Skip to content

Instantly share code, notes, and snippets.

@jasonish

jasonish/unknown-object.json

Created October 9, 2015 05:16
Show Gist options
  • Save jasonish/25e2595063232785238d to your computer and use it in GitHub Desktop.
Save jasonish/25e2595063232785238d to your computer and use it in GitHub Desktop.
Download ZIP
Raw
unknown-object.json
{
"dnp3": {
"response": {
"iin": {
"indicators": []
},
"application": {
"complete": false,
"objects": [
{
"items": [
{
"state": 0,
"reserved": 0,
"prefix": 0,
"index": 0,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"chatter_filter": 0
},
{
"state": 0,
"reserved": 0,
"prefix": 0,
"index": 1,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"chatter_filter": 0
},
{
"state": 0,
"reserved": 0,
"prefix": 0,
"index": 2,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"chatter_filter": 0
},
{
"state": 0,
"reserved": 0,
"prefix": 0,
"index": 3,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"chatter_filter": 0
},
{
"state": 0,
"reserved": 0,
"prefix": 0,
"index": 4,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"chatter_filter": 0
},
{
"state": 0,
"reserved": 0,
"prefix": 0,
"index": 5,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"chatter_filter": 0
},
{
"state": 0,
"reserved": 0,
"prefix": 0,
"index": 6,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"chatter_filter": 0
},
{
"state": 0,
"reserved": 0,
"prefix": 0,
"index": 7,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"chatter_filter": 0
},
{
"state": 0,
"reserved": 0,
"prefix": 0,
"index": 8,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"chatter_filter": 0
},
{
"state": 0,
"reserved": 0,
"prefix": 0,
"index": 9,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"chatter_filter": 0
}
],
"group": 1,
"variation": 2,
"qualifier": 0,
"prefix_code": 0,
"range_code": 0,
"start": 0,
"stop": 9,
"count": 10
},
{
"items": [
{
"state": 0,
"prefix": 0,
"index": 0,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"chatter_filter": 0
},
{
"state": 0,
"prefix": 0,
"index": 1,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"chatter_filter": 0
},
{
"state": 0,
"prefix": 0,
"index": 2,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"chatter_filter": 0
},
{
"state": 0,
"prefix": 0,
"index": 3,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"chatter_filter": 0
},
{
"state": 0,
"prefix": 0,
"index": 4,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"chatter_filter": 0
},
{
"state": 0,
"prefix": 0,
"index": 5,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"chatter_filter": 0
},
{
"state": 0,
"prefix": 0,
"index": 6,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"chatter_filter": 0
},
{
"state": 0,
"prefix": 0,
"index": 7,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"chatter_filter": 0
},
{
"state": 0,
"prefix": 0,
"index": 8,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"chatter_filter": 0
},
{
"state": 0,
"prefix": 0,
"index": 9,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"chatter_filter": 0
}
],
"group": 3,
"variation": 2,
"qualifier": 0,
"prefix_code": 0,
"range_code": 0,
"start": 0,
"stop": 9,
"count": 10
},
{
"items": [
{
"count": 0,
"discontinuity": 0,
"prefix": 0,
"index": 0,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"rollover": 0
},
{
"count": 0,
"discontinuity": 0,
"prefix": 0,
"index": 1,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"rollover": 0
},
{
"count": 0,
"discontinuity": 0,
"prefix": 0,
"index": 2,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"rollover": 0
},
{
"count": 0,
"discontinuity": 0,
"prefix": 0,
"index": 3,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"rollover": 0
},
{
"count": 0,
"discontinuity": 0,
"prefix": 0,
"index": 4,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"rollover": 0
},
{
"count": 0,
"discontinuity": 0,
"prefix": 0,
"index": 5,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"rollover": 0
},
{
"count": 0,
"discontinuity": 0,
"prefix": 0,
"index": 6,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"rollover": 0
},
{
"count": 0,
"discontinuity": 0,
"prefix": 0,
"index": 7,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"rollover": 0
},
{
"count": 0,
"discontinuity": 0,
"prefix": 0,
"index": 8,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"rollover": 0
},
{
"count": 0,
"discontinuity": 0,
"prefix": 0,
"index": 9,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"rollover": 0
}
],
"group": 20,
"variation": 1,
"qualifier": 0,
"prefix_code": 0,
"range_code": 0,
"start": 0,
"stop": 9,
"count": 10
},
{
"items": [
{
"count": 0,
"discontinuity": 0,
"prefix": 0,
"index": 0,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"rollover": 0
},
{
"count": 0,
"discontinuity": 0,
"prefix": 0,
"index": 1,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"rollover": 0
},
{
"count": 0,
"discontinuity": 0,
"prefix": 0,
"index": 2,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"rollover": 0
},
{
"count": 0,
"discontinuity": 0,
"prefix": 0,
"index": 3,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"rollover": 0
},
{
"count": 0,
"discontinuity": 0,
"prefix": 0,
"index": 4,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"rollover": 0
},
{
"count": 0,
"discontinuity": 0,
"prefix": 0,
"index": 5,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"rollover": 0
},
{
"count": 0,
"discontinuity": 0,
"prefix": 0,
"index": 6,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"rollover": 0
},
{
"count": 0,
"discontinuity": 0,
"prefix": 0,
"index": 7,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"rollover": 0
},
{
"count": 0,
"discontinuity": 0,
"prefix": 0,
"index": 8,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"rollover": 0
},
{
"count": 0,
"discontinuity": 0,
"prefix": 0,
"index": 9,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"rollover": 0
}
],
"group": 21,
"variation": 1,
"qualifier": 0,
"prefix_code": 0,
"range_code": 0,
"start": 0,
"stop": 9,
"count": 10
},
{
"items": [
{
"value": 0,
"reserved": 0,
"reference_err": 0,
"prefix": 0,
"index": 0,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"over_range": 0
}
],
"group": 30,
"variation": 5,
"qualifier": 0,
"prefix_code": 0,
"range_code": 0,
"start": 0,
"stop": 0,
"count": 1
},
{
"items": [
{
"value": 0,
"reserved": 0,
"reference_err": 0,
"prefix": 0,
"index": 1,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"over_range": 0
},
{
"value": 0,
"reserved": 0,
"reference_err": 0,
"prefix": 0,
"index": 2,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"over_range": 0
},
{
"value": 0,
"reserved": 0,
"reference_err": 0,
"prefix": 0,
"index": 3,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"over_range": 0
},
{
"value": 0,
"reserved": 0,
"reference_err": 0,
"prefix": 0,
"index": 4,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"over_range": 0
},
{
"value": 0,
"reserved": 0,
"reference_err": 0,
"prefix": 0,
"index": 5,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"over_range": 0
},
{
"value": 0,
"reserved": 0,
"reference_err": 0,
"prefix": 0,
"index": 6,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"over_range": 0
},
{
"value": 0,
"reserved": 0,
"reference_err": 0,
"prefix": 0,
"index": 7,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"over_range": 0
},
{
"value": 0,
"reserved": 0,
"reference_err": 0,
"prefix": 0,
"index": 8,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"over_range": 0
},
{
"value": 0,
"reserved": 0,
"reference_err": 0,
"prefix": 0,
"index": 9,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"over_range": 0
}
],
"group": 30,
"variation": 1,
"qualifier": 0,
"prefix_code": 0,
"range_code": 0,
"start": 1,
"stop": 9,
"count": 9
},
{
"items": [
{
"state": 0,
"reserved1": 0,
"prefix": 0,
"index": 0,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"reserved0": 0
},
{
"state": 0,
"reserved1": 0,
"prefix": 0,
"index": 1,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"reserved0": 0
},
{
"state": 0,
"reserved1": 0,
"prefix": 0,
"index": 2,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"reserved0": 0
},
{
"state": 0,
"reserved1": 0,
"prefix": 0,
"index": 3,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"reserved0": 0
},
{
"state": 0,
"reserved1": 0,
"prefix": 0,
"index": 4,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"reserved0": 0
},
{
"state": 0,
"reserved1": 0,
"prefix": 0,
"index": 5,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"reserved0": 0
},
{
"state": 0,
"reserved1": 0,
"prefix": 0,
"index": 6,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"reserved0": 0
},
{
"state": 0,
"reserved1": 0,
"prefix": 0,
"index": 7,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"reserved0": 0
},
{
"state": 0,
"reserved1": 0,
"prefix": 0,
"index": 8,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"reserved0": 0
},
{
"state": 0,
"reserved1": 0,
"prefix": 0,
"index": 9,
"online": 0,
"restart": 1,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0,
"reserved0": 0
}
],
"group": 10,
"variation": 2,
"qualifier": 0,
"prefix_code": 0,
"range_code": 0,
"start": 0,
"stop": 9,
"count": 10
},
{
"count": 10,
"stop": 9,
"start": 0,
"range_code": 0,
"prefix_code": 0,
"qualifier": 0,
"variation": 1,
"group": 40
}
],
"function_code": 129,
"control": {
"sequence": 2,
"uns": false,
"con": false,
"fin": true,
"fir": true
}
},
"dst": 1,
"src": 10,
"control": {
"function_code": 4,
"fcv": false,
"fcb": false,
"pri": true,
"dir": false
},
"type": "response"
},
"request": {
"application": {
"complete": true,
"objects": [
{
"count": 0,
"stop": 0,
"start": 0,
"range_code": 6,
"prefix_code": 0,
"qualifier": 6,
"variation": 2,
"group": 60
},
{
"count": 0,
"stop": 0,
"start": 0,
"range_code": 6,
"prefix_code": 0,
"qualifier": 6,
"variation": 3,
"group": 60
},
{
"count": 0,
"stop": 0,
"start": 0,
"range_code": 6,
"prefix_code": 0,
"qualifier": 6,
"variation": 4,
"group": 60
},
{
"count": 0,
"stop": 0,
"start": 0,
"range_code": 6,
"prefix_code": 0,
"qualifier": 6,
"variation": 1,
"group": 60
}
],
"function_code": 1,
"control": {
"sequence": 2,
"uns": false,
"con": false,
"fin": true,
"fir": true
}
},
"dst": 10,
"src": 1,
"control": {
"function_code": 4,
"fcv": false,
"fcb": false,
"pri": true,
"dir": true
},
"type": "request"
}
},
"alert": {
"severity": 3,
"category": "",
"signature": "SURICATA DNP3 Unknown object",
"rev": 1,
"signature_id": 2270004,
"gid": 1,
"action": "allowed"
},
"tx_id": 3,
"proto": "TCP",
"timestamp": "2015-07-14T11:45:56.361312-0600",
"flow_id": 106790066891968,
"pcap_cnt": 21,
"event_type": "alert",
"src_ip": "127.0.0.1",
"src_port": 20000,
"dest_ip": "127.0.0.1",
"dest_port": 59602
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment