag_pkt_too_large_delta": 0,
"frag_overlap": 1,
"frag_overlap_delta": 0,
"frag_ignored": 0,
"frag_ignored_delta": 0
},
"icmpv4": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"unknown_type": 0,
"unknown_type_delta": 0,
"unknown_code": 0,
"unknown_code_delta": 0,
"ipv4_trunc_pkt": 0,
"ipv4_trunc_pkt_delta": 0,
"ipv4_unknown_ver": 0,
"ipv4_unknown_ver_delta": 0
},
"icmpv6": {
"unknown_type": 0,
"unknown_type_delta": 0,
"unknown_code": 0,
"unknown_code_delta": 0,
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"ipv6_unknown_version": 0,
"ipv6_unknown_version_delta": 0,
"ipv6_trunc_pkt": 0,
"ipv6_trunc_pkt_delta": 0,
"mld_message_with_invalid_hl": 0,
"mld_message_with_invalid_hl_delta": 0,
"unassigned_type": 0,
"unassigned_type_delta": 0,
"experimentation_type": 0,
"experimentation_type_delta": 0
},
"ipv6": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"trunc_pkt": 3,
"trunc_pkt_delta": 0,
"trunc_exthdr": 0,
"trunc_exthdr_delta": 0,
"exthdr_dupl_fh": 0,
"exthdr_dupl_fh_delta": 0,
"exthdr_useless_fh": 0,
"exthdr_useless_fh_delta": 0,
"exthdr_dupl_rh": 0,
"exthdr_dupl_rh_delta": 0,
"exthdr_dupl_hh": 0,
"exthdr_dupl_hh_delta": 0,
"exthdr_dupl_dh": 0,
"exthdr_dupl_dh_delta": 0,
"exthdr_dupl_ah": 0,
"exthdr_dupl_ah_delta": 0,
"exthdr_dupl_eh": 0,
"exthdr_dupl_eh_delta": 0,
"exthdr_invalid_optlen": 0,
"exthdr_invalid_optlen_delta": 0,
"wrong_ip_version": 0,
"wrong_ip_version_delta": 0,
"exthdr_ah_res_not_null": 0,
"exthdr_ah_res_not_null_delta": 0,
"hopopts_unknown_opt": 0,
"hopopts_unknown_opt_delta": 0,
"hopopts_only_padding": 0,
"hopopts_only_padding_delta": 0,
"dstopts_unknown_opt": 0,
"dstopts_unknown_opt_delta": 0,
"dstopts_only_padding": 0,
"dstopts_only_padding_delta": 0,
"rh_type_0": 0,
"rh_type_0_delta": 0,
"zero_len_padn": 24,
"zero_len_padn_delta": 0,
"fh_non_zero_reserved_field": 0,
"fh_non_zero_reserved_field_delta": 0,
"data_after_none_header": 0,
"data_after_none_header_delta": 0,
"unknown_next_header": 0,
"unknown_next_header_delta": 0,
"icmpv4": 0,
"icmpv4_delta": 0,
"frag_pkt_too_large": 0,
"frag_pkt_too_large_delta": 0,
"frag_overlap": 0,
"frag_overlap_delta": 0,
"frag_invalid_length": 0,
"frag_invalid_length_delta": 0,
"frag_ignored": 0,
"frag_ignored_delta": 0,
"ipv4_in_ipv6_too_small": 0,
"ipv4_in_ipv6_too_small_delta": 0,
"ipv4_in_ipv6_wrong_version": 0,
"ipv4_in_ipv6_wrong_version_delta": 0,
"ipv6_in_ipv6_too_small": 0,
"ipv6_in_ipv6_too_small_delta": 0,
"ipv6_in_ipv6_wrong_version": 0,
"ipv6_in_ipv6_wrong_version_delta": 0
},
"tcp": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"hlen_too_small": 2,
"hlen_too_small_delta": 0,
"invalid_optlen": 0,
"invalid_optlen_delta": 0,
"opt_invalid_len": 2266,
"opt_invalid_len_delta": 0,
"opt_duplicate": 0,
"opt_duplicate_delta": 0
},
"udp": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"hlen_too_small": 0,
"hlen_too_small_delta": 0,
"hlen_invalid": 0,
"hlen_invalid_delta": 0
},
"sll": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"ethernet": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"ppp": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"vju_pkt_too_small": 0,
"vju_pkt_too_small_delta": 0,
"ip4_pkt_too_small": 0,
"ip4_pkt_too_small_delta": 0,
"ip6_pkt_too_small": 0,
"ip6_pkt_too_small_delta": 0,
"wrong_type": 0,
"wrong_type_delta": 0,
"unsup_proto": 0,
"unsup_proto_delta": 0
},
"pppoe": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"wrong_code": 0,
"wrong_code_delta": 0,
"malformed_tags": 0,
"malformed_tags_delta": 0
},
"gre": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"wrong_version": 0,
"wrong_version_delta": 0,
"version0_recur": 0,
"version0_recur_delta": 0,
"version0_flags": 0,
"version0_flags_delta": 0,
"version0_hdr_too_big": 0,
"version0_hdr_too_big_delta": 0,
"version0_malformed_sre_hdr": 0,
"version0_malformed_sre_hdr_delta": 0,
"version1_chksum": 0,
"version1_chksum_delta": 0,
"version1_route": 0,
"version1_route_delta": 0,
"version1_ssr": 0,
"version1_ssr_delta": 0,
"version1_recur": 0,
"version1_recur_delta": 0,
"version1_flags": 0,
"version1_flags_delta": 0,
"version1_no_key": 0,
"version1_no_key_delta": 0,
"version1_wrong_protocol": 0,
"version1_wrong_protocol_delta": 0,
"version1_malformed_sre_hdr": 0,
"version1_malformed_sre_hdr_delta": 0,
"version1_hdr_too_big": 0,
"version1_hdr_too_big_delta": 0
},
"vlan": {
"header_too_small": 0,
"header_too_small_delta": 0,
"unknown_type": 0,
"unknown_type_delta": 0,
"too_many_layers": 0,
"too_many_layers_delta": 0
},
"ieee8021ah": {
"header_too_small": 0,
"header_too_small_delta": 0
},
"vntag": {
"header_too_small": 0,
"header_too_small_delta": 0,
"unknown_type": 0,
"unknown_type_delta": 0
},
"ipraw": {
"invalid_ip_version": 0,
"invalid_ip_version_delta": 0
},
"ltnull": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"unsupported_type": 0,
"unsupported_type_delta": 0
},
"sctp": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"esp": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"mpls": {
"header_too_small": 0,
"header_too_small_delta": 0,
"pkt_too_small": 0,
"pkt_too_small_delta": 0,
"bad_label_router_alert": 0,
"bad_label_router_alert_delta": 0,
"bad_label_implicit_null": 0,
"bad_label_implicit_null_delta": 0,
"bad_label_reserved": 0,
"bad_label_reserved_delta": 0,
"unknown_payload_type": 0,
"unknown_payload_type_delta": 0
},
"vxlan": {
"unknown_payload_type": 0,
"unknown_payload_type_delta": 0
},
"geneve": {
"unknown_payload_type": 0,
"unknown_payload_type_delta": 0
},
"erspan": {
"header_too_small": 0,
"header_too_small_delta": 0,
"unsupported_version": 0,
"unsupported_version_delta": 0,
"too_many_vlan_layers": 0,
"too_many_vlan_layers_delta": 0
},
"dce": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"chdlc": {
"pkt_too_small": 0,
"pkt_too_small_delta": 0
},
"nsh": {
"header_too_small": 0,
"header_too_small_delta": 0,
"unsupported_version": 0,
"unsupported_version_delta": 0,
"bad_header_length": 0,
"bad_header_length_delta": 0,
"reserved_type": 0,
"reserved_type_delta": 0,
"unsupported_type": 0,
"unsupported_type_delta": 0,
"unknown_payload": 0,
"unknown_payload_delta": 0
}
},
"too_many_layers": 0,
"too_many_layers_delta": 0
},
"flow": {
"memcap": 0,
"memcap_delta": 0,
"total": 4773017,
"total_delta": 0,
"active": 1504964,
"active_delta": 0,
"tcp": 4742910,
"tcp_delta": 0,
"udp": 25998,
"udp_delta": 0,
"icmpv4": 0,
"icmpv4_delta": 0,
"icmpv6": 4091,
"icmpv6_delta": 0,
"tcp_reuse": 723,
"tcp_reuse_delta": 0,
