userguide: formatting: remove tabs

6 years ago · a66383569c
parent c68510437f
commit a66383569c
1 changed files with 72 additions and 78 deletions
--- a/doc/userguide/output/eve/eve-json-format.rst
+++ b/doc/userguide/output/eve/eve-json-format.rst
@ -146,84 +146,78 @@ Examples

 ::

-	"anomaly": {
-	  "type": "packet",
-	  "event": "decoder.udp.pkt_too_small"
-	}
-
-	{
-	  "timestamp": "2016-01-17T13:26:30.841742-0800",
-	  "flow_id": 1848021463489450,
-	  "pcap_cnt": 1393890,
-	  "event_type": "anomaly",
-	  "src_ip": "192.168.81.128",
-	  "src_port": 50105,
-	  "dest_ip": "31.148.99.125",
-	  "dest_port": 80,
-	  "proto": "TCP",
-	  "anomaly": {
-		"type": "stream",
-		"event": "stream.reassembly_seq_gap"
-	  }
-	}
-
-	{
-	  "timestamp": "1969-12-31T16:04:21.000000-0800",
-	  "pcap_cnt": 9262,
-	  "event_type": "anomaly",
-	  "src_ip": "208.21.2.184",
-	  "src_port": 0,
-	  "dest_ip": "10.1.1.99",
-	  "dest_port": 0,
-	  "proto": "UDP",
-	  "packet": "////////AQEBAQEBCABFAAA8xZ5AAP8R1+DQFQK4CgE=",
-	  "packet_info": {
-		"linktype": 1
-	  },
-	  "anomaly": {
-		"type": "packet",
-		"event": "decoder.udp.pkt_too_small"
-	  }
-	}
-
-	{
-	  "timestamp": "2016-01-11T05:10:54.612110-0800",
-	  "flow_id": 412547343494194,
-	  "pcap_cnt": 1391293,
-	  "event_type": "anomaly",
-	  "src_ip": "192.168.122.149",
-	  "src_port": 49324,
-	  "dest_ip": "69.195.71.174",
-	  "dest_port": 443,
-	  "proto": "TCP",
-	  "app_proto": "tls",
-	  "anomaly": {
-		"type": "applayer",
-		"event": "APPLAYER_DETECT_PROTOCOL_ONLY_ONE_DIRECTION",
-		"event_no": "1 (of 1)",
-		"layer": "proto_detect"
-	  }
-	}
-
-	{
-	  "timestamp": "2016-01-11T05:10:52.828802-0800",
-	  "flow_id": 201217772575257,
-	  "pcap_cnt": 1391281,
-	  "event_type": "anomaly",
-	  "src_ip": "192.168.122.149",
-	  "src_port": 49323,
-	  "dest_ip": "69.195.71.174",
-	  "dest_port": 443,
-	  "proto": "TCP",
-	  "tx_id": 0,
-	  "app_proto": "tls",
-	  "anomaly": {
-		"type": "applayer",
-		"event": "INVALID_RECORD_TYPE",
-		"event_no": "1 (of 3)",
-		"layer": "proto_parser"
-	  }
-	}
+    "anomaly": {
+      "type": "packet",
+      "event": "decoder.icmpv4.unknown_type"
+    }
+
+    "anomaly": {
+      "type": "packet",
+      "event": "decoder.udp.pkt_too_small"
+    }
+
+    "anomaly": {
+      "type": "packet",
+      "event": "decoder.ipv4.wrong_ip_version"
+    }
+
+    {
+      "timestamp": "1969-12-31T16:04:21.000000-0800",
+      "pcap_cnt": 9262,
+      "event_type": "anomaly",
+      "src_ip": "208.21.2.184",
+      "src_port": 0,
+      "dest_ip": "10.1.1.99",
+      "dest_port": 0,
+      "proto": "UDP",
+      "packet": "////////AQEBAQEBCABFAAA8xZ5AAP8R1+DQFQK4CgE=",
+      "packet_info": {
+        "linktype": 1
+      },
+      "anomaly": {
+        "type": "packet",
+        "event": "decoder.udp.pkt_too_small"
+      }
+    }
+
+    {
+      "timestamp": "2016-01-11T05:10:54.612110-0800",
+      "flow_id": 412547343494194,
+      "pcap_cnt": 1391293,
+      "event_type": "anomaly",
+      "src_ip": "192.168.122.149",
+      "src_port": 49324,
+      "dest_ip": "69.195.71.174",
+      "dest_port": 443,
+      "proto": "TCP",
+      "app_proto": "tls",
+      "anomaly": {
+        "type": "applayer",
+        "event": "APPLAYER_DETECT_PROTOCOL_ONLY_ONE_DIRECTION",
+        "event_no": "1 (of 1)",
+        "layer": "proto_detect"
+      }
+    }
+
+    {
+      "timestamp": "2016-01-11T05:10:52.828802-0800",
+      "flow_id": 201217772575257,
+      "pcap_cnt": 1391281,
+      "event_type": "anomaly",
+      "src_ip": "192.168.122.149",
+      "src_port": 49323,
+      "dest_ip": "69.195.71.174",
+      "dest_port": 443,
+      "proto": "TCP",
+      "tx_id": 0,
+      "app_proto": "tls",
+      "anomaly": {
+        "type": "applayer",
+        "event": "INVALID_RECORD_TYPE",
+        "event_no": "1 (of 3)",
+        "layer": "proto_parser"
+      }
+    }

 Event type: HTTP
 ----------------