/var/log/suricata $ grep dfsetup117.exe * | grep TRUNCATED
grep: certs: Is a directory
grep: files: Is a directory
eve.json:{"timestamp":"2017-06-09T21:52:45.170319-0400","flow_id":2815855578,"in_iface":"eth0","event_type":"fileinfo","src_ip":"196.216.167.196","src_port":80,"dest_ip":"[my-wan-ip]","dest_port":12398,"proto":"TCP","http":{"hostname":"download.nust.na","url":"\/pub2\/FreeStuff\/Software\/Optimisation\/Defraggler\/dfsetup117.exe","http_user_agent":"Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/58.0.3029.110 Safari\/537.36","http_content_type":"application\/x-msdos-program","http_refer":"http:\/\/download.nust.na\/pub2\/FreeStuff\/Software\/Optimisation\/Defraggler\/","http_method":"GET","protocol":"HTTP\/1.1","status":200,"length":14872},"app_proto":"http","fileinfo":{"filename":"\/pub2\/FreeStuff\/Software\/Optimisation\/Defraggler\/dfsetup117.exe","state":"TRUNCATED","stored":false,"size":5212,"tx_id":3}}
files-json.log:{ "id": 47, "timestamp": "06\/09\/2017-21:52:45.170319", "ipver": 4, "srcip": "196.216.167.196", "dstip": "[my-wan-ip]", "protocol": 6, "sp": 80, "dp": 12398, "http_uri": "\/pub2\/FreeStuff\/Software\/Optimisation\/Defraggler\/dfsetup117.exe", "http_host": "download.nust.na", "http_referer": "http:\/\/download.nust.na\/pub2\/FreeStuff\/Software\/Optimisation\/Defraggler\/", "http_user_agent": "Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/58.0.3029.110 Safari\/537.36", "filename": "\/pub2\/FreeStuff\/Software\/Optimisation\/Defraggler\/dfsetup117.exe", "magic": "unknown", "state": "TRUNCATED", "stored": false, "size": 5212 }