"get_used": 0,
"get_used_delta": 0,
"get_used_eval": 0,
"get_used_eval_delta": 0,
"get_used_eval_reject": 0,
"get_used_eval_reject_delta": 0,
"get_used_eval_busy": 0,
"get_used_eval_busy_delta": 0,
"get_used_failed": 0,
"get_used_failed_delta": 0,
"wrk": {
"spare_sync_avg": 97,
"spare_sync_avg_delta": 0,
"spare_sync": 423539,
"spare_sync_delta": 0,
"spare_sync_incomplete": 347,
"spare_sync_incomplete_delta": 0,
"spare_sync_empty": 411618,
"spare_sync_empty_delta": 0,
"flows_evicted_needs_work": 80712,
"flows_evicted_needs_work_delta": 0,
"flows_evicted_pkt_inject": 105362,
"flows_evicted_pkt_inject_delta": 0,
"flows_evicted": 4562713,
"flows_evicted_delta": 0,
"flows_injected": 32319,
"flows_injected_delta": 0,
"flows_injected_max": 20,
"flows_injected_max_delta": 0
},
"end": {
"state": {
"new": 2904596,
"new_delta": 0,
"established": 16552,
"established_delta": 0,
"closed": 346905,
"closed_delta": 0,
"local_bypassed": 0,
"local_bypassed_delta": 0,
"capture_bypassed": 0,
"capture_bypassed_delta": 0
},
"tcp_state": {
"none": 0,
"none_delta": 0,
"syn_sent": 2886178,
"syn_sent_delta": 0,
"syn_recv": 682,
"syn_recv_delta": 0,
"established": 2081,
"established_delta": 0,
"fin_wait1": 440,
"fin_wait1_delta": 0,
"fin_wait2": 251,
"fin_wait2_delta": 0,
"time_wait": 1106,
"time_wait_delta": 0,
"last_ack": 5430,
"last_ack_delta": 0,
"close_wait": 1313,
"close_wait_delta": 0,
"closing": 0,
"closing_delta": 0,
"closed": 340369,
"closed_delta": 0
},
"tcp_liberal": 416,
"tcp_liberal_delta": 0
}
},
"tcp": {
"active_sessions": 1483038,
"active_sessions_delta": 0,
"sessions": 4720888,
"sessions_delta": 0,
"ssn_memcap_drop": 0,
"ssn_memcap_drop_delta": 0,
"ssn_from_cache": 3161292,
"ssn_from_cache_delta": 0,
"ssn_from_pool": 1559596,
"ssn_from_pool_delta": 0,
"pseudo": 372,
"pseudo_delta": 0,
"pseudo_failed": 0,
"pseudo_failed_delta": 0,
"invalid_checksum": 0,
"invalid_checksum_delta": 0,
"no_flow": 0,
"no_flow_delta": 0,
"syn": 4934339,
"syn_delta": 0,
"synack": 187173,
"synack_delta": 0,
"rst": 463978,
"rst_delta": 0,
"midstream_pickups": 0,
"midstream_pickups_delta": 0,
"pkt_on_wrong_thread": 0,
"pkt_on_wrong_thread_delta": 0,
"segment_memcap_drop": 0,
"segment_memcap_drop_delta": 0,
"segment_from_cache": 1786928,
"segment_from_cache_delta": 0,
"segment_from_pool": 111015,
"segment_from_pool_delta": 0,
"stream_depth_reached": 2,
"stream_depth_reached_delta": 0,
"reassembly_gap": 7723,
"reassembly_gap_delta": 0,
"overlap": 7144,
"overlap_delta": 0,
"overlap_diff_data": 0,
"overlap_diff_data_delta": 0,
"insert_data_normal_fail": 0,
"insert_data_normal_fail_delta": 0,
"insert_data_overlap_fail": 0,
"insert_data_overlap_fail_delta": 0
},
"defrag": {
"ipv4": {
"fragments": 0,
"fragments_delta": 0,
"reassembled": 0,
"reassembled_delta": 0,
"timeouts": 0,
"timeouts_delta": 0
},
"ipv6": {
"fragments": 0,
"fragments_delta": 0,
"reassembled": 0,
"reassembled_delta": 0,
"timeouts": 0,
"timeouts_delta": 0
},
"max_frag_hits": 0,
"max_frag_hits_delta": 0
},
"stream": {
"3whs_ack_in_wrong_dir": 0,
"3whs_ack_in_wrong_dir_delta": 0,
"3whs_async_wrong_seq": 0,
"3whs_async_wrong_seq_delta": 0,
"3whs_right_seq_wrong_ack_evasion": 1,
"3whs_right_seq_wrong_ack_evasion_delta": 0,
"3whs_synack_in_wrong_direction": 0,
"3whs_synack_in_wrong_direction_delta": 0,
"3whs_synack_resend_with_diff_ack": 0,
"3whs_synack_resend_with_diff_ack_delta": 0,
"3whs_synack_resend_with_diff_seq": 0,
"3whs_synack_resend_with_diff_seq_delta": 0,
"3whs_synack_toserver_on_syn_recv": 0,
"3whs_synack_toserver_on_syn_recv_delta": 0,
"3whs_synack_with_wrong_ack": 1,
"3whs_synack_with_wrong_ack_delta": 0,
"3whs_synack_flood": 7,
"3whs_synack_flood_delta": 0,
"3whs_syn_resend_diff_seq_on_syn_recv": 0,
"3whs_syn_resend_diff_seq_on_syn_recv_delta": 0,
"3whs_syn_toclient_on_syn_recv": 0,
"3whs_syn_toclient_on_syn_recv_delta": 0,
"3whs_wrong_seq_wrong_ack": 42,
"3whs_wrong_seq_wrong_ack_delta": 0,
"3whs_ack_data_inject": 0,
"3whs_ack_data_inject_delta": 0,
"4whs_synack_with_wrong_ack": 0,
"4whs_synack_with_wrong_ack_delta": 0,
"4whs_synack_with_wrong_syn": 2,
"4whs_synack_with_wrong_syn_delta": 0,
"4whs_wrong_seq": 0,
"4whs_wrong_seq_delta": 0,
"4whs_invalid_ack": 0,
"4whs_invalid_ack_delta": 0,
"closewait_ack_out_of_window": 0,
"closewait_ack_out_of_window_delta": 0,
"closewait_fin_out_of_window": 4,
"closewait_fin_out_of_window_delta": 0,
"closewait_pkt_before_last_ack": 13,
"closewait_pkt_before_last_ack_delta": 0,
"closewait_invalid_ack": 0,
"closewait_invalid_ack_delta": 0,
"closing_ack_wrong_seq": 0,
"closing_ack_wrong_seq_delta": 0,
"closing_invalid_ack": 0,
"closing_invalid_ack_delta": 0,
"est_packet_out_of_window": 511,
"est_packet_out_of_window_delta": 0,
"est_pkt_before_last_ack": 107,
"est_pkt_before_last_ack_delta": 0,
"est_synack_resend": 0,
"est_synack_resend_delta": 0,
"est_synack_resend_with_diff_ack": 11,
"est_synack_resend_with_diff_ack_delta": 0,
"est_synack_resend_with_diff_seq": 0,
"est_synack_resend_with_diff_seq_delta": 0,
"est_synack_toserver": 0,
"est_synack_toserver_delta": 0,
"est_syn_resend": 0,
"est_syn_resend_delta": 0,
"est_syn_resend_diff_seq": 11,
"est_syn_resend_diff_seq_delta": 0,
"est_syn_toclient": 0,
"est_syn_toclient_delta": 0,
"est_invalid_ack": 174,
"est_invalid_ack_delta": 0,
"fin_invalid_ack": 2400,
"fin_invalid_ack_delta": 0,
"fin1_ack_wrong_seq": 0,
"fin1_ack_wrong_seq_delta": 0,
"fin1_fin_wrong_seq": 8,
"fin1_fin_wrong_seq_delta": 0,
"fin1_invalid_ack": 1,
"fin1_invalid_ack_delta": 0,
"fin2_ack_wrong_seq": 25,
"fin2_ack_wrong_seq_delta": 0,
"fin2_fin_wrong_seq": 4,
"fin2_fin_wrong_seq_delta": 0,
"fin2_invalid_ack": 5,
"fin2_invalid_ack_delta": 0,
"fin_but_no_session": 6466,
"fin_but_no_session_delta": 0,
"fin_out_of_window": 2172,
"fin_out_of_window_delta": 0,
"fin_syn": 0,
"fin_syn_delta": 0,
"lastack_ack_wrong_seq": 0,
"lastack_ack_wrong_seq_delta": 0,
"lastack_invalid_ack": 0,
"lastack_invalid_ack_delta": 0,
"rst_but_no_session": 5377,
"rst_but_no_session_delta": 0,
"timewait_ack_wrong_seq": 1,
"timewait_ack_wrong_seq_delta": 0,
"timewait_invalid_ack": 0,
"timewait_invalid_ack_delta": 0,
"shutdown_syn_resend": 0,
"shutdown_syn_resend_delta": 0,
"pkt_invalid_timestamp": 49,
"pkt_invalid_timestamp_delta": 0,
"pkt_invalid_ack": 2856,
"pkt_invalid_ack_delta": 0,
"pkt_broken_ack": 18147,
"pkt_broken_ack_delta": 0,
"rst_invalid_ack": 276,
"rst_invalid_ack_delta": 0,
"pkt_retransmission": 1786,
"pkt_retransmission_delta": 0,
"pkt_spurious_retransmission": 613,
"pkt_spurious_retransmission_delta": 0,
"pkt_bad_window_update": 3,
"pkt_bad_window_update_delta": 0,
"suspected_rst_inject": 6,
"suspected_rst_inject_delta": 0,
"wrong_thread": 0,
"wrong_thread_delta": 0,
"reassembly_segment_before_base_seq": 0,
"reassembly_segment_before_base_seq_delta": 0,
"reassembly_no_segment": 0,
"reassembly_no_segment_delta": 0,
"reassembly_seq_gap": 7723,
"reassembly_seq_gap_delta": 0,
"reassembly_overlap_different_data": 0,
"reassembly_overlap_different_data_delta": 0,
"reassembly_depth_reached": 2,
"reassembly_depth_reached_delta": 0
},
"flow_bypassed": {
"local_pkts": 0,
"local_pkts_delta": 0,
"local_bytes": 0,
"local_bytes_delta": 0,
"local_capture_pkts": 0,
"local_capture_pkts_delta": 0,
"local_capture_bytes": 0,
"local_capture_bytes_delta": 0
},
"detect": {
"engines": [
{
"id": 0,
"last_reload": "2023-02-06T04:49:58.690772+0000",
"rules_loaded": 45183,
"rules_failed": 2
}
],
"alert": 324,
"alert_delta": 0,
"alert_queue_overflow": 0,
"alert_queue_overflow_delta": 0,
"alerts_suppressed": 20508,
"alerts_suppressed_delta": 0,
"mpm_list": 1,
"mpm_list_delta": 0,
"nonmpm_list": 22,
"nonmpm_list_delta": 0,
"fnonmpm_list": 10,
"fnonmpm_list_delta": 0,
"match_list": 11,
"match_list_delta": 0
},
"app_layer": {
"flow": {
"http": 2029,
"http_delta": 0,
"ftp": 3,
"ftp_delta": 0,
"smtp": 0,
"smtp_delta": 0,
"tls": 88831,
"tls_delta": 0,
"ssh": 96,
"ssh_delta": 0,
"imap": 0,
"imap_delta": 0,
"smb": 0,
"smb_delta": 0,
"dcerpc_tcp": 0,
"dcerpc_tcp_delta": 0,
"dns_tcp": 0,
"dns_tcp_delta": 0,
"nfs_tcp": 0,
"nfs_tcp_delta": 0,
"ntp": 0,
"ntp_delta": 0,
"ftp-data": 5,
"ftp-data_delta": 0,
"tftp": 0,
"tftp_delta": 0,
"ike": 0,
"ike_delta": 0,
"krb5_tcp": 0,
"krb5_tcp_delta": 0,
"quic": 23841,
"quic_delta": 0,
"dhcp": 0,
"dhcp_delta": 0,
"snmp": 0,
"snmp_delta": 0,
"sip": 0,
"sip_delta": 0,
"rfb": 166,
"rfb_delta": 0,
"mqtt": 0,
"mqtt_delta": 0,
"pgsql": 123,
"pgsql_delta": 0,
"telnet": 0,
"telnet_delta": 0,
"rdp": 92,
"rdp_delta": 0,
"bittorrent-dht": 0,
"bittorrent-dht_delta": 0,
"failed_tcp": 6448,
"failed_tcp_delta": 0,
"dcerpc_udp": 0,
"dcerpc_udp_delta": 0,
"dns_udp": 0,
"dns_udp_delta": 0,
"nfs_udp": 0,
"nfs_udp_delta": 0,
"krb5_udp": 0,
"krb5_udp_delta": 0,
"failed_udp": 2157,
"failed_udp_delta": 0
},
"tx": {
"http": 2151,
"http_delta": 0,
"ftp": 23,
"ftp_delta": 0,
"smtp": 0,
"smtp_delta": 0,
"tls": 0,
"tls_delta": 0,
"ssh": 0,
"ssh_delta": 0,
"imap": 0,
"imap_delta": 0,
"smb": 0,
"smb_delta": 0,
"dcerpc_tcp": 0,
"dcerpc_tcp_delta": 0,
"dns_tcp": 0,
"dns_tcp_delta": 0,
"nfs_tcp": 0,
"nfs_tcp_delta": 0,
"ntp": 0,
"ntp_delta": 0,
"ftp-data": 0,
"ftp-data_delta": 0,
"tftp": 0,
"tftp_delta": 0,
"ike": 0,
"ike_delta": 0,
"krb5_tcp": 0,
"krb5_tcp_delta": 0,
"quic": 56478,
"quic_delta": 0,
"dhcp": 0,
"dhcp_delta": 0,
"snmp": 0,
"snmp_delta": 0,
"sip": 0,
"sip_delta": 0,
"rfb": 168,
"rfb_delta": 0,
"mqtt": 0,
"mqtt_delta": 0,
"pgsql": 183,
"pgsql_delta": 0,
"telnet": 0,
"telnet_delta": 0,
"rdp": 276,
"rdp_delta": 0,
"bittorrent-dht": 0,
"bittorrent-dht_delta": 0,
"dcerpc_udp": 0,
"dcerpc_udp_delta": 0,
"dns_udp": 0,
"dns_udp_delta": 0,
"nfs_udp": 0,
"nfs_udp_delta": 0,
"krb5_udp": 0,
"krb5_udp_delta": 0
},
"error": {
"http": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"ftp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"smtp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"tls": {
"gap": 438,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 5142,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"ssh": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"imap": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"smb": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"dcerpc_tcp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"dns_tcp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"nfs_tcp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"ntp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"ftp-data": {
"gap": 1,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"tftp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"ike": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"krb5_tcp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"quic": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 3347,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"dhcp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"snmp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"sip": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"rfb": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 75,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"mqtt": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"pgsql": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 30,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"telnet": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"rdp": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"bittorrent-dht": {
"gap": 0,
"gap_delta": 0,
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"failed_tcp": {
"gap": 0,
"gap_delta": 0
},
"dcerpc_udp": {
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"dns_udp": {
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"nfs_udp": {
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
},
"krb5_udp": {
"alloc": 0,
"alloc_delta": 0,
"parser": 0,
"parser_delta": 0,
"internal": 0,
"internal_delta": 0
}
}
}
},
"FM#01": {
"flow": {
"mgr": {
"full_hash_pass": 185,
"full_hash_pass_delta": 0,
"rows_per_sec": 6553,
"rows_per_sec_delta": 0,
"rows_maxlen": 30,
"rows_maxlen_delta": 0,
"flows_checked": 40190293,
"flows_checked_delta": 0,
"flows_notimeout": 36154480,
"flows_notimeout_delta": 0,
"flows_timeout": 4035813,
"flows_timeout_delta": 0,
"flows_timeout_inuse": 0,
"flows_timeout_inuse_delta": 0,
"flows_evicted": 4035813,
"flows_evicted_delta": 0,
"flows_evicted_needs_work": 116365,
"flows_evicted_needs_work_delta": 0
},
"spare": 14717,
"spare_delta": 0,
"emerg_mode_entered": 0,
"emerg_mode_entered_delta": 0,
"emerg_mode_over": 0,
"emerg_mode_over_delta": 0
},
"flow_bypassed": {
"closed": 0,
"closed_delta": 0,
"pkts": 0,
"pkts_delta": 0,
"bytes": 0,
"bytes_delta": 0
},
"memcap_pressure": 10,
"memcap_pressure_delta": 0,
"memcap_pressure_max": 10,
"memcap_pressure_max_delta": 0
},
"FM#02": {
"flow": {
"mgr": {
"full_hash_pass": 0,
"full_hash_pass_delta": 0,
"rows_per_sec": 6553,
"rows_per_sec_delta": 0,
"rows_maxlen": 28,
"rows_maxlen_delta": 0,
"flows_checked": 15943767,
"flows_checked_delta": 0,
"flows_notimeout": 15334701,
"flows_notimeout_delta": 0,
"flows_timeout": 609066,
"flows_timeout_delta": 0,
"flows_timeout_inuse": 0,
"flows_timeout_inuse_delta": 0,
"flows_evicted": 609066,
"flows_evicted_delta": 0,
"flows_evicted_needs_work": 13005,
"flows_evicted_needs_work_delta": 0
},
"spare": 13406,
"spare_delta": 0,
"emerg_mode_entered": 0,
"emerg_mode_entered_delta": 0,
"emerg_mode_over": 0,
"emerg_mode_over_delta": 0
},
"flow_bypassed": {
"closed": 0,
"closed_delta": 0,
"pkts": 0,
"pkts_delta": 0,
"bytes": 0,
"bytes_delta": 0
},
"memcap_pressure": 0,
"memcap_pressure_delta": 0,
"memcap_pressure_max": 0,
"memcap_pressure_max_delta": 0
},
"FR#01": {
"tcp": {
"active_sessions": -2262037,
"active_sessions_delta": 0
},
"flow": {
"active": -2299923,
"active_delta": 0,
"end": {
"state": {
"new": 2042950,
"new_delta": 0,
"established": 19917,
"established_delta": 0,
"closed": 237056,
"closed_delta": 0,
"local_bypassed": 0,
"local_bypassed_delta": 0,
"capture_bypassed": 0,
"capture_bypassed_delta": 0
},
"tcp_state": {
"none": 0,
"none_delta": 0,
"syn_sent": 2024139,
"syn_sent_delta": 0,
"syn_recv": 842,
"syn_recv_delta": 0,
"established": 0,
"established_delta": 0,
"fin_wait1": 0,
"fin_wait1_delta": 0,
"fin_wait2": 0,
"fin_wait2_delta": 0,
"time_wait": 0,
"time_wait_delta": 0,
"last_ack": 0,
"last_ack_delta": 0,
"close_wait": 0,
"close_wait_delta": 0,
"closing": 0,
"closing_delta": 0,
"closed": 237056,
"closed_delta": 0
},
"tcp_liberal": 0,
"tcp_liberal_delta": 0
},
"recycler": {
"recycled": 2299923,
"recycled_delta": 0,
"queue_avg": 0,
"queue_avg_delta": 0,
"queue_max": 657,
"queue_max_delta": 0
}
}
},
"FR#02": {
"tcp": {
"active_sessions": -2177901,
"active_sessions_delta": 0
},
"flow": {
"active": -2215586,
"active_delta": 0,
"end": {
"state": {
"new": 1970529,
"new_delta": 0,
"established": 19651,
"established_delta": 0,
"closed": 225406,
"closed_delta": 0,
"local_bypassed": 0,
"local_bypassed_delta": 0,
"capture_bypassed": 0,
"capture_bypassed_delta": 0
},
"tcp_state": {
"none": 0,
"none_delta": 0,
"syn_sent": 1951679,
"syn_sent_delta": 0,
"syn_recv": 816,
"syn_recv_delta": 0,
"established": 0,
"established_delta": 0,
"fin_wait1": 0,
"fin_wait1_delta": 0,
"fin_wait2": 0,
"fin_wait2_delta": 0,
"time_wait": 0,
"time_wait_delta": 0,
"last_ack": 0,
"last_ack_delta": 0,
"close_wait": 0,
"close_wait_delta": 0,
"closing": 0,
"closing_delta": 0,
"closed": 225406,
"closed_delta": 0
},
"tcp_liberal": 0,
"tcp_liberal_delta": 0
},
"recycler": {
"recycled": 2215586,
"recycled_delta": 0,
"queue_avg": 0,
"queue_avg_delta": 0,
"queue_max": 957,
"queue_max_delta": 0
}
}
},
"Global": {
"tcp": {
"memuse": 442054088,
"memuse_delta": 0,
"reassembly_memuse": 334194968,
"reassembly_memuse_delta": 0
},
"http": {
"memuse": 1235221,
"memuse_delta": 0,
"memcap": 0,
"memcap_delta": 0
},
"ftp": {
"memuse": 1049381,
"memuse_delta": 0,
"memcap": 0,
"memcap_delta": 0
},
"app_layer": {
"expectations": 0,
"expectations_delta": 0
},
"file_store": {
"open_files": 0,
"open_files_delta": 0
},
"flow": {
"memuse": 490129728,
"memuse_delta": 0
}
}
}
},
"pcap_filename": "/path/to/last/pcap/file/with/open/fd/before/hang.pcap"
}
(4-4/4)