diff options
Diffstat (limited to '')
-rw-r--r-- | test/log-samples/sample-c15acd32844669d23d0cbc88ec548129ed2c592e.txt | 87 |
1 files changed, 87 insertions, 0 deletions
diff --git a/test/log-samples/sample-c15acd32844669d23d0cbc88ec548129ed2c592e.txt b/test/log-samples/sample-c15acd32844669d23d0cbc88ec548129ed2c592e.txt new file mode 100644 index 0000000..a68d490 --- /dev/null +++ b/test/log-samples/sample-c15acd32844669d23d0cbc88ec548129ed2c592e.txt @@ -0,0 +1,87 @@ + Jul 14 14:31:06 linjenkins3 kernel: [31809412.513897] [UFW BLOCK] IN=eth0 OUT= MAC=40:40:2e:9a:ad:92:c4:71:fe:f1:b9:7f:08:00 SRC=69.60.116.202 DST=173.203.237.224 LEN=44 TOS=0x00 PREC=0x00 TTL=29 ID=15852 PROTO=TCP SPT=43998 DPT=3389 WINDOW=3072 RES=0x00 SYN URGP=0 + key 37:68 ^-----------------------------^ 31809412.513897] [UFW BLOCK] IN + sym 69:73 ^--^ eth0 + val 69:73 ^--^ eth0 +pair 37:73 ^----------------------------------^ 31809412.513897] [UFW BLOCK] IN=eth0 + key 74:77 ^-^ OUT +quot 78:78 ^ + val 78:78 ^ +pair 74:78 ^--^ OUT= + key 79:82 ^-^ MAC +hexd 83:124 ^---------------------------------------^ 40:40:2e:9a:ad:92:c4:71:fe:f1:b9:7f:08:00 + val 83:124 ^---------------------------------------^ 40:40:2e:9a:ad:92:c4:71:fe:f1:b9:7f:08:00 +pair 79:124 ^-------------------------------------------^ MAC=40:40:2e:9a:ad:92:c4:71:fe:f1:b9:7f:08:00 + key 125:128 ^-^ SRC +ipv4 129:142 ^-----------^ 69.60.116.202 + val 129:142 ^-----------^ 69.60.116.202 +pair 125:142 ^---------------^ SRC=69.60.116.202 + key 143:146 ^-^ DST +ipv4 147:162 ^-------------^ 173.203.237.224 + val 147:162 ^-------------^ 173.203.237.224 +pair 143:162 ^-----------------^ DST=173.203.237.224 + key 163:166 ^-^ LEN + num 167:169 ^^ 44 + val 167:169 ^^ 44 +pair 163:169 ^----^ LEN=44 + key 170:173 ^-^ TOS + hex 174:178 ^--^ 0x00 + val 174:178 ^--^ 0x00 +pair 170:178 ^------^ TOS=0x00 + key 179:183 ^--^ PREC + hex 184:188 ^--^ 0x00 + val 184:188 ^--^ 0x00 +pair 179:188 ^-------^ PREC=0x00 + key 189:192 ^-^ TTL + num 193:195 ^^ 29 + val 193:195 ^^ 29 +pair 189:195 ^----^ TTL=29 + key 196:198 ^^ ID + num 199:204 ^---^ 15852 + val 199:204 ^---^ 15852 +pair 196:204 ^------^ ID=15852 + key 205:210 ^---^ PROTO + sym 211:214 ^-^ TCP + val 211:214 ^-^ TCP +pair 205:214 ^-------^ PROTO=TCP + key 215:218 ^-^ SPT + num 219:224 ^---^ 43998 + val 219:224 ^---^ 43998 +pair 215:224 ^-------^ SPT=43998 + key 225:228 ^-^ DPT + num 229:233 ^--^ 3389 + val 229:233 ^--^ 3389 +pair 225:233 ^------^ DPT=3389 + key 234:240 ^----^ WINDOW + num 241:245 ^--^ 3072 + val 241:245 ^--^ 3072 +pair 234:245 ^---------^ WINDOW=3072 + key 246:249 ^-^ RES + hex 250:254 ^--^ 0x00 +wspc 254:255 ^ + sym 255:258 ^-^ SYN + val 250:258 ^------^ 0x00 SYN +pair 246:258 ^----------^ RES=0x00 SYN + key 259:263 ^--^ URGP + num 264:265 ^ 0 + val 264:265 ^ 0 +pair 259:265 ^----^ URGP=0 +msg :[31809412.513897] [UFW BLOCK] IN=eth0 OUT= MAC=40:40:2e:9a:ad:92:c4:71:fe:f1:b9:7f:08:00 SRC=69.60.116.202 DST=173.203.237.224 LEN=44 TOS=0x00 PREC=0x00 TTL=29 ID=15852 PROTO=TCP SPT=43998 DPT=3389 WINDOW=3072 RES=0x00 SYN URGP=0 +format :[31809412.513897] [UFW BLOCK] IN=# OUT=# MAC=# SRC=# DST=# LEN=# TOS=# PREC=# TTL=# ID=# PROTO=# SPT=# DPT=# WINDOW=# RES=# URGP=# +{ + "31809412.513897] [UFW BLOCK] IN": "eth0", + "OUT": "", + "MAC": "40:40:2e:9a:ad:92:c4:71:fe:f1:b9:7f:08:00", + "SRC": "69.60.116.202", + "DST": "173.203.237.224", + "LEN": 44, + "TOS": "0x00", + "PREC": "0x00", + "TTL": 29, + "ID": 15852, + "PROTO": "TCP", + "SPT": 43998, + "DPT": 3389, + "WINDOW": 3072, + "RES": "0x00 SYN", + "URGP": 0 +} |