Created
October 9, 2015 05:15
-
-
Save jasonish/e763ff3eb610b47ab0d3 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {"timestamp":"2015-07-14T11:45:56.361312-0600","flow_id":106790066891968,"pcap_cnt":21,"event_type":"alert","src_ip":"127.0.0.1","src_port":20000,"dest_ip":"127.0.0.1","dest_port":59602,"proto":"TCP","tx_id":3,"alert":{"action":"allowed","gid":1,"signature_id":2270004,"rev":1,"signature":"SURICATA DNP3 Unknown object","category":"","severity":3},"dnp3":{"request":{"type":"request","control":{"dir":true,"pri":true,"fcb":false,"fcv":false,"function_code":4},"src":1,"dst":10,"application":{"control":{"fir":true,"fin":true,"con":false,"uns":false,"sequence":2},"function_code":1,"objects":[{"group":60,"variation":2,"qualifier":6,"prefix_code":0,"range_code":6,"start":0,"stop":0,"count":0},{"group":60,"variation":3,"qualifier":6,"prefix_code":0,"range_code":6,"start":0,"stop":0,"count":0},{"group":60,"variation":4,"qualifier":6,"prefix_code":0,"range_code":6,"start":0,"stop":0,"count":0},{"group":60,"variation":1,"qualifier":6,"prefix_code":0,"range_code":6,"start":0,"stop":0,"count":0}],"complete":true}},"response":{"type":"response","control":{"dir":false,"pri":true,"fcb":false,"fcv":false,"function_code":4},"src":10,"dst":1,"application":{"control":{"fir":true,"fin":true,"con":false,"uns":false,"sequence":2},"function_code":129,"objects":[{"group":1,"variation":2,"qualifier":0,"prefix_code":0,"range_code":0,"start":0,"stop":9,"count":10,"items":[{"prefix":0,"index":0,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"chatter_filter":0,"reserved":0,"state":0},{"prefix":0,"index":1,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"chatter_filter":0,"reserved":0,"state":0},{"prefix":0,"index":2,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"chatter_filter":0,"reserved":0,"state":0},{"prefix":0,"index":3,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"chatter_filter":0,"reserved":0,"state":0},{"prefix":0,"index":4,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"chatter_filter":0,"reserved":0,"state":0},{"prefix":0,"index":5,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"chatter_filter":0,"reserved":0,"state":0},{"prefix":0,"index":6,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"chatter_filter":0,"reserved":0,"state":0},{"prefix":0,"index":7,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"chatter_filter":0,"reserved":0,"state":0},{"prefix":0,"index":8,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"chatter_filter":0,"reserved":0,"state":0},{"prefix":0,"index":9,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"chatter_filter":0,"reserved":0,"state":0}]},{"group":3,"variation":2,"qualifier":0,"prefix_code":0,"range_code":0,"start":0,"stop":9,"count":10,"items":[{"prefix":0,"index":0,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"chatter_filter":0,"state":0},{"prefix":0,"index":1,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"chatter_filter":0,"state":0},{"prefix":0,"index":2,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"chatter_filter":0,"state":0},{"prefix":0,"index":3,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"chatter_filter":0,"state":0},{"prefix":0,"index":4,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"chatter_filter":0,"state":0},{"prefix":0,"index":5,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"chatter_filter":0,"state":0},{"prefix":0,"index":6,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"chatter_filter":0,"state":0},{"prefix":0,"index":7,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"chatter_filter":0,"state":0},{"prefix":0,"index":8,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"chatter_filter":0,"state":0},{"prefix":0,"index":9,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"chatter_filter":0,"state":0}]},{"group":20,"variation":1,"qualifier":0,"prefix_code":0,"range_code":0,"start":0,"stop":9,"count":10,"items":[{"prefix":0,"index":0,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"rollover":0,"discontinuity":0,"count":0},{"prefix":0,"index":1,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"rollover":0,"discontinuity":0,"count":0},{"prefix":0,"index":2,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"rollover":0,"discontinuity":0,"count":0},{"prefix":0,"index":3,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"rollover":0,"discontinuity":0,"count":0},{"prefix":0,"index":4,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"rollover":0,"discontinuity":0,"count":0},{"prefix":0,"index":5,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"rollover":0,"discontinuity":0,"count":0},{"prefix":0,"index":6,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"rollover":0,"discontinuity":0,"count":0},{"prefix":0,"index":7,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"rollover":0,"discontinuity":0,"count":0},{"prefix":0,"index":8,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"rollover":0,"discontinuity":0,"count":0},{"prefix":0,"index":9,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"rollover":0,"discontinuity":0,"count":0}]},{"group":21,"variation":1,"qualifier":0,"prefix_code":0,"range_code":0,"start":0,"stop":9,"count":10,"items":[{"prefix":0,"index":0,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"rollover":0,"discontinuity":0,"count":0},{"prefix":0,"index":1,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"rollover":0,"discontinuity":0,"count":0},{"prefix":0,"index":2,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"rollover":0,"discontinuity":0,"count":0},{"prefix":0,"index":3,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"rollover":0,"discontinuity":0,"count":0},{"prefix":0,"index":4,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"rollover":0,"discontinuity":0,"count":0},{"prefix":0,"index":5,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"rollover":0,"discontinuity":0,"count":0},{"prefix":0,"index":6,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"rollover":0,"discontinuity":0,"count":0},{"prefix":0,"index":7,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"rollover":0,"discontinuity":0,"count":0},{"prefix":0,"index":8,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"rollover":0,"discontinuity":0,"count":0},{"prefix":0,"index":9,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"rollover":0,"discontinuity":0,"count":0}]},{"group":30,"variation":5,"qualifier":0,"prefix_code":0,"range_code":0,"start":0,"stop":0,"count":1,"items":[{"prefix":0,"index":0,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"over_range":0,"reference_err":0,"reserved":0,"value":0.0}]},{"group":30,"variation":1,"qualifier":0,"prefix_code":0,"range_code":0,"start":1,"stop":9,"count":9,"items":[{"prefix":0,"index":1,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"over_range":0,"reference_err":0,"reserved":0,"value":0},{"prefix":0,"index":2,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"over_range":0,"reference_err":0,"reserved":0,"value":0},{"prefix":0,"index":3,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"over_range":0,"reference_err":0,"reserved":0,"value":0},{"prefix":0,"index":4,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"over_range":0,"reference_err":0,"reserved":0,"value":0},{"prefix":0,"index":5,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"over_range":0,"reference_err":0,"reserved":0,"value":0},{"prefix":0,"index":6,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"over_range":0,"reference_err":0,"reserved":0,"value":0},{"prefix":0,"index":7,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"over_range":0,"reference_err":0,"reserved":0,"value":0},{"prefix":0,"index":8,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"over_range":0,"reference_err":0,"reserved":0,"value":0},{"prefix":0,"index":9,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"over_range":0,"reference_err":0,"reserved":0,"value":0}]},{"group":10,"variation":2,"qualifier":0,"prefix_code":0,"range_code":0,"start":0,"stop":9,"count":10,"items":[{"prefix":0,"index":0,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"reserved0":0,"reserved1":0,"state":0},{"prefix":0,"index":1,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"reserved0":0,"reserved1":0,"state":0},{"prefix":0,"index":2,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"reserved0":0,"reserved1":0,"state":0},{"prefix":0,"index":3,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"reserved0":0,"reserved1":0,"state":0},{"prefix":0,"index":4,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"reserved0":0,"reserved1":0,"state":0},{"prefix":0,"index":5,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"reserved0":0,"reserved1":0,"state":0},{"prefix":0,"index":6,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"reserved0":0,"reserved1":0,"state":0},{"prefix":0,"index":7,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"reserved0":0,"reserved1":0,"state":0},{"prefix":0,"index":8,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"reserved0":0,"reserved1":0,"state":0},{"prefix":0,"index":9,"online":0,"restart":1,"comm_lost":0,"remote_forced":0,"local_forced":0,"reserved0":0,"reserved1":0,"state":0}]},{"group":40,"variation":1,"qualifier":0,"prefix_code":0,"range_code":0,"start":0,"stop":9,"count":10}],"complete":false},"iin":{"indicators":[]}}}} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment