diff options
| author | doufenghu <[email protected]> | 2024-10-28 19:28:06 +0800 |
|---|---|---|
| committer | doufenghu <[email protected]> | 2024-10-28 19:28:06 +0800 |
| commit | 2eb117686172e4eb7449713feaf289c9253d758c (patch) | |
| tree | 60a877289da6c675cf26d2ff59a9804a18d9c21f /e2e-mockdata-generator/datasets/logs | |
| parent | fcd285257e97eab54ca6b63005737f9ae4db4fc6 (diff) | |
[feature][24.10] 修改E2E日志测试集xx_rule_list为xx_rule_uuid_list. 修改Function测试用例适配tsg24.10功能.HEADv24.10develop
Diffstat (limited to 'e2e-mockdata-generator/datasets/logs')
| -rw-r--r-- | e2e-mockdata-generator/datasets/logs/proxy_event.dat | 2 | ||||
| -rw-r--r-- | e2e-mockdata-generator/datasets/logs/session_record.dat | 14 |
2 files changed, 8 insertions, 8 deletions
diff --git a/e2e-mockdata-generator/datasets/logs/proxy_event.dat b/e2e-mockdata-generator/datasets/logs/proxy_event.dat index 8f8ea89..f39811a 100644 --- a/e2e-mockdata-generator/datasets/logs/proxy_event.dat +++ b/e2e-mockdata-generator/datasets/logs/proxy_event.dat @@ -1 +1 @@ -{"__timestamp":946681200,"__inputid":"tsg_olap","session_id":10240001,"decoded_as":"HTTP","ip_protocol":"tcp","address_type":4,"client_ip":"10.0.0.1","server_ip":"192.0.2.1","client_port":1000,"server_port":60000,"t_vsys_id":0,"vsys_id":1024,"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","sled_ip":"127.0.0.1","app":"unknown","app_transition":"","client_geolocation":"unknown","server_geolocation":"unknown","decoded_path":"ETHERNET.IPv4.TCP.HTTP","server_fqdn":"","out_src_mac":"00:1A:2B:3C:4D:5E","out_dest_mac":"5E:4D:3C:2B:1A:00","start_timestamp_ms":946681200000,"end_timestamp_ms":946681200000,"tcp_rtt_ms":0,"tcp_client_isn":0,"tcp_server_isn":0,"tcp_handshake_latency_ms":0,"in_link_id":0,"out_link_id":0,"duration_ms":0,"sent_pkts":0,"sent_bytes":0,"received_pkts":0,"received_bytes":0,"tcp_c2s_ip_fragments":0,"tcp_s2c_ip_fragments":0,"tcp_c2s_rtx_pkts":0,"tcp_c2s_rtx_bytes":0,"tcp_s2c_rtx_pkts":0,"tcp_s2c_rtx_bytes":0,"tcp_c2s_o3_pkts":0,"tcp_s2c_o3_pkts":0,"tcp_c2s_lost_bytes":0,"tcp_s2c_lost_bytes":0,"client_os_desc":"Windows","server_os_desc":"Linux","dup_traffic_flag":0,"sc_rsp_raw":[0],"http_version":"http1","http_request_line":"GET www.google.com/ HTTP/1.1","http_response_line":"HTTP/1.1 200 OK","http_status_code":200,"http_url":"www.google.com/","http_host":"www.google.com","http_cookie":"NID=513","http_user_agent":"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; WOW64; Trident/5.0)","http_response_content_type":"text/html; charset=UTF-8","proxy_rule_list":[4450],"proxy_action":"insert","http_action_file_size":35} +{"__timestamp":946681200,"__inputid":"tsg_olap","session_id":10240001,"decoded_as":"HTTP","ip_protocol":"tcp","address_type":4,"client_ip":"10.0.0.1","server_ip":"192.0.2.1","client_port":1000,"server_port":60000,"t_vsys_id":0,"vsys_id":1024,"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","sled_ip":"127.0.0.1","app":"unknown","app_transition":"","client_geolocation":"unknown","server_geolocation":"unknown","decoded_path":"ETHERNET.IPv4.TCP.HTTP","server_fqdn":"","out_src_mac":"00:1A:2B:3C:4D:5E","out_dest_mac":"5E:4D:3C:2B:1A:00","start_timestamp_ms":946681200000,"end_timestamp_ms":946681200000,"tcp_rtt_ms":0,"tcp_client_isn":0,"tcp_server_isn":0,"tcp_handshake_latency_ms":0,"in_link_id":0,"out_link_id":0,"duration_ms":0,"sent_pkts":0,"sent_bytes":0,"received_pkts":0,"received_bytes":0,"tcp_c2s_ip_fragments":0,"tcp_s2c_ip_fragments":0,"tcp_c2s_rtx_pkts":0,"tcp_c2s_rtx_bytes":0,"tcp_s2c_rtx_pkts":0,"tcp_s2c_rtx_bytes":0,"tcp_c2s_o3_pkts":0,"tcp_s2c_o3_pkts":0,"tcp_c2s_lost_bytes":0,"tcp_s2c_lost_bytes":0,"client_os_desc":"Windows","server_os_desc":"Linux","dup_traffic_flag":0,"sc_rsp_raw":[0],"http_version":"http1","http_request_line":"GET www.google.com/ HTTP/1.1","http_response_line":"HTTP/1.1 200 OK","http_status_code":200,"http_url":"www.google.com/","http_host":"www.google.com","http_cookie":"NID=513","http_user_agent":"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; WOW64; Trident/5.0)","http_response_content_type":"text/html; charset=UTF-8","proxy_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"proxy_action":"insert","http_action_file_size":35}
\ No newline at end of file diff --git a/e2e-mockdata-generator/datasets/logs/session_record.dat b/e2e-mockdata-generator/datasets/logs/session_record.dat index 165260b..616231e 100644 --- a/e2e-mockdata-generator/datasets/logs/session_record.dat +++ b/e2e-mockdata-generator/datasets/logs/session_record.dat @@ -1,7 +1,7 @@ -{"__timestamp":946681200,"__inputid":"tsg_olap","session_id":10240001,"decoded_as":"BASE","ip_protocol":"tcp","address_type":4,"client_ip":"10.0.0.1","server_ip":"192.0.2.1","client_port":1000,"server_port":60000,"t_vsys_id":0,"vsys_id":1024,"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","sled_ip":"127.0.0.1","app":"unknown","app_transition":"","client_geolocation":"unknown","server_geolocation":"unknown","decoded_path":"ETHERNET.IPv4.TCP","server_fqdn":"","out_src_mac":"00:1A:2B:3C:4D:5E","out_dest_mac":"5E:4D:3C:2B:1A:00","start_timestamp_ms":946681200000,"end_timestamp_ms":946681200000,"tcp_rtt_ms":0,"tcp_client_isn":0,"tcp_server_isn":0,"tcp_handshake_latency_ms":0,"in_link_id":0,"out_link_id":0,"duration_ms":0,"sent_pkts":0,"sent_bytes":0,"received_pkts":0,"received_bytes":0,"tcp_c2s_ip_fragments":0,"tcp_s2c_ip_fragments":0,"tcp_c2s_rtx_pkts":0,"tcp_c2s_rtx_bytes":0,"tcp_s2c_rtx_pkts":0,"tcp_s2c_rtx_bytes":0,"tcp_c2s_o3_pkts":0,"tcp_s2c_o3_pkts":0,"tcp_c2s_lost_bytes":0,"tcp_s2c_lost_bytes":0,"flags":0,"flags_identify_info":[1,1],"fqdn_category_list":[0],"monitor_rule_list":[0],"security_rule_list":[0],"sc_rule_list":[0],"shaping_rule_list":[0],"proxy_rule_list":[0],"statistics_rule_list":[0],"monitor_mirrored_pkts":0,"monitor_mirrored_bytes":0,"client_os_desc":"Windows","server_os_desc":"Linux","dup_traffic_flag":0,"sc_rsp_raw":[0],"encapsulation":"[{\"tunnels_schema_type\":\"ETHERNET\",\"source_mac\":\"00:1A:2B:3C:4D:5E\",\"destination_mac\":\"5E:4D:3C:2B:1A:00\"}]","client_ip_tags":["Country Code:Private Network"],"server_ip_tags":["Cloud Provider:TEST"]} -{"__timestamp":946681200,"__inputid":"tsg_olap","session_id":10240002,"decoded_as":"HTTP","ip_protocol":"tcp","address_type":4,"client_ip":"10.0.0.2","server_ip":"192.0.2.2","client_port":1000,"server_port":60000,"t_vsys_id":0,"vsys_id":1024,"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","sled_ip":"127.0.0.1","app":"unknown","app_transition":"","client_geolocation":"unknown","server_geolocation":"unknown","decoded_path":"ETHERNET.IPv4.TCP.HTTP","server_fqdn":"static-pcs-sdk-server.test.com","out_src_mac":"00:1A:2B:3C:4D:5E","out_dest_mac":"5E:4D:3C:2B:1A:00","start_timestamp_ms":946681200000,"end_timestamp_ms":946681200000,"tcp_rtt_ms":0,"tcp_client_isn":0,"tcp_server_isn":0,"tcp_handshake_latency_ms":0,"in_link_id":0,"out_link_id":0,"duration_ms":0,"sent_pkts":0,"sent_bytes":0,"received_pkts":0,"received_bytes":0,"tcp_c2s_ip_fragments":0,"tcp_s2c_ip_fragments":0,"tcp_c2s_rtx_pkts":0,"tcp_c2s_rtx_bytes":0,"tcp_s2c_rtx_pkts":0,"tcp_s2c_rtx_bytes":0,"tcp_c2s_o3_pkts":0,"tcp_s2c_o3_pkts":0,"tcp_c2s_lost_bytes":0,"tcp_s2c_lost_bytes":0,"flags":0,"flags_identify_info":[1,1],"fqdn_category_list":[0],"monitor_rule_list":[0],"security_rule_list":[0],"sc_rule_list":[0],"shaping_rule_list":[0],"proxy_rule_list":[0],"statistics_rule_list":[0],"monitor_mirrored_pkts":0,"monitor_mirrored_bytes":0,"client_os_desc":"Windows","server_os_desc":"Linux","dup_traffic_flag":0,"sc_rsp_raw":[0],"encapsulation":"[{\"tunnels_schema_type\":\"ETHERNET\",\"source_mac\":\"00:1A:2B:3C:4D:5E\",\"destination_mac\":\"5E:4D:3C:2B:1A:00\"}]","packet_capture_file":"123e4567-e89b-12d3-a456-426614174001","http_request_body":"123e4567-e89b-12d3-a456-426614174002","http_response_body":"123e4567-e89b-12d3-a456-426614174003","http_version":"http1","http_request_line":"POST /a HTTP/1.1","http_user_agent":"WinHttpClient","http_request_content_length":0,"http_host":"static-pcs-sdk-server.test.com","http_url":"static-pcs-sdk-server.test.com/a","http_status_code":200,"http_response_line":"HTTP/1.1 200 OK","http_response_content_type":"application/json;charset=UTF-8","http_response_content_length":0,"http_response_latency_ms":0,"http_session_duration_ms":0,"http_sequence":1,"client_ip_tags":["Country Code:Private Network"],"server_ip_tags":["Cloud Provider:TEST"]} -{"__timestamp":946681200,"__inputid":"tsg_olap","session_id":10240003,"decoded_as":"SSL","ip_protocol":"tcp","address_type":4,"client_ip":"10.0.0.3","server_ip":"192.0.2.3","client_port":1000,"server_port":60000,"t_vsys_id":0,"vsys_id":1024,"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","sled_ip":"127.0.0.1","app":"unknown","app_transition":"","client_geolocation":"unknown","server_geolocation":"unknown","decoded_path":"ETHERNET.IPv4.TCP.ssl","server_fqdn":"storeedgefd.dsx.mp.microsoft.com","out_src_mac":"00:1A:2B:3C:4D:5E","out_dest_mac":"5E:4D:3C:2B:1A:00","start_timestamp_ms":946681200000,"end_timestamp_ms":946681200000,"tcp_rtt_ms":0,"tcp_client_isn":0,"tcp_server_isn":0,"tcp_handshake_latency_ms":0,"in_link_id":0,"out_link_id":0,"duration_ms":0,"sent_pkts":0,"sent_bytes":0,"received_pkts":0,"received_bytes":0,"tcp_c2s_ip_fragments":0,"tcp_s2c_ip_fragments":0,"tcp_c2s_rtx_pkts":0,"tcp_c2s_rtx_bytes":0,"tcp_s2c_rtx_pkts":0,"tcp_s2c_rtx_bytes":0,"tcp_c2s_o3_pkts":0,"tcp_s2c_o3_pkts":0,"tcp_c2s_lost_bytes":0,"tcp_s2c_lost_bytes":0,"flags":0,"flags_identify_info":[1,1],"fqdn_category_list":[0],"monitor_rule_list":[0],"security_rule_list":[0],"sc_rule_list":[0],"shaping_rule_list":[0],"proxy_rule_list":[0],"statistics_rule_list":[0],"monitor_mirrored_pkts":0,"monitor_mirrored_bytes":0,"client_os_desc":"Windows","server_os_desc":"Linux","dup_traffic_flag":0,"sc_rsp_raw":[0],"encapsulation":"[{\"tunnels_schema_type\":\"ETHERNET\",\"source_mac\":\"00:1A:2B:3C:4D:5E\",\"destination_mac\":\"5E:4D:3C:2B:1A:00\"}]","ssl_ja3_hash":"","ssl_esni_flag":0,"ssl_ech_flag":0,"ssl_sni":"storeedgefd.dsx.mp.microsoft.com","ssl_ja3s_hash":"","ssl_version":"v3","ssl_cn":"sfdataservice.microsoft.com","ssl_cert_issuer":"","ssl_cert_subject":"","ssl_san":"","ssl_handshake_latency_ms":0,"client_ip_tags":["Country Code:Private Network"],"server_ip_tags":["Cloud Provider:TEST"]} -{"__timestamp":946681200,"__inputid":"tsg_olap","session_id":10240004,"decoded_as":"DNS","ip_protocol":"udp","address_type":4,"client_ip":"10.0.0.4","server_ip":"192.0.2.4","client_port":1000,"server_port":60000,"t_vsys_id":0,"vsys_id":1024,"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","sled_ip":"127.0.0.1","app":"unknown","app_transition":"","client_geolocation":"unknown","server_geolocation":"unknown","decoded_path":"ETHERNET.IPv4.UDP.dns","server_fqdn":"","out_src_mac":"00:1A:2B:3C:4D:5E","out_dest_mac":"5E:4D:3C:2B:1A:00","start_timestamp_ms":946681200000,"end_timestamp_ms":946681200000,"tcp_rtt_ms":0,"tcp_client_isn":0,"tcp_server_isn":0,"tcp_handshake_latency_ms":0,"in_link_id":0,"out_link_id":0,"duration_ms":0,"sent_pkts":0,"sent_bytes":0,"received_pkts":0,"received_bytes":0,"tcp_c2s_ip_fragments":0,"tcp_s2c_ip_fragments":0,"tcp_c2s_rtx_pkts":0,"tcp_c2s_rtx_bytes":0,"tcp_s2c_rtx_pkts":0,"tcp_s2c_rtx_bytes":0,"tcp_c2s_o3_pkts":0,"tcp_s2c_o3_pkts":0,"tcp_c2s_lost_bytes":0,"tcp_s2c_lost_bytes":0,"flags":0,"flags_identify_info":[1,1],"fqdn_category_list":[0],"monitor_rule_list":[0],"security_rule_list":[0],"sc_rule_list":[0],"shaping_rule_list":[0],"proxy_rule_list":[0],"statistics_rule_list":[0],"monitor_mirrored_pkts":0,"monitor_mirrored_bytes":0,"client_os_desc":"Windows","server_os_desc":"Linux","dup_traffic_flag":0,"sc_rsp_raw":[0],"encapsulation":"[{\"tunnels_schema_type\":\"ETHERNET\",\"source_mac\":\"00:1A:2B:3C:4D:5E\",\"destination_mac\":\"5E:4D:3C:2B:1A:00\"}]","dns_response_latency_ms":0,"dns_qr":1,"dns_aa":0,"dns_message_id":47610,"dns_opcode":0,"dns_ra":1,"dns_rcode":0,"dns_rd":1,"dns_tc":0,"dns_qdcount":1,"dns_ancount":1,"dns_nscount":6,"dns_arcount":13,"dns_qname":"","dns_qtype":1,"dns_qclass":1} -{"__timestamp":946681200,"__inputid":"tsg_olap","session_id":10240005,"decoded_as":"QUIC","ip_protocol":"udp","address_type":4,"client_ip":"10.0.0.5","server_ip":"192.0.2.5","client_port":1000,"server_port":60000,"t_vsys_id":0,"vsys_id":1024,"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","sled_ip":"127.0.0.1","app":"unknown","app_transition":"","client_geolocation":"unknown","server_geolocation":"unknown","decoded_path":"ETHERNET.IPv4.UDP.quic","server_fqdn":"","out_src_mac":"00:1A:2B:3C:4D:5E","out_dest_mac":"5E:4D:3C:2B:1A:00","start_timestamp_ms":946681200000,"end_timestamp_ms":946681200000,"tcp_rtt_ms":0,"tcp_client_isn":0,"tcp_server_isn":0,"tcp_handshake_latency_ms":0,"in_link_id":0,"out_link_id":0,"duration_ms":0,"sent_pkts":0,"sent_bytes":0,"received_pkts":0,"received_bytes":0,"tcp_c2s_ip_fragments":0,"tcp_s2c_ip_fragments":0,"tcp_c2s_rtx_pkts":0,"tcp_c2s_rtx_bytes":0,"tcp_s2c_rtx_pkts":0,"tcp_s2c_rtx_bytes":0,"tcp_c2s_o3_pkts":0,"tcp_s2c_o3_pkts":0,"tcp_c2s_lost_bytes":0,"tcp_s2c_lost_bytes":0,"flags":0,"flags_identify_info":[1,1],"fqdn_category_list":[0],"monitor_rule_list":[0],"security_rule_list":[0],"sc_rule_list":[0],"shaping_rule_list":[0],"proxy_rule_list":[0],"statistics_rule_list":[0],"monitor_mirrored_pkts":0,"monitor_mirrored_bytes":0,"client_os_desc":"Windows","server_os_desc":"Linux","dup_traffic_flag":0,"sc_rsp_raw":[0],"encapsulation":"[{\"tunnels_schema_type\":\"ETHERNET\",\"source_mac\":\"00:1A:2B:3C:4D:5E\",\"destination_mac\":\"5E:4D:3C:2B:1A:00\"}]","quic_version":"IETF QUIC RFC9000","client_ip_tags":["Country Code:Private Network"],"server_ip_tags":["Cloud Provider:TEST"]} -{"__timestamp":946681200,"__inputid":"tsg_olap","session_id":10240006,"decoded_as":"MAIL","ip_protocol":"tcp","address_type":4,"client_ip":"10.0.0.6","server_ip":"192.0.2.6","client_port":1000,"server_port":60000,"t_vsys_id":0,"vsys_id":1024,"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","sled_ip":"127.0.0.1","app":"unknown","app_transition":"","client_geolocation":"unknown","server_geolocation":"unknown","decoded_path":"ETHERNET.IPv4.TCP.mail.imap","server_fqdn":"","out_src_mac":"00:1A:2B:3C:4D:5E","out_dest_mac":"5E:4D:3C:2B:1A:00","start_timestamp_ms":946681200000,"end_timestamp_ms":946681200000,"tcp_rtt_ms":0,"tcp_client_isn":0,"tcp_server_isn":0,"tcp_handshake_latency_ms":0,"in_link_id":0,"out_link_id":0,"duration_ms":0,"sent_pkts":0,"sent_bytes":0,"received_pkts":0,"received_bytes":0,"tcp_c2s_ip_fragments":0,"tcp_s2c_ip_fragments":0,"tcp_c2s_rtx_pkts":0,"tcp_c2s_rtx_bytes":0,"tcp_s2c_rtx_pkts":0,"tcp_s2c_rtx_bytes":0,"tcp_c2s_o3_pkts":0,"tcp_s2c_o3_pkts":0,"tcp_c2s_lost_bytes":0,"tcp_s2c_lost_bytes":0,"flags":0,"flags_identify_info":[1,1],"fqdn_category_list":[0],"monitor_rule_list":[0],"security_rule_list":[0],"sc_rule_list":[0],"shaping_rule_list":[0],"proxy_rule_list":[0],"statistics_rule_list":[0],"monitor_mirrored_pkts":0,"monitor_mirrored_bytes":0,"client_os_desc":"Windows","server_os_desc":"Linux","dup_traffic_flag":0,"sc_rsp_raw":[0],"encapsulation":"[{\"tunnels_schema_type\":\"ETHERNET\",\"source_mac\":\"00:1A:2B:3C:4D:5E\",\"destination_mac\":\"5E:4D:3C:2B:1A:00\"}]","mail_protocol_type":"IMAP","mail_eml_file":"123e4567-e89b-12d3-a456-426614174004","client_ip_tags":["Country Code:Private Network"],"server_ip_tags":["Cloud Provider:TEST"]} -{"__timestamp":946681200,"__inputid":"tsg_olap","session_id":10240007,"decoded_as":"SSH","ip_protocol":"tcp","address_type":4,"client_ip":"10.0.0.7","server_ip":"192.0.2.7","client_port":1000,"server_port":60000,"t_vsys_id":0,"vsys_id":1024,"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","sled_ip":"127.0.0.1","app":"unknown","app_transition":"","client_geolocation":"unknown","server_geolocation":"unknown","decoded_path":"ETHERNET.IPv4.TCP.ssh","server_fqdn":"","out_src_mac":"00:1A:2B:3C:4D:5E","out_dest_mac":"5E:4D:3C:2B:1A:00","start_timestamp_ms":946681200000,"end_timestamp_ms":946681200000,"tcp_rtt_ms":0,"tcp_client_isn":0,"tcp_server_isn":0,"tcp_handshake_latency_ms":0,"in_link_id":0,"out_link_id":0,"duration_ms":0,"sent_pkts":0,"sent_bytes":0,"received_pkts":0,"received_bytes":0,"tcp_c2s_ip_fragments":0,"tcp_s2c_ip_fragments":0,"tcp_c2s_rtx_pkts":0,"tcp_c2s_rtx_bytes":0,"tcp_s2c_rtx_pkts":0,"tcp_s2c_rtx_bytes":0,"tcp_c2s_o3_pkts":0,"tcp_s2c_o3_pkts":0,"tcp_c2s_lost_bytes":0,"tcp_s2c_lost_bytes":0,"flags":0,"flags_identify_info":[1,1],"fqdn_category_list":[0],"monitor_rule_list":[0],"security_rule_list":[0],"sc_rule_list":[0],"shaping_rule_list":[0],"proxy_rule_list":[0],"statistics_rule_list":[0],"monitor_mirrored_pkts":0,"monitor_mirrored_bytes":0,"client_os_desc":"Windows","server_os_desc":"Linux","dup_traffic_flag":0,"sc_rsp_raw":[0],"encapsulation":"[{\"tunnels_schema_type\":\"ETHERNET\",\"source_mac\":\"00:1A:2B:3C:4D:5E\",\"destination_mac\":\"5E:4D:3C:2B:1A:00\"}]","ssh_server_version":"SSH-2.0-OpenSSH_7.4","ssh_client_version":"SSH-2.0-OpenSSH_9.0","ssh_version":2,"ssh_hassh":"0","ssh_kex_alg":"curve25519-sha256","ssh_host_key_alg":"ssh-ed25519","ssh_cipher_alg":"[email protected]","ssh_mac_alg":"[email protected]","ssh_compression_alg":"none","ssh_host_key":"0","client_ip_tags":["Country Code:Private Network"],"server_ip_tags":["Cloud Provider:TEST"]} +{"__timestamp":946681200,"__inputid":"tsg_olap","session_id":10240001,"decoded_as":"BASE","ip_protocol":"tcp","address_type":4,"client_ip":"10.0.0.1","server_ip":"192.0.2.1","client_port":1000,"server_port":60000,"t_vsys_id":0,"vsys_id":1024,"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","sled_ip":"127.0.0.1","app":"unknown","app_transition":"","client_geolocation":"unknown","server_geolocation":"unknown","decoded_path":"ETHERNET.IPv4.TCP","server_fqdn":"","out_src_mac":"00:1A:2B:3C:4D:5E","out_dest_mac":"5E:4D:3C:2B:1A:00","start_timestamp_ms":946681200000,"end_timestamp_ms":946681200000,"tcp_rtt_ms":0,"tcp_client_isn":0,"tcp_server_isn":0,"tcp_handshake_latency_ms":0,"in_link_id":0,"out_link_id":0,"duration_ms":0,"sent_pkts":0,"sent_bytes":0,"received_pkts":0,"received_bytes":0,"tcp_c2s_ip_fragments":0,"tcp_s2c_ip_fragments":0,"tcp_c2s_rtx_pkts":0,"tcp_c2s_rtx_bytes":0,"tcp_s2c_rtx_pkts":0,"tcp_s2c_rtx_bytes":0,"tcp_c2s_o3_pkts":0,"tcp_s2c_o3_pkts":0,"tcp_c2s_lost_bytes":0,"tcp_s2c_lost_bytes":0,"flags":0,"flags_identify_info":[1,1],"fqdn_category_list":[0],"monitor_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"security_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"sc_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"shaping_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"proxy_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"statistics_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"monitor_mirrored_pkts":0,"monitor_mirrored_bytes":0,"client_os_desc":"Windows","server_os_desc":"Linux","dup_traffic_flag":0,"sc_rsp_raw":[0],"encapsulation":"[{\"tunnels_schema_type\":\"ETHERNET\",\"source_mac\":\"00:1A:2B:3C:4D:5E\",\"destination_mac\":\"5E:4D:3C:2B:1A:00\"}]","client_ip_tags":["Country Code:Private Network"],"server_ip_tags":["Cloud Provider:TEST"]} +{"__timestamp":946681200,"__inputid":"tsg_olap","session_id":10240002,"decoded_as":"HTTP","ip_protocol":"tcp","address_type":4,"client_ip":"10.0.0.2","server_ip":"192.0.2.2","client_port":1000,"server_port":60000,"t_vsys_id":0,"vsys_id":1024,"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","sled_ip":"127.0.0.1","app":"unknown","app_transition":"","client_geolocation":"unknown","server_geolocation":"unknown","decoded_path":"ETHERNET.IPv4.TCP.HTTP","server_fqdn":"static-pcs-sdk-server.test.com","out_src_mac":"00:1A:2B:3C:4D:5E","out_dest_mac":"5E:4D:3C:2B:1A:00","start_timestamp_ms":946681200000,"end_timestamp_ms":946681200000,"tcp_rtt_ms":0,"tcp_client_isn":0,"tcp_server_isn":0,"tcp_handshake_latency_ms":0,"in_link_id":0,"out_link_id":0,"duration_ms":0,"sent_pkts":0,"sent_bytes":0,"received_pkts":0,"received_bytes":0,"tcp_c2s_ip_fragments":0,"tcp_s2c_ip_fragments":0,"tcp_c2s_rtx_pkts":0,"tcp_c2s_rtx_bytes":0,"tcp_s2c_rtx_pkts":0,"tcp_s2c_rtx_bytes":0,"tcp_c2s_o3_pkts":0,"tcp_s2c_o3_pkts":0,"tcp_c2s_lost_bytes":0,"tcp_s2c_lost_bytes":0,"flags":0,"flags_identify_info":[1,1],"fqdn_category_list":[0],"monitor_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"security_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"sc_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"shaping_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"proxy_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"statistics_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"monitor_mirrored_pkts":0,"monitor_mirrored_bytes":0,"client_os_desc":"Windows","server_os_desc":"Linux","dup_traffic_flag":0,"sc_rsp_raw":[0],"encapsulation":"[{\"tunnels_schema_type\":\"ETHERNET\",\"source_mac\":\"00:1A:2B:3C:4D:5E\",\"destination_mac\":\"5E:4D:3C:2B:1A:00\"}]","packet_capture_file":"123e4567-e89b-12d3-a456-426614174001","http_request_body":"123e4567-e89b-12d3-a456-426614174002","http_response_body":"123e4567-e89b-12d3-a456-426614174003","http_version":"http1","http_request_line":"POST /a HTTP/1.1","http_user_agent":"WinHttpClient","http_request_content_length":0,"http_host":"static-pcs-sdk-server.test.com","http_url":"static-pcs-sdk-server.test.com/a","http_status_code":200,"http_response_line":"HTTP/1.1 200 OK","http_response_content_type":"application/json;charset=UTF-8","http_response_content_length":0,"http_response_latency_ms":0,"http_session_duration_ms":0,"http_sequence":1,"client_ip_tags":["Country Code:Private Network"],"server_ip_tags":["Cloud Provider:TEST"]} +{"__timestamp":946681200,"__inputid":"tsg_olap","session_id":10240003,"decoded_as":"SSL","ip_protocol":"tcp","address_type":4,"client_ip":"10.0.0.3","server_ip":"192.0.2.3","client_port":1000,"server_port":60000,"t_vsys_id":0,"vsys_id":1024,"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","sled_ip":"127.0.0.1","app":"unknown","app_transition":"","client_geolocation":"unknown","server_geolocation":"unknown","decoded_path":"ETHERNET.IPv4.TCP.ssl","server_fqdn":"storeedgefd.dsx.mp.microsoft.com","out_src_mac":"00:1A:2B:3C:4D:5E","out_dest_mac":"5E:4D:3C:2B:1A:00","start_timestamp_ms":946681200000,"end_timestamp_ms":946681200000,"tcp_rtt_ms":0,"tcp_client_isn":0,"tcp_server_isn":0,"tcp_handshake_latency_ms":0,"in_link_id":0,"out_link_id":0,"duration_ms":0,"sent_pkts":0,"sent_bytes":0,"received_pkts":0,"received_bytes":0,"tcp_c2s_ip_fragments":0,"tcp_s2c_ip_fragments":0,"tcp_c2s_rtx_pkts":0,"tcp_c2s_rtx_bytes":0,"tcp_s2c_rtx_pkts":0,"tcp_s2c_rtx_bytes":0,"tcp_c2s_o3_pkts":0,"tcp_s2c_o3_pkts":0,"tcp_c2s_lost_bytes":0,"tcp_s2c_lost_bytes":0,"flags":0,"flags_identify_info":[1,1],"fqdn_category_list":[0],"monitor_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"security_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"sc_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"shaping_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"proxy_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"statistics_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"monitor_mirrored_pkts":0,"monitor_mirrored_bytes":0,"client_os_desc":"Windows","server_os_desc":"Linux","dup_traffic_flag":0,"sc_rsp_raw":[0],"encapsulation":"[{\"tunnels_schema_type\":\"ETHERNET\",\"source_mac\":\"00:1A:2B:3C:4D:5E\",\"destination_mac\":\"5E:4D:3C:2B:1A:00\"}]","ssl_ja3_hash":"","ssl_esni_flag":0,"ssl_ech_flag":0,"ssl_sni":"storeedgefd.dsx.mp.microsoft.com","ssl_ja3s_hash":"","ssl_version":"v3","ssl_cn":"sfdataservice.microsoft.com","ssl_cert_issuer":"","ssl_cert_subject":"","ssl_san":"","ssl_handshake_latency_ms":0,"client_ip_tags":["Country Code:Private Network"],"server_ip_tags":["Cloud Provider:TEST"]} +{"__timestamp":946681200,"__inputid":"tsg_olap","session_id":10240004,"decoded_as":"DNS","ip_protocol":"udp","address_type":4,"client_ip":"10.0.0.4","server_ip":"192.0.2.4","client_port":1000,"server_port":60000,"t_vsys_id":0,"vsys_id":1024,"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","sled_ip":"127.0.0.1","app":"unknown","app_transition":"","client_geolocation":"unknown","server_geolocation":"unknown","decoded_path":"ETHERNET.IPv4.UDP.dns","server_fqdn":"","out_src_mac":"00:1A:2B:3C:4D:5E","out_dest_mac":"5E:4D:3C:2B:1A:00","start_timestamp_ms":946681200000,"end_timestamp_ms":946681200000,"tcp_rtt_ms":0,"tcp_client_isn":0,"tcp_server_isn":0,"tcp_handshake_latency_ms":0,"in_link_id":0,"out_link_id":0,"duration_ms":0,"sent_pkts":0,"sent_bytes":0,"received_pkts":0,"received_bytes":0,"tcp_c2s_ip_fragments":0,"tcp_s2c_ip_fragments":0,"tcp_c2s_rtx_pkts":0,"tcp_c2s_rtx_bytes":0,"tcp_s2c_rtx_pkts":0,"tcp_s2c_rtx_bytes":0,"tcp_c2s_o3_pkts":0,"tcp_s2c_o3_pkts":0,"tcp_c2s_lost_bytes":0,"tcp_s2c_lost_bytes":0,"flags":0,"flags_identify_info":[1,1],"fqdn_category_list":[0],"monitor_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"security_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"sc_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"shaping_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"proxy_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"statistics_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"monitor_mirrored_pkts":0,"monitor_mirrored_bytes":0,"client_os_desc":"Windows","server_os_desc":"Linux","dup_traffic_flag":0,"sc_rsp_raw":[0],"encapsulation":"[{\"tunnels_schema_type\":\"ETHERNET\",\"source_mac\":\"00:1A:2B:3C:4D:5E\",\"destination_mac\":\"5E:4D:3C:2B:1A:00\"}]","dns_response_latency_ms":0,"dns_qr":1,"dns_aa":0,"dns_message_id":47610,"dns_opcode":0,"dns_ra":1,"dns_rcode":0,"dns_rd":1,"dns_tc":0,"dns_qdcount":1,"dns_ancount":1,"dns_nscount":6,"dns_arcount":13,"dns_qname":"","dns_qtype":1,"dns_qclass":1} +{"__timestamp":946681200,"__inputid":"tsg_olap","session_id":10240005,"decoded_as":"QUIC","ip_protocol":"udp","address_type":4,"client_ip":"10.0.0.5","server_ip":"192.0.2.5","client_port":1000,"server_port":60000,"t_vsys_id":0,"vsys_id":1024,"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","sled_ip":"127.0.0.1","app":"unknown","app_transition":"","client_geolocation":"unknown","server_geolocation":"unknown","decoded_path":"ETHERNET.IPv4.UDP.quic","server_fqdn":"","out_src_mac":"00:1A:2B:3C:4D:5E","out_dest_mac":"5E:4D:3C:2B:1A:00","start_timestamp_ms":946681200000,"end_timestamp_ms":946681200000,"tcp_rtt_ms":0,"tcp_client_isn":0,"tcp_server_isn":0,"tcp_handshake_latency_ms":0,"in_link_id":0,"out_link_id":0,"duration_ms":0,"sent_pkts":0,"sent_bytes":0,"received_pkts":0,"received_bytes":0,"tcp_c2s_ip_fragments":0,"tcp_s2c_ip_fragments":0,"tcp_c2s_rtx_pkts":0,"tcp_c2s_rtx_bytes":0,"tcp_s2c_rtx_pkts":0,"tcp_s2c_rtx_bytes":0,"tcp_c2s_o3_pkts":0,"tcp_s2c_o3_pkts":0,"tcp_c2s_lost_bytes":0,"tcp_s2c_lost_bytes":0,"flags":0,"flags_identify_info":[1,1],"fqdn_category_list":[0],"monitor_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"security_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"sc_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"shaping_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"proxy_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"statistics_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"monitor_mirrored_pkts":0,"monitor_mirrored_bytes":0,"client_os_desc":"Windows","server_os_desc":"Linux","dup_traffic_flag":0,"sc_rsp_raw":[0],"encapsulation":"[{\"tunnels_schema_type\":\"ETHERNET\",\"source_mac\":\"00:1A:2B:3C:4D:5E\",\"destination_mac\":\"5E:4D:3C:2B:1A:00\"}]","quic_version":"IETF QUIC RFC9000","client_ip_tags":["Country Code:Private Network"],"server_ip_tags":["Cloud Provider:TEST"]} +{"__timestamp":946681200,"__inputid":"tsg_olap","session_id":10240006,"decoded_as":"MAIL","ip_protocol":"tcp","address_type":4,"client_ip":"10.0.0.6","server_ip":"192.0.2.6","client_port":1000,"server_port":60000,"t_vsys_id":0,"vsys_id":1024,"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","sled_ip":"127.0.0.1","app":"unknown","app_transition":"","client_geolocation":"unknown","server_geolocation":"unknown","decoded_path":"ETHERNET.IPv4.TCP.mail.imap","server_fqdn":"","out_src_mac":"00:1A:2B:3C:4D:5E","out_dest_mac":"5E:4D:3C:2B:1A:00","start_timestamp_ms":946681200000,"end_timestamp_ms":946681200000,"tcp_rtt_ms":0,"tcp_client_isn":0,"tcp_server_isn":0,"tcp_handshake_latency_ms":0,"in_link_id":0,"out_link_id":0,"duration_ms":0,"sent_pkts":0,"sent_bytes":0,"received_pkts":0,"received_bytes":0,"tcp_c2s_ip_fragments":0,"tcp_s2c_ip_fragments":0,"tcp_c2s_rtx_pkts":0,"tcp_c2s_rtx_bytes":0,"tcp_s2c_rtx_pkts":0,"tcp_s2c_rtx_bytes":0,"tcp_c2s_o3_pkts":0,"tcp_s2c_o3_pkts":0,"tcp_c2s_lost_bytes":0,"tcp_s2c_lost_bytes":0,"flags":0,"flags_identify_info":[1,1],"fqdn_category_list":[0],"monitor_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"security_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"sc_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"shaping_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"proxy_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"statistics_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"monitor_mirrored_pkts":0,"monitor_mirrored_bytes":0,"client_os_desc":"Windows","server_os_desc":"Linux","dup_traffic_flag":0,"sc_rsp_raw":[0],"encapsulation":"[{\"tunnels_schema_type\":\"ETHERNET\",\"source_mac\":\"00:1A:2B:3C:4D:5E\",\"destination_mac\":\"5E:4D:3C:2B:1A:00\"}]","mail_protocol_type":"IMAP","mail_eml_file":"123e4567-e89b-12d3-a456-426614174004","client_ip_tags":["Country Code:Private Network"],"server_ip_tags":["Cloud Provider:TEST"]} +{"__timestamp":946681200,"__inputid":"tsg_olap","session_id":10240007,"decoded_as":"SSH","ip_protocol":"tcp","address_type":4,"client_ip":"10.0.0.7","server_ip":"192.0.2.7","client_port":1000,"server_port":60000,"t_vsys_id":0,"vsys_id":1024,"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","sled_ip":"127.0.0.1","app":"unknown","app_transition":"","client_geolocation":"unknown","server_geolocation":"unknown","decoded_path":"ETHERNET.IPv4.TCP.ssh","server_fqdn":"","out_src_mac":"00:1A:2B:3C:4D:5E","out_dest_mac":"5E:4D:3C:2B:1A:00","start_timestamp_ms":946681200000,"end_timestamp_ms":946681200000,"tcp_rtt_ms":0,"tcp_client_isn":0,"tcp_server_isn":0,"tcp_handshake_latency_ms":0,"in_link_id":0,"out_link_id":0,"duration_ms":0,"sent_pkts":0,"sent_bytes":0,"received_pkts":0,"received_bytes":0,"tcp_c2s_ip_fragments":0,"tcp_s2c_ip_fragments":0,"tcp_c2s_rtx_pkts":0,"tcp_c2s_rtx_bytes":0,"tcp_s2c_rtx_pkts":0,"tcp_s2c_rtx_bytes":0,"tcp_c2s_o3_pkts":0,"tcp_s2c_o3_pkts":0,"tcp_c2s_lost_bytes":0,"tcp_s2c_lost_bytes":0,"flags":0,"flags_identify_info":[1,1],"fqdn_category_list":[0],"monitor_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"security_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"sc_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"shaping_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"proxy_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"statistics_rule_uuid_list":["00000000-0000-0000-0000-000000000000"],"monitor_mirrored_pkts":0,"monitor_mirrored_bytes":0,"client_os_desc":"Windows","server_os_desc":"Linux","dup_traffic_flag":0,"sc_rsp_raw":[0],"encapsulation":"[{\"tunnels_schema_type\":\"ETHERNET\",\"source_mac\":\"00:1A:2B:3C:4D:5E\",\"destination_mac\":\"5E:4D:3C:2B:1A:00\"}]","ssh_server_version":"SSH-2.0-OpenSSH_7.4","ssh_client_version":"SSH-2.0-OpenSSH_9.0","ssh_version":2,"ssh_hassh":"0","ssh_kex_alg":"curve25519-sha256","ssh_host_key_alg":"ssh-ed25519","ssh_cipher_alg":"[email protected]","ssh_mac_alg":"[email protected]","ssh_compression_alg":"none","ssh_host_key":"0","client_ip_tags":["Country Code:Private Network"],"server_ip_tags":["Cloud Provider:TEST"]}
\ No newline at end of file |