aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'f35052941d'
${ noResults }
suricata/etc/schema.json

5508 lines
206 KiB
JSON
Raw Blame History

{
"type": "object",
"additionalProperties": false,
"required": [
"event_type",
"timestamp"
],
"properties": {
"app_proto": {
"type": "string"
},
"app_proto_expected": {
"type": "string"
},
"app_proto_orig": {
"type": "string"
},
"app_proto_tc": {
"type": "string"
},
"app_proto_ts": {
"type": "string"
},
"capture_file": {
"type": "string"
},
"community_id": {
"type": "string"
},
"dest_ip": {
"type": "string"
},
"dest_port": {
"type": "integer"
},
"event_type": {
"type": "string"
},
"flow_id": {
"type": "integer"
},
"icmp_code": {
"type": "integer"
},
"icmp_type": {
"type": "integer"
},
"log_level": {
"type": "string"
},
"packet": {
"type": "string"
},
"parent_id": {
"type": "integer"
},
"payload": {
"type": "string"
},
"payload_printable": {
"type": "string"
},
"pcap_cnt": {
"type": "integer"
},
"pcap_filename": {
"type": "string"
},
"pkt_src": {
"type": "string"
},
"proto": {
"type": "string"
},
"response_icmp_code": {
"type": "integer"
},
"response_icmp_type": {
"type": "integer"
},
"spi": {
"type": "integer"
},
"src_ip": {
"type": "string"
},
"src_port": {
"type": "integer"
},
"stream": {
"type": "integer"
},
"timestamp": {
"type": "string",
"pattern": "^\\d{4}-\\d{2}-\\d{2}T\\d{2}:\\d{2}:\\d{2}\\.\\d+[+\\-]\\d+$"
},
"verdict": {
"$ref": "#/$defs/verdict_type"
},
"direction": {
"type": "string"
},
"tx_id": {
"type": "integer"
},
"files": {
"type": "array",
"minItems": 1,
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"end": {
"type": "integer"
},
"filename": {
"type": "string"
},
"file_id": {
"type": "integer"
},
"gaps": {
"type": "boolean"
},
"magic": {
"type": "string"
},
"md5": {
"type": "string"
},
"sha1": {
"type": "string"
},
"sha256": {
"type": "string"
},
"size": {
"type": "integer"
},
"start": {
"type": "integer"
},
"state": {
"type": "string"
},
"stored": {
"type": "boolean"
},
"tx_id": {
"type": "integer"
},
"sid": {
"type": "array",
"minItems": 1,
"items": {
"type": "integer"
}
}
}
}
},
"vlan": {
"type": "array",
"minItems": 1,
"items": {
"type": "number"
}
},
"alert": {
"type": "object",
"properties": {
"action": {
"type": "string"
},
"category": {
"type": "string"
},
"gid": {
"type": "integer"
},
"rev": {
"type": "integer"
},
"rule": {
"type": "string"
},
"severity": {
"type": "integer"
},
"signature": {
"type": "string"
},
"signature_id": {
"type": "integer"
},
"xff": {
"type": "string"
},
"metadata": {
"type": "object",
"properties": {
"affected_product": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
},
"attack_target": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
},
"created_at": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
},
"deployment": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
},
"former_category": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
},
"malware_family": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
},
"policy": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
},
"signature_severity": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
},
"tag": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
},
"updated_at": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
}
},
"additionalProperties": true
},
"source": {
"type": "object",
"properties": {
"ip": {
"type": "string"
},
"port": {
"type": "integer"
}
},
"additionalProperties": false
},
"target": {
"type": "object",
"properties": {
"ip": {
"type": "string"
},
"port": {
"type": "integer"
}
},
"additionalProperties": false
}
},
"additionalProperties": false
},
"stream_tcp": {
"type": "object",
"additionalProperties": true
},
"anomaly": {
"type": "object",
"properties": {
"app_proto": {
"type": "string"
},
"event": {
"type": "string"
},
"layer": {
"type": "string"
},
"type": {
"type": "string"
}
},
"additionalProperties": false
},
"bittorrent_dht": {
"type": "object",
"properties": {
"transaction_id": {
"type": "string"
},
"client_version": {
"type": "string"
},
"request_type": {
"type": "string"
},
"request": {
"type": "object",
"additionalProperties": false,
"properties": {
"id": {
"type": "string"
},
"target": {
"type": "string"
},
"implied_port": {
"type": "integer"
},
"info_hash": {
"type": "string"
},
"port": {
"type": "integer"
},
"token": {
"type": "string"
}
}
},
"response": {
"type": "object",
"additionalProperties": false,
"required": [
"id"
],
"properties": {
"id": {
"type": "string"
},
"nodes": {
"type": "array",
"items": {
"type": "object",
"items": {
"type": "object",
"additionalProperties": false,
"required": [
"id",
"ip",
"port"
],
"properties": {
"id": {
"type": "string"
},
"ip": {
"type": "string"
},
"port": {
"type": "number"
}
}
}
}
},
"nodes6": {
"type": "array",
"items": {
"type": "object",
"additionalProperties": false,
"required": [
"id",
"ip",
"port"
],
"properties": {
"id": {
"type": "string"
},
"ip": {
"type": "string"
},
"port": {
"type": "number"
}
}
}
},
"token": {
"type": "string"
},
"values": {
"type": "array",
"items": {
"type": "object"
}
}
}
},
"error": {
"type": "object",
"additionalProperties": false,
"properties": {
"num": {
"type": "integer"
},
"msg": {
"type": "string"
}
}
}
},
"additionalProperties": false
},
"dcerpc": {
"type": "object",
"properties": {
"activityuuid": {
"type": "string"
},
"call_id": {
"type": "integer"
},
"request": {
"type": "string"
},
"response": {
"type": "string"
},
"rpc_version": {
"type": "string"
},
"seqnum": {
"type": "integer"
},
"interfaces": {
"type": "array",
"minItems": 1,
"items": {
"type": "object",
"properties": {
"ack_result": {
"type": "integer"
},
"uuid": {
"type": "string"
},
"version": {
"type": "string"
}
},
"additionalProperties": false
}
},
"req": {
"type": "object",
"properties": {
"frag_cnt": {
"type": "integer"
},
"opnum": {
"type": "integer"
},
"stub_data_size": {
"type": "integer"
}
},
"additionalProperties": false
},
"res": {
"type": "object",
"properties": {
"frag_cnt": {
"type": "integer"
},
"stub_data_size": {
"type": "integer"
}
},
"additionalProperties": false
}
},
"additionalProperties": false
},
"dhcp": {
"type": "object",
"properties": {
"assigned_ip": {
"type": "string"
},
"client_id": {
"type": "string"
},
"client_ip": {
"type": "string"
},
"client_mac": {
"type": "string"
},
"dhcp_type": {
"type": "string"
},
"hostname": {
"type": "string"
},
"id": {
"type": "integer"
},
"lease_time": {
"type": "integer"
},
"next_server_ip": {
"type": "string"
},
"rebinding_time": {
"type": "integer"
},
"relay_ip": {
"type": "string"
},
"renewal_time": {
"type": "integer"
},
"subnet_mask": {
"type": "string"
},
"type": {
"type": "string"
},
"dns_servers": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
},
"params": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
},
"routers": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
}
},
"additionalProperties": false
},
"dnp3": {
"type": "object",
"properties": {
"dst": {
"type": "integer"
},
"src": {
"type": "integer"
},
"type": {
"type": "string"
},
"application": {
"type": "object",
"properties": {
"complete": {
"type": "boolean"
},
"function_code": {
"type": "integer"
},
"objects": {
"type": "array",
"minItems": 1,
"items": {
"type": "object",
"properties": {
"count": {
"type": "integer"
},
"group": {
"type": "integer"
},
"prefix_code": {
"type": "integer"
},
"qualifier": {
"type": "integer"
},
"range_code": {
"type": "integer"
},
"start": {
"type": "integer"
},
"stop": {
"type": "integer"
},
"variation": {
"type": "integer"
},
"points": {
"type": "array",
"minItems": 1,
"items": {
"type": "object",
"additionalProperties": true
}
}
},
"additionalProperties": false
}
},
"control": {
"type": "object",
"properties": {
"con": {
"type": "boolean"
},
"fin": {
"type": "boolean"
},
"fir": {
"type": "boolean"
},
"sequence": {
"type": "integer"
},
"uns": {
"type": "boolean"
}
},
"additionalProperties": false
}
},
"additionalProperties": false
},
"control": {
"type": "object",
"properties": {
"dir": {
"type": "boolean"
},
"fcb": {
"type": "boolean"
},
"fcv": {
"type": "boolean"
},
"function_code": {
"type": "integer"
},
"pri": {
"type": "boolean"
}
},
"additionalProperties": false
},
"iin": {
"type": "object",
"properties": {
"indicators": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
}
},
"additionalProperties": false
},
"request": {
"type": "object",
"properties": {
"dst": {
"type": "integer"
},
"src": {
"type": "integer"
},
"type": {
"type": "string"
},
"application": {
"type": "object",
"properties": {
