Last active
September 19, 2015 15:34
-
-
Save jasonish/939239d955d5cc11d980 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "src_port": 47423, | |
| "src_ip": "192.168.1.101", | |
| "dest_port": 20000, | |
| "dest_ip": "192.168.2.100", | |
| "dnp3": { | |
| "iin": { | |
| "indicators": [] | |
| }, | |
| "application": { | |
| "complete": true, | |
| "objects": [ | |
| { | |
| "stop": 3, | |
| "count": 4, | |
| "items": [ | |
| { | |
| "comm_lost": 0, | |
| "restart": 0, | |
| "online": 1, | |
| "chatter_filter": 0, | |
| "local_forced": 0, | |
| "remote_forced": 0, | |
| "timestamp": 3106215311439, | |
| "state": 1, | |
| "reserved": 0, | |
| "prefix": 201, | |
| "index": 201 | |
| }, | |
| { | |
| "comm_lost": 0, | |
| "restart": 0, | |
| "online": 1, | |
| "chatter_filter": 0, | |
| "local_forced": 0, | |
| "remote_forced": 0, | |
| "timestamp": 3106215311688, | |
| "state": 1, | |
| "reserved": 0, | |
| "prefix": 202, | |
| "index": 202 | |
| }, | |
| { | |
| "comm_lost": 0, | |
| "restart": 0, | |
| "online": 1, | |
| "chatter_filter": 0, | |
| "local_forced": 0, | |
| "remote_forced": 0, | |
| "timestamp": 3106215321328, | |
| "state": 0, | |
| "reserved": 0, | |
| "prefix": 202, | |
| "index": 202 | |
| }, | |
| { | |
| "comm_lost": 0, | |
| "restart": 0, | |
| "online": 1, | |
| "chatter_filter": 0, | |
| "local_forced": 0, | |
| "remote_forced": 0, | |
| "timestamp": 3106215321328, | |
| "state": 1, | |
| "reserved": 0, | |
| "prefix": 203, | |
| "index": 203 | |
| } | |
| ], | |
| "group": 2, | |
| "variation": 2, | |
| "qualifier": 40, | |
| "prefix_code": 2, | |
| "range_code": 8, | |
| "start": 0 | |
| }, | |
| { | |
| "stop": 0, | |
| "count": 1, | |
| "items": [ | |
| { | |
| "remote_forced": 0, | |
| "comm_lost": 0, | |
| "chatter_filter": 0, | |
| "local_forced": 0, | |
| "state": 1, | |
| "reserved": 0, | |
| "prefix": 101, | |
| "index": 101, | |
| "online": 1, | |
| "restart": 0 | |
| } | |
| ], | |
| "group": 2, | |
| "variation": 1, | |
| "qualifier": 40, | |
| "prefix_code": 2, | |
| "range_code": 8, | |
| "start": 0 | |
| }, | |
| { | |
| "stop": 1, | |
| "count": 2, | |
| "items": [ | |
| { | |
| "comm_lost": 0, | |
| "restart": 0, | |
| "online": 1, | |
| "over_range": 0, | |
| "local_forced": 0, | |
| "remote_forced": 0, | |
| "value": 26220, | |
| "reserved": 0, | |
| "reference_err": 0, | |
| "prefix": 10, | |
| "index": 10 | |
| }, | |
| { | |
| "comm_lost": 0, | |
| "restart": 0, | |
| "online": 1, | |
| "over_range": 0, | |
| "local_forced": 0, | |
| "remote_forced": 0, | |
| "value": -26208, | |
| "reserved": 0, | |
| "reference_err": 0, | |
| "prefix": 11, | |
| "index": 11 | |
| } | |
| ], | |
| "group": 32, | |
| "variation": 2, | |
| "qualifier": 40, | |
| "prefix_code": 2, | |
| "range_code": 8, | |
| "start": 0 | |
| }, | |
| { | |
| "stop": 25, | |
| "count": 10, | |
| "items": [ | |
| { | |
| "value": 0, | |
| "index": 16, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 17, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 18, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 19, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 20, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 21, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 22, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 23, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 1, | |
| "index": 24, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 25, | |
| "prefix": 0 | |
| } | |
| ], | |
| "group": 1, | |
| "variation": 1, | |
| "qualifier": 0, | |
| "prefix_code": 0, | |
| "range_code": 0, | |
| "start": 16 | |
| }, | |
| { | |
| "stop": 28, | |
| "count": 2, | |
| "items": [ | |
| { | |
| "value": 0, | |
| "index": 27, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 28, | |
| "prefix": 0 | |
| } | |
| ], | |
| "group": 1, | |
| "variation": 1, | |
| "qualifier": 0, | |
| "prefix_code": 0, | |
| "range_code": 0, | |
| "start": 27 | |
| }, | |
| { | |
| "stop": 49, | |
| "count": 4, | |
| "items": [ | |
| { | |
| "value": 0, | |
| "index": 46, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 47, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 48, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 49, | |
| "prefix": 0 | |
| } | |
| ], | |
| "group": 1, | |
| "variation": 1, | |
| "qualifier": 0, | |
| "prefix_code": 0, | |
| "range_code": 0, | |
| "start": 46 | |
| }, | |
| { | |
| "stop": 96, | |
| "count": 33, | |
| "items": [ | |
| { | |
| "value": 0, | |
| "index": 64, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 65, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 66, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 67, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 68, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 69, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 70, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 71, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 72, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 73, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 74, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 75, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 76, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 77, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 78, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 79, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 80, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 81, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 82, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 83, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 84, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 85, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 86, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 87, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 88, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 89, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 90, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 91, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 92, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 93, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 94, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 95, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 96, | |
| "prefix": 0 | |
| } | |
| ], | |
| "group": 1, | |
| "variation": 1, | |
| "qualifier": 0, | |
| "prefix_code": 0, | |
| "range_code": 0, | |
| "start": 64 | |
| }, | |
| { | |
| "stop": 148, | |
| "count": 49, | |
| "items": [ | |
| { | |
| "value": 0, | |
| "index": 100, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 1, | |
| "index": 101, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 102, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 103, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 104, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 105, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 106, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 107, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 108, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 109, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 110, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 111, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 112, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 113, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 114, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 115, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 116, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 117, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 118, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 119, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 120, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 121, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 122, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 123, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 124, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 125, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 126, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 127, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 128, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 129, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 130, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 131, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 132, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 133, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 134, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 135, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 136, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 137, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 138, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 139, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 140, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 141, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 142, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 143, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 144, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 145, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 146, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 147, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 148, | |
| "prefix": 0 | |
| } | |
| ], | |
| "group": 1, | |
| "variation": 1, | |
| "qualifier": 0, | |
| "prefix_code": 0, | |
| "range_code": 0, | |
| "start": 100 | |
| }, | |
| { | |
| "stop": 174, | |
| "count": 1, | |
| "items": [ | |
| { | |
| "value": 0, | |
| "index": 174, | |
| "prefix": 0 | |
| } | |
| ], | |
| "group": 1, | |
| "variation": 1, | |
| "qualifier": 0, | |
| "prefix_code": 0, | |
| "range_code": 0, | |
| "start": 174 | |
| }, | |
| { | |
| "stop": 203, | |
| "count": 4, | |
| "items": [ | |
| { | |
| "value": 0, | |
| "index": 200, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 1, | |
| "index": 201, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 0, | |
| "index": 202, | |
| "prefix": 0 | |
| }, | |
| { | |
| "value": 1, | |
| "index": 203, | |
| "prefix": 0 | |
| } | |
| ], | |
| "group": 1, | |
| "variation": 1, | |
| "qualifier": 0, | |
| "prefix_code": 0, | |
| "range_code": 0, | |
| "start": 200 | |
| }, | |
| { | |
| "stop": 11, | |
| "count": 2, | |
| "items": [ | |
| { | |
| "comm_lost": 0, | |
| "restart": 0, | |
| "online": 1, | |
| "over_range": 0, | |
| "local_forced": 0, | |
| "remote_forced": 0, | |
| "value": 26220, | |
| "reserved": 0, | |
| "reference_err": 0, | |
| "prefix": 0, | |
| "index": 10 | |
| }, | |
| { | |
| "comm_lost": 0, | |
| "restart": 0, | |
| "online": 1, | |
| "over_range": 0, | |
| "local_forced": 0, | |
| "remote_forced": 0, | |
| "value": -26208, | |
| "reserved": 0, | |
| "reference_err": 0, | |
| "prefix": 0, | |
| "index": 11 | |
| } | |
| ], | |
| "group": 30, | |
| "variation": 2, | |
| "qualifier": 0, | |
| "prefix_code": 0, | |
| "range_code": 0, | |
| "start": 10 | |
| } | |
| ], | |
| "function_code": 129, | |
| "control": { | |
| "sequence": 15, | |
| "uns": false, | |
| "con": true, | |
| "fin": true, | |
| "fir": true | |
| } | |
| }, | |
| "dst": 1, | |
| "src": 1, | |
| "control": { | |
| "function_code": 4, | |
| "fcv": false, | |
| "fcb": false, | |
| "pri": true, | |
| "dir": false | |
| }, | |
| "type": "response" | |
| }, | |
| "proto": "TCP", | |
| "timestamp": "2015-06-23T15:29:47.814871-0600", | |
| "flow_id": 59866368, | |
| "pcap_cnt": 32363, | |
| "event_type": "dnp3" | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment