Skip to content

Instantly share code, notes, and snippets.

@jasonish

jasonish/-

Created September 17, 2015 17:59
Show Gist options
  • Save jasonish/75da175329764a022f4b to your computer and use it in GitHub Desktop.
Save jasonish/75da175329764a022f4b to your computer and use it in GitHub Desktop.
Download ZIP
Raw
-
{
"src_port": 47423,
"src_ip": "192.168.1.101",
"dest_port": 20000,
"dest_ip": "192.168.2.100",
"dnp3": {
"iin": {
"indicators": []
},
"application": {
"complete": true,
"objects": [
{
"stop": 3,
"count": 4,
"items": [
{
"local_forced": 0,
"remote_forced": 0,
"reserved": 0,
"chatter_filter": 0,
"timestamp": 3106215311439,
"state": 1,
"prefix": 201,
"online": 1,
"restart": 0,
"comm_lost": 0
},
{
"local_forced": 0,
"remote_forced": 0,
"reserved": 0,
"chatter_filter": 0,
"timestamp": 3106215311688,
"state": 1,
"prefix": 202,
"online": 1,
"restart": 0,
"comm_lost": 0
},
{
"local_forced": 0,
"remote_forced": 0,
"reserved": 0,
"chatter_filter": 0,
"timestamp": 3106215321328,
"state": 0,
"prefix": 202,
"online": 1,
"restart": 0,
"comm_lost": 0
},
{
"local_forced": 0,
"remote_forced": 0,
"reserved": 0,
"chatter_filter": 0,
"timestamp": 3106215321328,
"state": 1,
"prefix": 203,
"online": 1,
"restart": 0,
"comm_lost": 0
}
],
"group": 2,
"variation": 2,
"qualifier": 40,
"prefix_code": 2,
"range_code": 8,
"start": 0
},
{
"stop": 0,
"count": 1,
"items": [
{
"chatter_filter": 0,
"reserved": 0,
"state": 1,
"prefix": 101,
"online": 1,
"restart": 0,
"comm_lost": 0,
"remote_forced": 0,
"local_forced": 0
}
],
"group": 2,
"variation": 1,
"qualifier": 40,
"prefix_code": 2,
"range_code": 8,
"start": 0
},
{
"stop": 1,
"count": 2,
"items": [
{
"local_forced": 0,
"remote_forced": 0,
"reference_err": 0,
"over_range": 0,
"value": 26220,
"reserved": 0,
"prefix": 10,
"online": 1,
"restart": 0,
"comm_lost": 0
},
{
"local_forced": 0,
"remote_forced": 0,
"reference_err": 0,
"over_range": 0,
"value": -26208,
"reserved": 0,
"prefix": 11,
"online": 1,
"restart": 0,
"comm_lost": 0
}
],
"group": 32,
"variation": 2,
"qualifier": 40,
"prefix_code": 2,
"range_code": 8,
"start": 0
},
{
"stop": 25,
"count": 10,
"items": [
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 1
},
{
"value": 0
}
],
"group": 1,
"variation": 1,
"qualifier": 0,
"prefix_code": 0,
"range_code": 0,
"start": 16
},
{
"stop": 28,
"count": 2,
"items": [
{
"value": 0
},
{
"value": 0
}
],
"group": 1,
"variation": 1,
"qualifier": 0,
"prefix_code": 0,
"range_code": 0,
"start": 27
},
{
"stop": 49,
"count": 4,
"items": [
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
}
],
"group": 1,
"variation": 1,
"qualifier": 0,
"prefix_code": 0,
"range_code": 0,
"start": 46
},
{
"stop": 96,
"count": 33,
"items": [
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
}
],
"group": 1,
"variation": 1,
"qualifier": 0,
"prefix_code": 0,
"range_code": 0,
"start": 64
},
{
"stop": 148,
"count": 49,
"items": [
{
"value": 0
},
{
"value": 1
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
},
{
"value": 0
}
],
"group": 1,
"variation": 1,
"qualifier": 0,
"prefix_code": 0,
"range_code": 0,
"start": 100
},
{
"stop": 174,
"count": 1,
"items": [
{
"value": 0
}
],
"group": 1,
"variation": 1,
"qualifier": 0,
"prefix_code": 0,
"range_code": 0,
"start": 174
},
{
"stop": 203,
"count": 4,
"items": [
{
"value": 0
},
{
"value": 1
},
{
"value": 0
},
{
"value": 1
}
],
"group": 1,
"variation": 1,
"qualifier": 0,
"prefix_code": 0,
"range_code": 0,
"start": 200
},
{
"stop": 11,
"count": 2,
"items": [
{
"local_forced": 0,
"remote_forced": 0,
"reference_err": 0,
"over_range": 0,
"value": 26220,
"reserved": 0,
"prefix": 0,
"online": 1,
"restart": 0,
"comm_lost": 0
},
{
"local_forced": 0,
"remote_forced": 0,
"reference_err": 0,
"over_range": 0,
"value": -26208,
"reserved": 0,
"prefix": 0,
"online": 1,
"restart": 0,
"comm_lost": 0
}
],
"group": 30,
"variation": 2,
"qualifier": 0,
"prefix_code": 0,
"range_code": 0,
"start": 10
}
],
"function_code": 129,
"control": {
"sequence": 15,
"uns": false,
"con": true,
"fin": true,
"fir": true
}
},
"dst": 1,
"src": 1,
"control": {
"function_code": 4,
"fcv": false,
"fcb": false,
"pri": true,
"dir": false
},
"type": "response"
},
"proto": "TCP",
"timestamp": "2015-06-23T15:29:47.814871-0600",
"flow_id": 46890864,
"pcap_cnt": 32363,
"event_type": "dnp3"
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment