Project

General

Profile

Download (1.66 KB)

Bug #2057 » present_in_iface.json

in_iface logged - Rusty Wilson, 03/06/2017 02:57 PM

 
{"timestamp":"2017-03-06T17:54:30.231781+0000","flow_id":730391976991394,"in_iface":"enp6s0","event_type":"tls","src_ip":"72.175.80.50","src_port":50019,"dest_ip":"10.200.13.104","dest_port":443,"proto":"TCP","tls":{"subject":"O=McAfee, OU=ePO, CN=AH_GA1PEPOAHDMZ1","issuerdn":"O=McAfee, OU=AH, CN=AH_CA_GA1PEPOAPP","fingerprint":"12:3f:72:0f:fe:73:a9:07:3a:b0:40:8e:83:b8:0f:ee:c2:fa:d5:42","version":"TLS 1.2"}}
{"timestamp":"2017-03-06T17:56:31.001905+0000","flow_id":730391976991394,"event_type":"flow","src_ip":"72.175.80.50","src_port":50019,"dest_ip":"10.200.13.104","dest_port":443,"proto":"TCP","app_proto":"tls","flow":{"pkts_toserver":18,"pkts_toclient":18,"bytes_toserver":2106,"bytes_toclient":4786,"start":"2017-03-06T17:54:29.973474+0000","end":"2017-03-06T17:54:30.597718+0000","age":1,"state":"closed","reason":"timeout"},"tcp":{"tcp_flags":"1f","tcp_flags_ts":"1f","tcp_flags_tc":"1b","syn":true,"fin":true,"rst":true,"psh":true,"ack":true,"state":"closed"}}
{"timestamp":"2017-03-06T19:43:04.498654+0000","flow_id":1409327949192158,"in_iface":"enp2s0","event_type":"dns","src_ip":"10.110.23.134","src_port":56093,"dest_ip":"162.159.25.4","dest_port":53,"proto":"UDP","dns":{"type":"query","id":16706,"rrname":"cdn.pic-collage.com","rrtype":"A","tx_id":0}}
{"timestamp":"2017-03-06T19:43:35.002672+0000","flow_id":1409327949192158,"event_type":"flow","src_ip":"10.110.23.134","src_port":56093,"dest_ip":"162.159.25.4","dest_port":53,"proto":"UDP","app_proto":"dns","flow":{"pkts_toserver":1,"pkts_toclient":0,"bytes_toserver":90,"bytes_toclient":0,"start":"2017-03-06T19:43:04.498654+0000","end":"2017-03-06T19:43:04.498654+0000","age":0,"state":"new","reason":"timeout"}}

(1-1/6)