"complete": {
"type": "boolean"
},
"function_code": {
"type": "integer"
},
"objects": {
"type": "array",
"minItems": 1,
"items": {
"type": "object",
"properties": {
"count": {
"type": "integer"
},
"group": {
"type": "integer"
},
"prefix_code": {
"type": "integer"
},
"qualifier": {
"type": "integer"
},
"range_code": {
"type": "integer"
},
"start": {
"type": "integer"
},
"stop": {
"type": "integer"
},
"variation": {
"type": "integer"
},
"points": {
"type": "array",
"minItems": 1,
"items": {
"type": "object",
"additionalProperties": true
}
}
},
"additionalProperties": false
}
},
"control": {
"type": "object",
"properties": {
"con": {
"type": "boolean"
},
"fin": {
"type": "boolean"
},
"fir": {
"type": "boolean"
},
"sequence": {
"type": "integer"
},
"uns": {
"type": "boolean"
}
},
"additionalProperties": false
}
},
"additionalProperties": false
},
"control": {
"type": "object",
"properties": {
"dir": {
"type": "boolean"
},
"fcb": {
"type": "boolean"
},
"fcv": {
"type": "boolean"
},
"function_code": {
"type": "integer"
},
"pri": {
"type": "boolean"
}
},
"additionalProperties": false
}
},
"additionalProperties": false
},
"response": {
"type": "object",
"properties": {
"dst": {
"type": "integer"
},
"src": {
"type": "integer"
},
"type": {
"type": "string"
},
"application": {
"type": "object",
"properties": {
"complete": {
"type": "boolean"
},
"function_code": {
"type": "integer"
},
"objects": {
"type": "array",
"minItems": 1,
"items": {
"type": "object",
"properties": {
"count": {
"type": "integer"
},
"group": {
"type": "integer"
},
"prefix_code": {
"type": "integer"
},
"qualifier": {
"type": "integer"
},
"range_code": {
"type": "integer"
},
"start": {
"type": "integer"
},
"stop": {
"type": "integer"
},
"variation": {
"type": "integer"
},
"points": {
"type": "array",
"minItems": 1,
"items": {
"type": "object",
"additionalProperties": true
}
}
},
"additionalProperties": false
}
},
"control": {
"type": "object",
"properties": {
"con": {
"type": "boolean"
},
"fin": {
"type": "boolean"
},
"fir": {
"type": "boolean"
},
"sequence": {
"type": "integer"
},
"uns": {
"type": "boolean"
}
},
"additionalProperties": false
}
},
"additionalProperties": false
},
"control": {
"type": "object",
"properties": {
"dir": {
"type": "boolean"
},
"fcb": {
"type": "boolean"
},
"fcv": {
"type": "boolean"
},
"function_code": {
"type": "integer"
},
"pri": {
"type": "boolean"
}
},
"additionalProperties": false
},
"iin": {
"type": "object",
"properties": {
"indicators": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
}
},
"additionalProperties": false
}
},
"additionalProperties": false
}
},
"additionalProperties": false
},
"dns": {
"type": "object",
"properties": {
"aa": {
"type": "boolean"
},
"flags": {
"type": "string"
},
"id": {
"type": "integer"
},
"qr": {
"type": "boolean"
},
"ra": {
"type": "boolean"
},
"rcode": {
"type": "string"
},
"rd": {
"type": "boolean"
},
"rrname": {
"type": "string"
},
"rrtype": {
"type": "string"
},
"tx_id": {
"type": "integer"
},
"type": {
"type": "string"
},
"version": {
"type": "integer"
},
"opcode": {
"description": "DNS opcode as an integer",
"type": "integer"
},
"answers": {
"type": "array",
"minItems": 1,
"items": {
"type": "object",
"properties": {
"rdata": {
"type": "string"
},
"rrname": {
"type": "string"
},
"rrtype": {
"type": "string"
},
"ttl": {
"type": "integer"
},
"srv": {
"type": "object",
"properties": {
"name": {
"type": "string"
},
"port": {
"type": "integer"
},
"priority": {
"type": "integer"
},
"weight": {
"type": "integer"
}
},
"additionalProperties": false
}
},
"additionalProperties": false
}
},
"authorities": {
"type": "array",
"minItems": 1,
"items": {
"type": "object",
"properties": {
"rdata": {
"type": "string"
},
"rrname": {
"type": "string"
},
"rrtype": {
"type": "string"
},
"ttl": {
"type": "integer"
},
"soa": {
"type": "object",
"properties": {
"expire": {
"type": "integer"
},
"minimum": {
"type": "integer"
},
"mname": {
"type": "string"
},
"refresh": {
"type": "integer"
},
"retry": {
"type": "integer"
},
"rname": {
"type": "string"
},
"serial": {
"type": "integer"
}
},
"additionalProperties": false
}
},
"additionalProperties": false
}
},
"query": {
"type": "array",
"minItems": 1,
"items": {
"type": "object",
"properties": {
"id": {
"type": "integer"
},
"rrname": {
"type": "string"
},
"rrtype": {
"type": "string"
},
"tx_id": {
"type": "integer"
},
"type": {
"type": "string"
},
"z": {
"type": "boolean"
},
"opcode": {
"description": "DNS opcode as an integer",
"type": "integer"
}
},
"additionalProperties": false
}
},
"answer": {
"type": "object",
"properties": {
"flags": {
"type": "string"
},
"id": {
"type": "integer"
},
"qr": {
"type": "boolean"
},
"ra": {
"type": "boolean"
},
"rcode": {
"type": "string"
},
"rd": {
"type": "boolean"
},
"rrname": {
"type": "string"
},
"rrtype": {
"type": "string"
},
"type": {
"type": "string"
},
"version": {
"type": "integer"
},
"opcode": {
"description": "DNS opcode as an integer",
"type": "integer"
}
},
"additionalProperties": false
},
"grouped": {
"type": "object",
"properties": {
"A": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
},
"AAAA": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
},
"CNAME": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
},
"MX": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
},
"NULL": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
},
"PTR": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
},
"SRV": {
"type": "array",
"minItems": 1,
"items": {
"type": "object",
"properties": {
"name": {
"type": "string"
},
"port": {
"type": "integer"
},
"priority": {
"type": "integer"
},
"weight": {
"type": "integer"
}
},
"additionalProperties": false
}
},
"TXT": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
}
},
"additionalProperties": false
},
"z": {
"type": "boolean"
}
},
"additionalProperties": false
},
"drop": {
"type": "object",
"properties": {
"ack": {
"type": "boolean"
},
"fin": {
"type": "boolean"
},
"flowlbl": {
"type": "integer"
},
"hoplimit": {
"type": "integer"
},
"tc": {
"type": "integer"
},
"icmp_id": {
"type": "integer"
},
"icmp_seq": {
"type": "integer"
},
"ipid": {
"type": "integer"
},
"len": {
"type": "integer"
},
"psh": {
"type": "boolean"
},
"rst": {
"type": "boolean"
},
"syn": {
"type": "boolean"
},
"tcpack": {
"type": "integer"
},
"tcpres": {
"type": "integer"
},
"tcpseq": {
"type": "integer"
},
"tcpurgp": {
"type": "integer"
},
"tcpwin": {
"type": "integer"
},
"tos": {
"type": "integer"
},
"ttl": {
"type": "integer"
},
"udplen": {
"type": "integer"
},
"urg": {
"type": "boolean"
},
"reason": {
"type": "string"
},
"verdict": {
"$ref": "#/$defs/verdict_type"
}
},
"additionalProperties": false
},
"email": {
"type": "object",
"properties": {
"body_md5": {
"type": "string"
},
"date": {
"type": "string"
},
"from": {
"type": "string"
},
"status": {
"type": "string"
},
"subject": {
"type": "string"
},
"subject_md5": {
"type": "string"
},
"x_mailer": {
"type": "string"
},
"url": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
},
"attachment": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
},
"to": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
},
"has_ipv6_url": {
"type": "boolean"
},
"has_ipv4_url": {
"type": "boolean"
},
"has_exe_url": {
"type": "boolean"
},
"message_id": {
"type": "string"
}
},
"additionalProperties": false
},
"engine": {
"type": "object",
"properties": {
"error": {
"type": "string"
},
"error_code": {
"type": "integer"
},
"message": {
"type": "string"
},
"thread_name": {
"type": "string"
},
"module": {
"type": "string"
}
},
"additionalProperties": false
},
"ether": {
"type": "object",
"properties": {
"dest_mac": {
"type": "string"
},
"src_mac": {
"type": "string"
},
"dest_macs": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
},
"src_macs": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
}
},
"additionalProperties": false
},
"fileinfo": {
"type": "object",
"properties": {
"end": {
"type": "integer"
},
"file_id": {
"type": "integer"
},
"filename": {
"type": "string"
},
"gaps": {
"type": "boolean"
},
"magic": {
"type": "string"
},
"md5": {
"type": "string"
},
"sha1": {
"type": "string"
},
"sha256": {
"type": "string"
},
"size": {
"type": "integer"
},
"start": {
"type": "integer"
},
"state": {
"type": "string"
},
"stored": {
"type": "boolean"
},
"tx_id": {
"type": "integer"
},
"sid": {
"type": "array",
"minItems": 1,
"items": {
"type": "integer"
}
}
},
"additionalProperties": false
},
"flow": {
"type": "object",
"properties": {
"action": {
"type": "string"
},
"age": {
"type": "integer"
},
"alerted": {
"type": "boolean"
},
"bypass": {
"type": "string"
},
"bypassed": {
"type": "object",
"properties": {
"pkts_toserver": {
"type": "integer"
},
"pkts_toclient": {
"type": "integer"
},
"bytes_toserver": {
"type": "integer"
},
"bytes_toclient": {
"type": "integer"
}
},
"additionalProperties": false
},
"bytes_toclient": {
"type": "integer"
},
"bytes_toserver": {
"type": "integer"
},
"dest_ip": {
"type": "string"
},
"dest_port": {
"type": "integer"
},
"emergency": {
"type": "boolean"
},
"end": {
"type": "string"
},
"pkts_toclient": {
"type": "integer"
},
"pkts_toserver": {
"type": "integer"
},
"reason": {
"type": "string"
},
"src_ip": {
"type": "string"
},
"src_port": {
"type": "integer"
},
"start": {
"type": "string"
},
"state": {
"type": "string"
}
},
"additionalProperties": false
},
"frame": {
"type": "object",
"properties": {
"type": {
"type": "string"
},
"id": {
"type": "integer"
},
"direction": {
"type": "string"
},
"stream_offset": {
"type": "integer"
},
"length": {
"type": "integer"
},
"complete": {
"type": "boolean"
},
"payload": {
"type": "string"
},
"payload_printable": {
"type": "string"
},
"tx_id": {
"type": "integer"
}
},
"additionalProperties": false
},
"ftp": {
"type": "object",
"properties": {
"command": {
"type": "string"
},
"command_data": {
"type": "string"
},
"command_truncated": {
"type": "boolean"
},
"dynamic_port": {
"type": "integer"
},
"mode": {
"type": "string"
},
"reply_received": {
"type": "string"
},
"reply_truncated": {
"type": "boolean"
},
"completion_code": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
},
"reply": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
}
},
"additionalProperties": false
},
"ftp_data": {
"type": "object",
"properties": {
"command": {
"type": "string"
},
"filename": {
"type": "string"
}
},
"additionalProperties": false
},
"http": {
"type": "object",
"properties": {
"hostname": {
"type": "string"
},
"http_content_type": {
"type": "string"
},
"http_method": {
"type": "string"
},
"http_port": {
"type": "integer"
},
"http_refer": {
"type": "string"
},
"http_response_body": {
"type": "string"
},
"http_response_body_printable": {
"type": "string"
},
"http_user_agent": {
"type": "string"
},
"length": {
"type": "integer"
},
"org_src_ip": {
"type": "string"
},
"protocol": {
"type": "string"
},
"redirect": {
"type": "string"
},
"status": {
"type": "integer"
},
"true_client_ip": {
"type": "string"
},
"url": {
"type": "string"
},
"version": {
"type": "string"
},
"x_bluecoat_via": {
"type": "string"
},
"xff": {
"type": "string"
},
"request_headers": {
"type": "array",
"minItems": 1,
"items": {
"type": "object",
"properties": {
"name": {
"type": "string"
},
"table_size_update": {
"type": "integer"
},
"value": {
"type": "string"
}
},
"additionalProperties": false
}
},
"response_headers": {
"type": "array",
"minItems": 1,
"items": {
"type": "object",
"properties": {
"name": {
"type": "string"
},
"table_size_update": {
"type": "integer"
},
"value": {
"type": "string"
}
},
"additionalProperties": false
}
},
"content_range": {
"type": "object",
"properties": {
"end": {
"type": "integer"
},
"raw": {
"type": "string"
},
"size": {
"type": "integer"
},
"start": {
"type": "integer"
}
},
"additionalProperties": false
},
"http2": {
"type": "object",
"properties": {
"stream_id": {
"type": "integer"
},
"request": {
"type": "object",
"properties": {
"error_code": {
"type": "string"
},
"priority": {
"type": "integer"
},
"settings": {
"type": "array",
"minItems": 1,
"items": {
"type": "object",
"properties": {
"settings_id": {
"type": "string"
},
"settings_value": {
"type": "integer"
}
},
"additionalProperties": false
}
}
},
"additionalProperties": false
},
"response": {
"type": "object",
"properties": {
"error_code": {
"type": "string"
},
"settings": {
"type": "array",
"minItems": 1,
"items": {
"type": "object",
"properties": {
"settings_id": {
"type": "string"
},
"settings_value": {
"type": "integer"
}
},
"additionalProperties": false
}
}
},
"additionalProperties": false
}
},
"additionalProperties": false
}
},
"additionalProperties": false
},
"ike": {
"type": "object",
"optional": true,
"properties": {
"alg_auth": {
"type": "string"
},
"alg_auth_raw": {
"type": "integer"
},
"alg_dh": {
"type": "string"
},
"alg_dh_raw": {
"type": "integer"
},
"alg_enc": {
"type": "string"
},
"alg_enc_raw": {
"type": "integer"
},
"alg_hash": {
"type": "string"
},
"alg_hash_raw": {
"type": "integer"
},
"exchange_type": {
"type": "integer"
},
"exchange_type_verbose": {
"type": "string"
},
"init_spi": {
"type": "string"
},
"message_id": {
"type": "integer"
},
"resp_spi": {
"type": "string"
},
"role": {
"type": "string"
},
"sa_key_length": {
"type": "string"
},
"sa_key_length_raw": {
"type": "integer"
},
"sa_life_duration": {
"type": "string"
},
"sa_life_duration_raw": {
"type": "integer"
},
"sa_life_type": {
"type": "string"
},
"sa_life_type_raw": {
"type": "integer"
},
"version_major": {
"type": "integer"
},
"version_minor": {
"type": "integer"
},
"payload": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
},
"ikev1": {
"type": "object",
"properties": {
"doi": {
"type": "integer"
},
"encrypted_payloads": {
"type": "boolean"
},
"vendor_ids": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
},
"client": {
"type": "object",
"properties": {
"key_exchange_payload": {
"type": "string"
},
"key_exchange_payload_length": {
"type": "integer"
},
"nonce_payload": {
"type": "string"
},
"nonce_payload_length": {
"type": "integer"
},
"proposals": {
"type": "array",
"minItems": 1,
"items": {
"type": "object",
"properties": {
"alg_auth": {
"type": "string"
},
"alg_auth_raw": {
"type": "integer"
},
"alg_dh": {
"type": "string"
},
"alg_dh_raw": {
"type": "integer"
},
"alg_enc": {
"type": "string"
},
"alg_enc_raw": {
"type": "integer"
},
"alg_hash": {
"type": "string"
},
"alg_hash_raw": {
"type": "integer"
},
"sa_key_length": {
"type": "string"
},
"sa_key_length_raw": {
"type": "integer"
},
"sa_life_duration": {
"type": "string"
},
"sa_life_duration_raw": {
"type": "integer"
},
"sa_life_type": {
"type": "string"
},
"sa_life_type_raw": {
"type": "integer"
}
},
"additionalProperties": false
}
}
},
"additionalProperties": false
},
"server": {
"type": "object",
"properties": {
"key_exchange_payload": {
"type": "string"
},
"key_exchange_payload_length": {
"type": "integer"
},
"nonce_payload": {
"type": "string"
},
"nonce_payload_length": {
"type": "integer"
}
},
"additionalProperties": false
}
},
"additionalProperties": false
},
"ikev2": {
"type": "object",
"properties": {
"errors": {
"type": "integer"
},
"notify": {
"type": "array"
}
},
"additionalProperties": false
}
},
"additionalProperties": false
},
"krb5": {
"type": "object",
"optional": true,
"properties": {
"cname": {
"type": "string"
},
"encryption": {
"type": "string"
},
"error_code": {
"type": "string"
},
"failed_request": {
"type": "string"
},
"msg_type": {
"type": "string"
},
"realm": {
"type": "string"
},
"sname": {
"type": "string"
},
"ticket_encryption": {
"type": "string"
},
"ticket_weak_encryption": {
"type": "boolean"
},
"weak_encryption": {
"type": "boolean"
}
},
"additionalProperties": false
},
"metadata": {
"type": "object",
"optional": true,
"properties": {
"flowbits": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
},
"flowvars": {
"type": "array",
"minItems": 1,
"items": {
"type": "object",
"properties": {
"gid": {
"type": "string"
},
"key": {
"type": "string"
},
"value": {
"type": "string"
}
},
"additionalProperties": true
}
},
"pktvars": {
"type": "array",
"minItems": 1,
"items": {
"type": "object",
"properties": {
"uid": {
"type": "string"
},
"username": {
"type": "string"
}
},
"additionalProperties": false
}
},
"flowints": {
"type": "object",
"additionalProperties": true
}
},
"additionalProperties": false
},
"modbus": {
"type": "object",
"optional": true,
"properties": {
"id": {
"type": "integer"
},
"request": {
"type": "object",
"properties": {
"access_type": {
"type": "string"
},
"category": {
"type": "string"
},
"data": {
"type": "string"
},
"error_flags": {
"type": "string"
},
"function_code": {
"type": "string"
},
"function_raw": {
"type": "integer"
},
"protocol_id": {
"type": "integer"
},
"transaction_id": {
"type": "integer"
},
"unit_id": {
"type": "integer"
},
"diagnostic": {
"type": "object",
"properties": {
"code": {
"type": "string"
},
"data": {
"type": "string"
},
"raw": {
"type": "integer"
}
},
"additionalProperties": false
},
"mei": {
"type": "object",
"properties": {
"code": {
"type": "string"
},
"data": {
"type": "string"
},
"raw": {
"type": "integer"
}
},
"additionalProperties": false
},
"read": {
"type": "object",
"properties": {
"address": {
"type": "integer"
},
"quantity": {
"type": "integer"
}
},
"additionalProperties": false
},
"write": {
"type": "object",
"properties": {
"address": {
"type": "integer"
},
"data": {
"type": "integer"
}
},
"additionalProperties": false
}
},
"additionalProperties": false
},
"response": {
"type": "object",
"properties": {
"access_type": {
"type": "string"
},
"category": {
"type": "string"
},
"data": {
"type": "string"
},
"error_flags": {
"type": "string"
},
"function_code": {
"type": "string"
},
"function_raw": {
"type": "integer"
},
"protocol_id": {
"type": "integer"
},
"transaction_id": {
"type": "integer"
},
"unit_id": {
"type": "integer"
},
"diagnostic": {
"type": "object",
"properties": {
"code": {
"type": "string"
},
"data": {
"type": "string"
},
"raw": {
"type": "integer"
}
},
"additionalProperties": false
},
"exception": {
"type": "object",
"properties": {
"code": {
"type": "string"
},
"raw": {
"type": "integer"
}
},
"additionalProperties": false
},
"read": {
"type": "object",
"properties": {
"data": {
"type": "string"
}
},
"additionalProperties": false
},
"write": {
"type": "object",
"properties": {
"address": {
"type": "integer"
},
"data": {
"type": "integer"
}
},
"additionalProperties": false
}
},
"additionalProperties": false
}
},
"additionalProperties": false
},
"mqtt": {
"type": "object",
"optional": true,
"properties": {
"connack": {
"type": "object",
"properties": {
"dup": {
"type": "boolean"
},
"qos": {
"type": "integer"
},
"retain": {
"type": "boolean"
},
"return_code": {
"type": "integer"
},
"session_present": {
"type": "boolean"
},
"properties": {
"type": "object",
"additionalProperties": true
}
},
"additionalProperties": false
},
"connect": {
"type": "object",
"properties": {
"client_id": {
"type": "string"
},
"dup": {
"type": "boolean"
},
"password": {
"type": "string"
},
"protocol_string": {
"type": "string"
},
"protocol_version": {
"type": "integer"
},
"qos": {
"type": "integer"
},
"retain": {
"type": "boolean"
},
"username": {
"type": "string"
},
"flags": {
"type": "object",
"properties": {
"clean_session": {
"type": "boolean"
},
"password": {
"type": "boolean"
},
"username": {
"type": "boolean"
},
"will": {
"type": "boolean"
},
"will_retain": {
"type": "boolean"
}
},
"additionalProperties": false
},
"properties": {
"type": "object",
"additionalProperties": true
},
"will": {
"type": "object",
"properties": {
"message": {
"type": "string"
},
"topic": {
"type": "string"
},
"properties": {
"type": "object",
"additionalProperties": true
}
},
"additionalProperties": false
}
},
"additionalProperties": false
},
"disconnect": {
"type": "object",
"properties": {
"dup": {
"type": "boolean"
},
"qos": {
"type": "integer"
},
"reason_code": {
"type": "integer"
},
"retain": {
"type": "boolean"
},
"properties": {
"type": "object",
"additionalProperties": true
}
},
"additionalProperties": false
},
"pingreq": {
"type": "object",
"properties": {
"dup": {
"type": "boolean"
},
"qos": {
"type": "integer"
},
"retain": {
"type": "boolean"
}
},
"additionalProperties": false
},
"pingresp": {
"type": "object",
"properties": {
"dup": {
"type": "boolean"
},
"qos": {
"type": "integer"
},
"retain": {
"type": "boolean"
}
},
"additionalProperties": false
},
"puback": {
"type": "object",
"properties": {
"dup": {
"type": "boolean"
},
"message_id": {
"type": "integer"
},
"qos": {
"type": "integer"
},
"reason_code": {
"type": "integer"
},
"retain": {
"type": "boolean"
}
},
"additionalProperties": false
},
"pubcomp": {
"type": "object",
"properties": {
"dup": {
"type": "boolean"
},
"message_id": {
"type": "integer"
},
"qos": {
"type": "integer"
},
"reason_code": {
"type": "integer"
},
"retain": {
"type": "boolean"
}
},
"additionalProperties": false
},
"publish": {
"type": "object",
"properties": {
"dup": {
"type": "boolean"
},
"message": {
"type": "string"
},
"message_id": {
"type": "integer"
},
"qos": {
"type": "integer"
},
"retain": {
"type": "boolean"
},
"skipped_length": {
"type": "integer"
},
"topic": {
"type": "string"
},
"truncated": {
"type": "boolean"
},
"properties": {
"type": "object",
"additionalProperties": true
}
},
"additionalProperties": false
},
"pubrec": {
"type": "object",
"properties": {
"dup": {
"type": "boolean"
},
"message_id": {
"type": "integer"
},
"qos": {
"type": "integer"
},
"reason_code": {
"type": "integer"
},
"retain": {
"type": "boolean"
}
},
"additionalProperties": false
},
"pubrel": {
"type": "object",
"properties": {
"dup": {
"type": "boolean"
},
"message_id": {
"type": "integer"
},
"qos": {
"type": "integer"
},
"reason_code": {
"type": "integer"
},
"retain": {
"type": "boolean"
}
},
"additionalProperties": false
},
"suback": {
"type": "object",
"properties": {
"dup": {
"type": "boolean"
},
"message_id": {
"type": "integer"
},
"qos": {
"type": "integer"
},
"retain": {
"type": "boolean"
},
"qos_granted": {
"type": "array",
"minItems": 1,
"items": {
"type": "integer"
}
}
},
"additionalProperties": false
},
"subscribe": {
"type": "object",
"properties": {
"dup": {
"type": "boolean"
},
"message_id": {
"type": "integer"
},
"qos": {
"type": "integer"
},
"retain": {
"type": "boolean"
},
"topics": {
"type": "array",
"minItems": 1,
"items": {
"type": "object",
"properties": {
"qos": {
"type": "integer"
},
"topic": {
"type": "string"
}
},
"additionalProperties": false
}
}
},
"additionalProperties": false
},
"unsuback": {
"type": "object",
"properties": {
"dup": {
"type": "boolean"
},
"message_id": {
"type": "integer"
},
"qos": {
"type": "integer"
},
"retain": {
"type": "boolean"
},
"reason_codes": {
"type": "array",
"minItems": 1,
"items": {
"type": "integer"
}
}
},
"additionalProperties": false
},
"unsubscribe": {
"type": "object",
"properties": {
"dup": {
"type": "boolean"
},
"message_id": {
"type": "integer"
},
"qos": {
"type": "integer"
},
"retain": {
"type": "boolean"
},
"topics": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
}
},
"additionalProperties": false
}
},
"additionalProperties": false
},
"netflow": {
"type": "object",
"optional": true,
"properties": {
"age": {
"type": "integer"
},
"bytes": {
"type": "integer"
},
"end": {
"type": "string"
},
"max_ttl": {
"type": "integer"
},
"min_ttl": {
"type": "integer"
},
"pkts": {
"type": "integer"
},
"start": {
"type": "string"
}
},
"additionalProperties": false
},
"nfs": {
"type": "object",
"optional": true,
"properties": {
"file_tx": {
"type": "boolean"
},
"filename": {
"type": "string"
},
"hhash": {
"type": "string"
},
"id": {
"type": "integer"
},
"procedure": {
"type": "string"
},
"status": {
"type": "string"
},
"type": {
"type": "string"
},
"version": {
"type": "integer"
},
"read": {
"type": "object",
"optional": true,
"properties": {
"chunks": {
"type": "integer"
},
"first": {
"type": "boolean"
},
"last": {
"type": "boolean"
},
"last_xid": {
"type": "integer"
}
},
"additionalProperties": false
},
"rename": {
"type": "object",
"optional": true,
"properties": {
"from": {
"type": "string"
},
"to": {
"type": "string"
}
},
"additionalProperties": false
},
"write": {
"type": "object",
"optional": true,
"properties": {
"chunks": {
"type": "integer"
},
"first": {
"type": "boolean"
},
"last": {
"type": "boolean"
},
"last_xid": {
"type": "integer"
}
},
"additionalProperties": false
}
},
"additionalProperties": false
},
"packet_info": {
"type": "object",
"optional": true,
"properties": {
"linktype": {
"type": "integer"
}
},
"additionalProperties": false
},
"pgsql": {
"type": "object",
"optional": true,
"properties": {
"request": {
"type": "object",
"properties": {
"message": {
"type": "string"
},
"password": {
"type": "string"
},
"password_message": {
"type": "string"
},
"protocol_version": {
"type": "string"
},
"sasl_authentication_mechanism": {
"type": "string"
},
"sasl_param": {
"type": "string"
},
"sasl_response": {
"type": "string"
},
"simple_query": {
"type": "string"
},
"startup_parameters": {
"type": "object",
"properties": {
"optional_parameters": {
"type": "array",
"minItems": 1,
"items": {
"type": "object",
"properties": {
"application_name": {
"type": "string"
},
"client_encoding": {
"type": "string"
},
"database": {
"type": "string"
},
"datestyle": {
"type": "string"
},
"extra_float_digits": {
"type": "string"
},
"options": {
"type": "string"
},
"replication": {
"type": "string"
}
},
"additionalProperties": true
}
},
"user": {
"type": "string"
}
},
"additionalProperties": false
}
},
"additionalProperties": false
},
"response": {
"type": "object",
"properties": {
"authentication_md5_password": {
"type": "string"
},
"authentication_sasl_final": {
"type": "string"
},
"code": {
"type": "string"
},
"command_completed": {
"type": "string"
},
"data_rows": {
"type": "integer"
},
"data_size": {
"type": "integer"
},
"field_count": {
"type": "integer"
},
"file": {
"type": "string"
},
"line": {
"type": "string"
},
"message": {
"type": "string"
},
"parameter_status": {
"type": "array",
"minItems": 1,
"items": {
"type": "object",
"properties": {
"application_name": {
"type": "string"
},
"client_encoding": {
"type": "string"
},
"date_style": {
"type": "string"
},
"integer_datetimes": {
"type": "string"
},
"interval_style": {
"type": "string"
},
"is_superuser": {
"type": "string"
},
"server_encoding": {
"type": "string"
},
"server_version": {
"type": "string"
},
"session_authorization": {
"type": "string"
},
"standard_conforming_strings": {
"type": "string"
},
"time_zone": {
"type": "string"
}
},
"additionalProperties": true
}
},
"process_id": {
"type": "integer"
},
"routine": {
"type": "string"
},
"secret_key": {
"type": "integer"
},
"severity_localizable": {
"type": "string"
},
"severity_non_localizable": {
"type": "string"
},
"ssl_accepted": {
"type": "boolean"
}
},
"additionalProperties": false
},
"tx_id": {
"type": "integer"
}
},
"additionalProperties": false
},
"quic": {
"type": "object",
"optional": true,
"properties": {
"cyu": {
"type": "array",
"minItems": 1,
"items": {
"type": "object",
"properties": {
"hash": {
"type": "string"
},
"string": {
"type": "string"
}
},
"additionalProperties": false
}
},
"extensions": {
"type": "array",
"minItems": 1,
"items": {
"type": "object",
"properties": {
"name": {
"type": "string"
},
"type": {
"type": "integer"
},
"values": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
}
},
"additionalProperties": false
}
},
"ja3": {
"type": "object",
"optional": true,
"properties": {
"hash": {
"type": "string"
},
"string": {
"type": "string"
}
},
"additionalProperties": false
},
"ja3s": {
"type": "object",
"optional": true,
"properties": {
"hash": {
"type": "string"
},
"string": {
"type": "string"
}
},
"additionalProperties": false
},
"sni": {
"type": "string"
},
"ua": {
"type": "string"
},
"version": {
"type": "string"
}
},
"additionalProperties": false
},
"rdp": {
"type": "object",
"optional": true,
"properties": {
"cookie": {
"type": "string"
},
"event_type": {
"type": "string"
},
"tx_id": {
"type": "integer"
},
"channels": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
},
"client": {
"type": "object",
"properties": {
"build": {
"type": "string"
},
"client_name": {
"type": "string"
},
"color_depth": {
"type": "integer"
},
"desktop_height": {
"type": "integer"
},
"desktop_width": {
"type": "integer"
},
"function_keys": {
"type": "integer"
},
"id": {
"type": "string"
},
"keyboard_layout": {
"type": "string"
},
"keyboard_type": {
"type": "string"
},
"product_id": {
"type": "integer"
},
"version": {
"type": "string"
},
"capabilities": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
}
},
"additionalProperties": false
}
},
"additionalProperties": false
},
"rfb": {
"type": "object",
"optional": true,
"properties": {
"screen_shared": {
"type": "boolean"
},
"authentication": {
"type": "object",
"properties": {
"security_result": {
"type": "string"
},
"security_type": {
"type": "integer"
},
"vnc": {
"type": "object",
"properties": {
"challenge": {
"type": "string"
},
"response": {
"type": "string"
}
},
"additionalProperties": false
}
},
"additionalProperties": false
},
"client_protocol_version": {
"type": "object",
"properties": {
"major": {
"type": "string"
},
"minor": {
"type": "string"
}
},
"additionalProperties": false
},
"framebuffer": {
"type": "object",
"properties": {
"height": {
"type": "integer"
},
"name": {
"type": "string"
},
"width": {
"type": "integer"
},
"pixel_format": {
"type": "object",
"properties": {
"big_endian": {
"type": "boolean"
},
"bits_per_pixel": {
"type": "integer"
},
"blue_max": {
"type": "integer"
},
"blue_shift": {
"type": "integer"
},
"depth": {
"type": "integer"
},
"green_max": {
"type": "integer"
},
"green_shift": {
"type": "integer"
},
"red_max": {
"type": "integer"
},
"red_shift": {
"type": "integer"
},
"true_color": {
"type": "boolean"
}
},
"additionalProperties": false
}
},
"additionalProperties": false
},
"server_protocol_version": {
"type": "object",
"properties": {
"major": {
"type": "string"
},
"minor": {
"type": "string"
}
},
"additionalProperties": false
}
},
"additionalProperties": false
},
"rpc": {
"type": "object",
"optional": true,
"properties": {
"auth_type": {
"type": "string"
},
"status": {
"type": "string"
},
"xid": {
"type": "integer"
},
"creds": {
"type": "object",
"optional": true,
"properties": {
"gid": {
"type": "integer"
},
"machine_name": {
"type": "string"
},
"uid": {
"type": "integer"
}
},
"additionalProperties": false
}
},
"additionalProperties": false
},
"sip": {
"type": "object",
"optional": true,
"properties": {
"code": {
"type": "string"
},
"method": {
"type": "string"
},
"reason": {
"type": "string"
},
"request_line": {
"type": "string"
},
"response_line": {
"type": "string"
},
"uri": {
"type": "string"
},
"version": {
"type": "string"
}
},
"additionalProperties": false
},
"smb": {
"type": "object",
"optional": true,
"properties": {
"access": {
"type": "string"
},
"accessed": {
"type": "integer"
},
"changed": {
"type": "integer"
},
"client_guid": {
"type": "string"
},
"command": {
"type": "string"
},
"created": {
"type": "integer"
},
"dialect": {
"type": "string"
},
"directory": {
"type": "string"
},
"disposition": {
"type": "string"
},
"filename": {
"type": "string"
},
"fuid": {
"type": "string"
},
"function": {
"type": "string"
},
"id": {
"type": "integer"
},
"level_of_interest": {
"type": "string"
},
"max_read_size": {
"type": "integer"
},
"max_write_size": {
"type": "integer"
},
"modified": {
"type": "integer"
},
"named_pipe": {
"type": "string"
},
"rename": {
"type": "object",
"optional": true,
"properties": {
"from": {
"type": "string"
},
"to": {
"type": "string"
}
},
"additionalProperties": false
},
"request_done": {
"type": "boolean"
},
"response_done": {
"type": "boolean"
},
"server_guid": {
"type": "string"
},
"session_id": {
"type": "integer"
},
"set_info": {
"type": "object",
"optional": true,
"properties": {
"class": {
"type": "string"
},
"info_level": {
"type": "string"
}
},
"additionalProperties": false
},
"share": {
"type": "string"
},
"share_type": {
"type": "string"
},
"size": {
"type": "integer"
},
"subcmd": {
"type": "string"
},
"status": {
"type": "string"
},
"status_code": {
"type": "string"
},
"tree_id": {
"type": "integer"
},
"client_dialects": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
},
"set_info": {
"type": "object",
"optional": true,
"properties": {
"class": {
"type": "string"
},
"info_level": {
"type": "string"
}
}
},
"rename": {
"type": "object",
"optional": true,
"properties": {
"from": {
"type": "string"
},
"to": {
"type": "string"
}
}
},
"dcerpc": {
"type": "object",
"optional": true,
"properties": {
"call_id": {
"type": "integer"
},
"opnum": {
"type": "integer"
},
"request": {
"type": "string"
},
"response": {
"type": "string"
},
"interfaces": {
"type": "array",
"minItems": 1,
"items": {
"type": "object",
"optional": true,
"properties": {
"ack_reason": {
"type": "integer"
},
"ack_result": {
"type": "integer"
},
"uuid": {
"type": "string"
},
"version": {
"type": "string"
}
},
"additionalProperties": false
}
},
"req": {
"type": "object",
"optional": true,
"properties": {
"frag_cnt": {
"type": "integer"
},
"stub_data_size": {
"type": "integer"
}
},
"additionalProperties": false
},
"res": {
"type": "object",
"optional": true,
"properties": {
"frag_cnt": {
"type": "integer"
},
"stub_data_size": {
"type": "integer"
}
},
"additionalProperties": false
}
},
"additionalProperties": false
},
"kerberos": {
"type": "object",
"optional": true,
"properties": {
"realm": {
"type": "string"
},
"snames": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
}
},
"additionalProperties": false
},
"ntlmssp": {
"type": "object",
"optional": true,
"properties": {
"domain": {
"type": "string"
},
"host": {
"type": "string"
},
"user": {
"type": "string"
},
"version": {
"type": "string",
"optional": true
},
"warning": {
"type": "boolean"
}
},
"additionalProperties": false
},
"request": {
"type": "object",
"optional": true,
"properties": {
"native_lm": {
"type": "string"
},
"native_os": {
"type": "string"
}
},
"additionalProperties": false
},
"response": {
"type": "object",
"optional": true,
"properties": {
"native_lm": {
"type": "string"
},
"native_os": {
"type": "string"
}
},
"additionalProperties": false
},
"service": {
"type": "object",
"optional": true,
"properties": {
"request": {
"type": "string"
},
"response": {
"type": "string"
}
},
"additionalProperties": false
}
},
"additionalProperties": false
},
"smtp": {
"type": "object",
"optional": true,
"properties": {
"helo": {
"type": "string"
},
"mail_from": {
"type": "string"
},
"rcpt_to": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
}
},
"additionalProperties": false
},
"snmp": {
"type": "object",
"optional": true,
"properties": {
"community": {
"type": "string"
},
"pdu_type": {
"type": "string"
},
"usm": {
"type": "string"
},
"version": {
"type": "integer"
},
"vars": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
}
},
"additionalProperties": false
},
"ssh": {
"type": "object",
"optional": true,
"properties": {
"client": {
"type": "object",
"properties": {
"proto_version": {
"type": "string"
},
"software_version": {
"type": "string"
},
"hassh": {
"type": "object",
"properties": {
"hash": {
"type": "string"
},
"string": {
"type": "string"
}
},
"additionalProperties": false
}
},
"additionalProperties": false
},
"server": {
"type": "object",
"properties": {
"proto_version": {
"type": "string"
},
"software_version": {
"type": "string"
},
"hassh": {
"type": "object",
"properties": {
"hash": {
"type": "string"
},
"string": {
"type": "string"
}
},
"additionalProperties": false
}
},
"additionalProperties": false
}
},
"additionalProperties": false
},
"stats": {
"type": "object",
"optional": true,
"properties": {
"uptime": {
"type": "integer"
},
"app_layer": {
"type": "object",
"properties": {
"expectations": {
"type": "integer"
},
"error": {
"type": "object",
"properties": {
"bittorrent-dht": {
"$ref": "#/$defs/stats_applayer_error"
},
"dcerpc_tcp": {
"$ref": "#/$defs/stats_applayer_error"
},
"dcerpc_udp": {
"$ref": "#/$defs/stats_applayer_error"
},
"dhcp": {
"$ref": "#/$defs/stats_applayer_error"
},
"dnp3": {
"$ref": "#/$defs/stats_applayer_error"
},
"dns_tcp": {
"$ref": "#/$defs/stats_applayer_error"
},
"dns_udp": {
"$ref": "#/$defs/stats_applayer_error"
},
"enip_tcp": {
"$ref": "#/$defs/stats_applayer_error"
},
"enip_udp": {
"$ref": "#/$defs/stats_applayer_error"
},
"failed_tcp": {
"$ref": "#/$defs/stats_applayer_error"
},
"ftp": {
"$ref": "#/$defs/stats_applayer_error"
},
"ftp-data": {
"$ref": "#/$defs/stats_applayer_error"
},
"http": {
"$ref": "#/$defs/stats_applayer_error"
},
"http2": {
"$ref": "#/$defs/stats_applayer_error"
},
"ike": {
"$ref": "#/$defs/stats_applayer_error"
},
"imap": {
"$ref": "#/$defs/stats_applayer_error"
},
"krb5_tcp": {
"$ref": "#/$defs/stats_applayer_error"
},
"krb5_udp": {
"$ref": "#/$defs/stats_applayer_error"
},
"mqtt": {
"$ref": "#/$defs/stats_applayer_error"
},
"nfs_tcp": {
"$ref": "#/$defs/stats_applayer_error"
},
"nfs_udp": {
"$ref": "#/$defs/stats_applayer_error"
},
"ntp": {
"$ref": "#/$defs/stats_applayer_error"
},
"pgsql": {
"$ref": "#/$defs/stats_applayer_error"
},
"quic": {
"$ref": "#/$defs/stats_applayer_error"
},
"rdp": {
"$ref": "#/$defs/stats_applayer_error"
},
"rfb": {
"$ref": "#/$defs/stats_applayer_error"
},
"sip": {
"$ref": "#/$defs/stats_applayer_error"
},
"smb": {
"$ref": "#/$defs/stats_applayer_error"
},
"smtp": {
"$ref": "#/$defs/stats_applayer_error"
},
"snmp": {
"$ref": "#/$defs/stats_applayer_error"
},
"ssh": {
"$ref": "#/$defs/stats_applayer_error"
},
"telnet": {
"$ref": "#/$defs/stats_applayer_error"
},
"tftp": {
"$ref": "#/$defs/stats_applayer_error"
},
"tls": {
"$ref": "#/$defs/stats_applayer_error"
}
},
"additionalProperties": false
},
"flow": {
"type": "object",
"properties": {
"bittorrent-dht": {
"type": "integer"
},
"dcerpc_tcp": {
"type": "integer"
},
"dcerpc_udp": {
"type": "integer"
},
"dhcp": {
"type": "integer"
},
"dnp3": {
"type": "integer"
},
"dns_tcp": {
"type": "integer"
},
"dns_udp": {
"type": "integer"
},
"enip_tcp": {
"type": "integer"
},
"enip_udp": {
"type": "integer"
},
"failed_tcp": {
"type": "integer"
},
"failed_udp": {
"type": "integer"
},
"ftp": {
"type": "integer"
},
"ftp-data": {
"type": "integer"
},
"http": {
"type": "integer"
},
"http2": {
"type": "integer"
},
"ike": {
"type": "integer"
},
"ikev2": {
"type": "integer"
},
"imap": {
"type": "integer"
},
"krb5_tcp": {
"type": "integer"
},
"krb5_udp": {
"type": "integer"
},
"modbus": {
"type": "integer"
},
"mqtt": {
"type": "integer"
},
"nfs_tcp": {
"type": "integer"
},
"nfs_udp": {
"type": "integer"
},
"ntp": {
"type": "integer"
},
"pgsql": {
"type": "integer"
},
"quic": {
"type": "integer"
},
"rdp": {
"type": "integer"
},
"rfb": {
"type": "integer"
},
"sip": {
"type": "integer"
},
"smb": {
"type": "integer"
},
"smtp": {
"type": "integer"
},
"snmp": {
"type": "integer"
},
"ssh": {
"type": "integer"
},
"telnet": {
"type": "integer"
},
"tftp": {
"type": "integer"
},
"tls": {
"type": "integer"
}
},
"additionalProperties": false
},
"tx": {
"type": "object",
"properties": {
"bittorrent-dht": {
"type": "integer"
},
"dcerpc_tcp": {
"type": "integer"
},
"dcerpc_udp": {
"type": "integer"
},
"dhcp": {
"type": "integer"
},
"dnp3": {
"type": "integer"
},
"dns_tcp": {
"type": "integer"
},
"dns_udp": {
"type": "integer"
},
"enip_tcp": {
"type": "integer"
},
"enip_udp": {
"type": "integer"
},
"ftp": {
"type": "integer"
},
"ftp-data": {
"type": "integer"
},
"http": {
"type": "integer"
},
"http2": {
"type": "integer"
},
"ike": {
"type": "integer"
},
"ikev2": {
"type": "integer"
},
"imap": {
"type": "integer"
},
"krb5_tcp": {
"type": "integer"
},
"krb5_udp": {
"type": "integer"
},
"modbus": {
"type": "integer"
},
"mqtt": {
"type": "integer"
},
"nfs_tcp": {
"type": "integer"
},
"nfs_udp": {
"type": "integer"
},
"ntp": {
"type": "integer"
},
"pgsql": {
"type": "integer"
},
"quic": {
"type": "integer"
},
"rdp": {
"type": "integer"
},
"rfb": {
"type": "integer"
},
"sip": {
"type": "integer"
},
"smb": {
"type": "integer"
},
"smtp": {
"type": "integer"
},
"snmp": {
"type": "integer"
},
"ssh": {
"type": "integer"
},
"telnet": {
"type": "integer"
},
"tftp": {
"type": "integer"
},
"tls": {
"type": "integer"
}
},
"additionalProperties": false
}
},
"additionalProperties": false
},
"ips": {
"type": "object",
"properties": {
"accepted": {
"type": "integer"
},
"blocked": {
"type": "integer"
},
"rejected": {
"type": "integer"
},
"replaced": {
"type": "integer"
},
"drop_reason": {
"type": "object",
"properties": {
"decode_error": {
"type": "integer"
},
"defrag_error": {
"type": "integer"
},
"defrag_memcap": {
"type": "integer"
},
"flow_memcap": {
"type": "integer"
},
"flow_drop": {
"type": "integer"
},
"applayer_error": {
"type": "integer"
},
"applayer_memcap": {
"type": "integer"
},
"rules": {
"type": "integer"
},
"threshold_detection_filter": {
"type": "integer"
},
"stream_error": {
"type": "integer"
},
"stream_memcap": {
"type": "integer"
},
"stream_midstream": {
"type": "integer"
},
"nfq_error": {
"type": "integer"
},
"tunnel_packet_drop": {
"type": "integer"
}
},
"additionalProperties": false
}
},
"additionalProperties": false
},
"decoder": {
"type": "object",
"properties": {
"avg_pkt_size": {
"type": "integer"
},
"bytes": {
"type": "integer"
},
"chdlc": {
"type": "integer"
},
"erspan": {
"type": "integer"
},
"esp": {
"type": "integer"
},
"ethernet": {
"type": "integer"
},
"arp": {
"type": "integer"
},
"unknown_ethertype": {
"type": "integer"
},
"geneve": {
"type": "integer"
},
"gre": {
"type": "integer"
},
"icmpv4": {
"type": "integer"
},
"icmpv6": {
"type": "integer"
},
"ieee8021ah": {
"type": "integer"
},
"invalid": {
"type": "integer"
},
"ipv4": {
"type": "integer"
},
"ipv4_in_ipv6": {
"type": "integer"
},
"ipv6": {
"type": "integer"
},
"ipv6_in_ipv6": {
"type": "integer"
},
"max_mac_addrs_dst": {
"type": "integer"
},
"max_mac_addrs_src": {
"type": "integer"
},
"max_pkt_size": {
"type": "integer"
},
"mpls": {
"type": "integer"
},
"nsh": {
"type": "integer"
},
"null": {
"type": "integer"
},
"pkts": {
"type": "integer"
},
"ppp": {
"type": "integer"
},
"pppoe": {
"type": "integer"
},
"raw": {
"type": "integer"
},
"sctp": {
"type": "integer"
},
"sll": {
"type": "integer"
},
"tcp": {
"type": "integer"
},
"teredo": {
"type": "integer"
},
"too_many_layers": {
"type": "integer"
},
"udp": {
"type": "integer"
},
"vlan": {
"type": "integer"
},
"vlan_qinq": {
"type": "integer"
},
"vlan_qinqinq": {
"type": "integer"
},
"vntag": {
"type": "integer"
},
"vxlan": {
"type": "integer"
},
"event": {
"type": "object",
"properties": {
"chdlc": {
"type": "object",
"properties": {
"pkt_too_small": {
"type": "integer"
}
},
"additionalProperties": false
},
"dce": {
"type": "object",
"properties": {
"pkt_too_small": {
"type": "integer"
}
},
"additionalProperties": false
},
"erspan": {
"type": "object",
"properties": {
"header_too_small": {
"type": "integer"
},
"too_many_vlan_layers": {
"type": "integer"
},
"unsupported_version": {
"type": "integer"
}
},
"additionalProperties": false
},
"esp": {
"type": "object",
"properties": {
"pkt_too_small": {
"type": "integer"
}
},
"additionalProperties": false
},
"ethernet": {
"type": "object",
"properties": {
"pkt_too_small": {
"type": "integer"
}
},
"additionalProperties": false
},
"geneve": {
"type": "object",
"properties": {
"unknown_payload_type": {
"type": "integer"
}
},
"additionalProperties": false
},
"gre": {
"type": "object",
"properties": {
"pkt_too_small": {
"type": "integer"
},
"version0_flags": {
"type": "integer"
},
"version0_hdr_too_big": {
"type": "integer"
},
"version0_malformed_sre_hdr": {
"type": "integer"
},
"version0_recur": {
"type": "integer"
},
"version1_chksum": {
"type": "integer"
},
"version1_flags": {
"type": "integer"
},
"version1_hdr_too_big": {
"type": "integer"
},
"version1_malformed_sre_hdr": {
"type": "integer"
},
"version1_no_key": {
"type": "integer"
},
"version1_recur": {
"type": "integer"
},
"version1_route": {
"type": "integer"
},
"version1_ssr": {
"type": "integer"
},
"version1_wrong_protocol": {
"type": "integer"
},
"wrong_version": {
"type": "integer"
}
},
"additionalProperties": false
},
"icmpv4": {
"type": "object",
"properties": {
"ipv4_trunc_pkt": {
"type": "integer"
},
"ipv4_unknown_ver": {
"type": "integer"
},
"pkt_too_small": {
"type": "integer"
},
"unknown_code": {
"type": "integer"
},
"unknown_type": {
"type": "integer"
}
},
"additionalProperties": false
},
"icmpv6": {
"type": "object",
"properties": {
"experimentation_type": {
"type": "integer"
},
"ipv6_trunc_pkt": {
"type": "integer"
},
"ipv6_unknown_version": {
"type": "integer"
},
"mld_message_with_invalid_hl": {
"type": "integer"
},
"pkt_too_small": {
"type": "integer"
},
"unassigned_type": {
"type": "integer"
},
"unknown_code": {
"type": "integer"
},
"unknown_type": {
"type": "integer"
}
},
"additionalProperties": false
},
"ieee8021ah": {
"type": "object",
"properties": {
"header_too_small": {
"type": "integer"
}
},
"additionalProperties": false
},
"ipraw": {
"type": "object",
"properties": {
"invalid_ip_version": {
"type": "integer"
}
},
"additionalProperties": false
},
"ipv4": {
"type": "object",
"properties": {
"frag_ignored": {
"type": "integer"
},
"frag_overlap": {
"type": "integer"
},
"frag_pkt_too_large": {
"type": "integer"
},
"hlen_too_small": {
"type": "integer"
},
"icmpv6": {
"type": "integer"
},
"iplen_smaller_than_hlen": {
"type": "integer"
},
"opt_duplicate": {
"type": "integer"
},
"opt_eol_required": {
"type": "integer"
},
"opt_invalid": {
"type": "integer"
},
"opt_invalid_len": {
"type": "integer"
},
"opt_malformed": {
"type": "integer"
},
"opt_pad_required": {
"type": "integer"
},
"opt_unknown": {
"type": "integer"
},
"pkt_too_small": {
"type": "integer"
},
"trunc_pkt": {
"type": "integer"
},
"wrong_ip_version": {
"type": "integer"
}
},
"additionalProperties": false
},
"ipv6": {
"type": "object",
"properties": {
"data_after_none_header": {
"type": "integer"
},
"dstopts_only_padding": {
"type": "integer"
},
"dstopts_unknown_opt": {
"type": "integer"
},
"exthdr_ah_res_not_null": {
"type": "integer"
},
"exthdr_dupl_ah": {
"type": "integer"
},
"exthdr_dupl_dh": {
"type": "integer"
},
"exthdr_dupl_eh": {
"type": "integer"
},
"exthdr_dupl_fh": {
"type": "integer"
},
"exthdr_dupl_hh": {
"type": "integer"
},
"exthdr_dupl_rh": {
"type": "integer"
},
"exthdr_invalid_optlen": {
"type": "integer"
},
"exthdr_useless_fh": {
"type": "integer"
},
"fh_non_zero_reserved_field": {
"type": "integer"
},
"frag_ignored": {
"type": "integer"
},
"frag_invalid_length": {
"type": "integer"
},
"frag_overlap": {
"type": "integer"
},
"frag_pkt_too_large": {
"type": "integer"
},
"hopopts_only_padding": {
"type": "integer"
},
"hopopts_unknown_opt": {
"type": "integer"
},
"icmpv4": {
"type": "integer"
},
"ipv4_in_ipv6_too_small": {
"type": "integer"
},
"ipv4_in_ipv6_wrong_version": {
"type": "integer"
},
"ipv6_in_ipv6_too_small": {
"type": "integer"
},
"ipv6_in_ipv6_wrong_version": {
"type": "integer"
},
"pkt_too_small": {
"type": "integer"
},
"rh_type_0": {
"type": "integer"
},
"trunc_exthdr": {
"type": "integer"
},
"trunc_pkt": {
"type": "integer"
},
"unknown_next_header": {
"type": "integer"
},
"wrong_ip_version": {
"type": "integer"
},
"zero_len_padn": {
"type": "integer"
}
},
"additionalProperties": false
},
"ltnull": {
"type": "object",
"properties": {
"pkt_too_small": {
"type": "integer"
},
"unsupported_type": {
"type": "integer"
}
},
"additionalProperties": false
},
"mpls": {
"type": "object",
"properties": {
"bad_label_implicit_null": {
"type": "integer"
},
"bad_label_reserved": {
"type": "integer"
},
"bad_label_router_alert": {
"type": "integer"
},
"header_too_small": {
"type": "integer"
},
"pkt_too_small": {
"type": "integer"
},
"unknown_payload_type": {
"type": "integer"
}
},
"additionalProperties": false
},
"nsh": {
"type": "object",
"properties": {
"bad_header_length": {
"type": "integer"
},
"header_too_small": {
"type": "integer"
},
"reserved_type": {
"type": "integer"
},
"unknown_payload": {
"type": "integer"
},
"unsupported_type": {
"type": "integer"
},
"unsupported_version": {
"type": "integer"
}
},
"additionalProperties": false
},
"ppp": {
"type": "object",
"properties": {
"ip4_pkt_too_small": {
"type": "integer"
},
"ip6_pkt_too_small": {
"type": "integer"
},
"pkt_too_small": {
"type": "integer"
},
"unsup_proto": {
"type": "integer"
},
"vju_pkt_too_small": {
"type": "integer"
},
"wrong_type": {
"type": "integer"
}
},
"additionalProperties": false
},
"pppoe": {
"type": "object",
"properties": {
"malformed_tags": {
"type": "integer"
},
"pkt_too_small": {
"type": "integer"
},
"wrong_code": {
"type": "integer"
}
},
"additionalProperties": false
},
"sctp": {
"type": "object",
"properties": {
"pkt_too_small": {
"type": "integer"
}
},
"additionalProperties": false
},
"sll": {
"type": "object",
"properties": {
"pkt_too_small": {
"type": "integer"
}
},
"additionalProperties": false
},
"tcp": {
"type": "object",
"properties": {
"hlen_too_small": {
"type": "integer"
},
"invalid_optlen": {
"type": "integer"
},
"opt_duplicate": {
"type": "integer"
},
"opt_invalid_len": {
"type": "integer"
},
"pkt_too_small": {
"type": "integer"
}
},
"additionalProperties": false
},
"udp": {
"type": "object",
"properties": {
"hlen_invalid": {
"type": "integer"
},
"hlen_too_small": {
"type": "integer"
},
"pkt_too_small": {
"type": "integer"
},
"len_invalid": {
"type": "integer"
}
},
"additionalProperties": false
},
"vlan": {
"type": "object",
"properties": {
"header_too_small": {
"type": "integer"
},
"too_many_layers": {
"type": "integer"
},
"unknown_type": {
"type": "integer"
}
},
"additionalProperties": false
},
"vntag": {
"type": "object",
"properties": {
"header_too_small": {
"type": "integer"
},
"unknown_type": {
"type": "integer"
}
},
"additionalProperties": false
},
"vxlan": {
"type": "object",
"properties": {
"unknown_payload_type": {
"type": "integer"
}
},
"additionalProperties": false
}
},
"additionalProperties": false
}
},
"additionalProperties": false
},
"defrag": {
"type": "object",
"properties": {
"max_frag_hits": {
"type": "integer"
},
"ipv4": {
"type": "object",
"properties": {
"fragments": {
"type": "integer"
},
"reassembled": {
"type": "integer"
},
"timeouts": {
"type": "integer"
}
},
"additionalProperties": false
},
"ipv6": {
"type": "object",
"properties": {
"fragments": {
"type": "integer"
},
"reassembled": {
"type": "integer"
},
"timeouts": {
"type": "integer"
}
},
"additionalProperties": false
}
},
"additionalProperties": false
},
"detect": {
"type": "object",
"properties": {
"alert": {
"type": "integer"
},
"alert_queue_overflow": {
"type": "integer"
},
"alerts_suppressed": {
"type": "integer"
},
"mpm_list": {
"type": "integer"
},
"nonmpm_list": {
"type": "integer"
},
"fnonmpm_list": {
"type": "integer"
},
"match_list": {
"type": "integer"
},
"engines": {
"type": "array",
"minItems": 1,
"items": {
"type": "object",
"properties": {
"id": {
"type": "integer"
},
"last_reload": {
"type": "string"
},
"rules_loaded": {
"type": "integer"
},
"rules_failed": {
"type": "integer"
}
},
"additionalProperties": false
}
}
},
"additionalProperties": false
},
"file_store": {
"type": "object",
"properties": {
"fs_errors": {
"type": "integer"
},
"open_files": {
"type": "integer"
},
"open_files_max_hit": {
"type": "integer"
}
},
"additionalProperties": false
},
"flow": {
"type": "object",
"properties": {
"active": {
"type": "integer"
},
"emerg_mode_entered": {
"type": "integer"
},
"emerg_mode_over": {
"type": "integer"
},
"get_used": {
"type": "integer"
},
"get_used_eval": {
"type": "integer"
},
"get_used_eval_busy": {
"type": "integer"
},
"get_used_eval_reject": {
"type": "integer"
},
"get_used_failed": {
"type": "integer"
},
"icmpv4": {
"type": "integer"
},
"icmpv6": {
"type": "integer"
},
"memcap": {
"type": "integer"
},
"memuse": {
"type": "integer"
},
"spare": {
"type": "integer"
},
"tcp": {
"type": "integer"
},
"tcp_reuse": {
"type": "integer"
},
"total": {
"type": "integer"
},
"udp": {
"type": "integer"
},
"end": {
"type": "object",
"properties": {
"state": {
"type": "object",
"properties": {
"new": {
"type": "integer"
},
"established": {
"type": "integer"
},
"closed": {
"type": "integer"
},
"local_bypassed": {
"type": "integer"
},
"capture_bypassed": {
"type": "integer"
}
},
"additionalProperties": false
},
"tcp_state": {
"type": "object",
"properties": {
"none": {
"type": "integer"
},
"syn_sent": {
"type": "integer"
},
"syn_recv": {
"type": "integer"
},
"established": {
"type": "integer"
},
"fin_wait1": {
"type": "integer"
},
"fin_wait2": {
"type": "integer"
},
"time_wait": {
"type": "integer"
},
"last_ack": {
"type": "integer"
},
"close_wait": {
"type": "integer"
},
"closing": {
"type": "integer"
},
"closed": {
"type": "integer"
}
},
"additionalProperties": false
},
"tcp_liberal": {
"type": "integer"
}
},
"additionalProperties": false
},
"mgr": {
"type": "object",
"properties": {
"flows_checked": {
"type": "integer"
},
"flows_evicted": {
"type": "integer"
},
"flows_evicted_needs_work": {
"type": "integer"
},
"flows_notimeout": {
"type": "integer"
},
"flows_timeout": {
"type": "integer"
},
"full_hash_pass": {
"type": "integer"
},
"rows_maxlen": {
"type": "integer"
},
"rows_per_sec": {
"type": "integer"
}
},
"additionalProperties": false
},
"recycler": {
"type": "object",
"properties": {
"recycled": {
"type": "integer"
},
"queue_avg": {
"type": "integer"
},
"queue_max": {
"type": "integer"
}
},
"additionalProperties": false
},
"wrk": {
"type": "object",
"properties": {
"flows_evicted": {
"type": "integer"
},
"flows_evicted_needs_work": {
"type": "integer"
},
"flows_evicted_pkt_inject": {
"type": "integer"
},
"flows_injected": {
"type": "integer"
},
"flows_injected_max": {
"type": "integer"
},
"spare_sync": {
"type": "integer"
},
"spare_sync_avg": {
"type": "integer"
},
"spare_sync_empty": {
"type": "integer"
},
"spare_sync_incomplete": {
"type": "integer"
}
},
"additionalProperties": false
}
},
"additionalProperties": false
},
"flow_bypassed": {
"type": "object",
"properties": {
"bytes": {
"type": "integer"
},
"closed": {
"type": "integer"
},
"local_bytes": {
"type": "integer"
},
"local_capture_bytes": {
"type": "integer"
},
"local_capture_pkts": {
"type": "integer"
},
"local_pkts": {
"type": "integer"
},
"pkts": {
"type": "integer"
}
},
"additionalProperties": false
},
"flow_mgr": {
"type": "object",
"properties": {
"bypassed_pruned": {
"type": "integer"
},
"closed_pruned": {
"type": "integer"
},
"est_pruned": {
"type": "integer"
},
"flows_checked": {
"type": "integer"
},
"flows_notimeout": {
"type": "integer"
},
"flows_removed": {
"type": "integer"
},
"flows_timeout": {
"type": "integer"
},
"new_pruned": {
"type": "integer"
},
"rows_busy": {
"type": "integer"
},
"rows_checked": {
"type": "integer"
},
"rows_empty": {
"type": "integer"
},
"rows_maxlen": {
"type": "integer"
},
"rows_skipped": {
"type": "integer"
}
},
"additionalProperties": false
},
"ftp": {
"type": "object",
"properties": {
"memcap": {
"type": "integer"
},
"memuse": {
"type": "integer"
}
},
"additionalProperties": false
},
"http": {
"type": "object",
"properties": {
"memcap": {
"type": "integer"
},
"memuse": {
"type": "integer"
}
},
"additionalProperties": false
},
"tcp": {
"type": "object",
"properties": {
"ack_unseen_data": {
"type": "integer"
},
"active_sessions": {
"type": "integer"
},
"insert_data_normal_fail": {
"type": "integer"
},
"insert_data_overlap_fail": {
"type": "integer"
},
"insert_list_fail": {
"type": "integer"
},
"invalid_checksum": {
"type": "integer"
},
"memuse": {
"type": "integer"
},
"midstream_pickups": {
"type": "integer"
},
"no_flow": {
"type": "integer"
},
"overlap": {
"type": "integer"
},
"overlap_diff_data": {
"type": "integer"
},
"pkt_on_wrong_thread": {
"type": "integer"
},
"pseudo": {
"type": "integer"
},
"pseudo_failed": {
"type": "integer"
},
"reassembly_gap": {
"type": "integer"
},
"reassembly_memuse": {
"type": "integer"
},
"rst": {
"type": "integer"
},
"segment_memcap_drop": {
"type": "integer"
},
"segment_from_cache": {
"type": "integer"
},
"segment_from_pool": {
"type": "integer"
},
"sessions": {
"type": "integer"
},
"ssn_from_cache": {
"type": "integer"
},
"ssn_from_pool": {
"type": "integer"
},
"ssn_memcap_drop": {
"type": "integer"
},
"stream_depth_reached": {
"type": "integer"
},
"syn": {
"type": "integer"
},
"synack": {
"type": "integer"
}
},
"additionalProperties": false
}
},
"additionalProperties": false
},
"tcp": {
"type": "object",
"properties": {
"ack": {
"type": "boolean"
},
"cwr": {
"type": "boolean"
},
"ecn": {
"type": "boolean"
},
"fin": {
"type": "boolean"
},
"psh": {
"type": "boolean"
},
"rst": {
"type": "boolean"
},
"state": {
"type": "string"
},
"syn": {
"type": "boolean"
},
"tc_gap": {
"type": "boolean"
},
"tc_max_regions": {
"type": "integer"
},
"tcp_flags": {
"type": "string"
},
"tcp_flags_tc": {
"type": "string"
},
"tcp_flags_ts": {
"type": "string"
},
"ts_gap": {
"type": "boolean"
},
"ts_max_regions": {
"type": "integer"
},
"urg": {
"type": "boolean"
}
},
"additionalProperties": true
},
"template": {
"type": "object",
"properties": {
"request": {
"type": "string"
},
"response": {
"type": "string"
}
},
"additionalProperties": false
},
"tftp": {
"type": "object",
"properties": {
"file": {
"type": "string"
},
"mode": {
"type": "string"
},
"packet": {
"type": "string"
}
},
"additionalProperties": false
},
"tls": {
"type": "object",
"properties": {
"client": {
"type": "object",
"properties": {
"fingerprint": {
"type": "string"
},
"issuerdn": {
"type": "string"
},
"notafter": {
"$ref": "#/$defs/tls_date"
},
"notbefore": {
"$ref": "#/$defs/tls_date"
},
"serial": {
"type": "string"
},
"subject": {
"type": "string"
}
},
"additionalProperties": false
},
"fingerprint": {
"type": "string"
},
"from_proto": {
"type": "string"
},
"issuerdn": {
"type": "string"
},
"notafter": {
"$ref": "#/$defs/tls_date"
},
"notbefore": {
"$ref": "#/$defs/tls_date"
},
"serial": {
"type": "string"
},
"session_resumed": {
"type": "boolean"
},
"sni": {
"type": "string"
},
"subject": {
"type": "string"
},
"version": {
"type": "string"
},
"ja3": {
"type": "object",
"properties": {
"hash": {
"type": "string"
},
"string": {
"type": "string"
}
},
"additionalProperties": false
},
"ja3s": {
"type": "object",
"properties": {
"hash": {
"type": "string"
},
"string": {
"type": "string"
}
},
"additionalProperties": false
}
},
"additionalProperties": false
},
"traffic": {
"type": "object",
"properties": {
"id": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
},
"label": {
"type": "array",
"minItems": 1,
"items": {
"type": "string"
}
}
},
"additionalProperties": false
},
"tunnel": {
"type": "object",
"properties": {
"depth": {
"type": "integer"
},
"dest_ip": {
"type": "string"
},
"dest_port": {
"type": "integer"
},
"pcap_cnt": {
"type": "integer"
},
"pkt_src": {
"type": "string"
},
"proto": {
"type": "string"
},
"src_ip": {
"type": "string"
},
"src_port": {
"type": "integer"
}
},
"additionalProperties": false
}
},
"$defs": {
"stats_applayer_error": {
"type": "object",
"properties": {
"gap": {
"type": "integer"
},
"alloc": {
"type": "integer"
},
"parser": {
"type": "integer"
},
"internal": {
"type": "integer"
}
},
"additionalProperties": false
},
"tls_date": {
"$comment": "Definition for TLS date formats",
"type": "string",
"pattern": "^[1-2]\\d{3}-\\d{2}-\\d{2}T\\d{2}:\\d{2}:\\d{2}$"
},
"verdict_type": {
"type": "object",
"properties": {
"action": {
"type": "string"
},
"reject": {
"type": "array",
"items": {
"type": "string",
"oneOf": [
{
"enum": [
"icmp-prohib",
"tcp-reset"
]
}
]
}
},
"reject-target": {
"type": "string",
"oneOf": [
{
"enum": [
"to_client",
"to_server",
"both"
]
}
]
}
}
}
}
}
Reference in New Issue View Git Blame Copy Permalink