134 lines
2.8 KiB
Plaintext
134 lines
2.8 KiB
Plaintext
### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
|
|
DNS::log_dns: {
|
|
"ts": 1630238733.951343,
|
|
"uid": "CHhAvVGS1DHFjwGM9",
|
|
"id.orig_h": "172.20.10.3",
|
|
"id.orig_p": 55767,
|
|
"id.resp_h": "172.20.10.1",
|
|
"id.resp_p": 53,
|
|
"proto": "udp",
|
|
"trans_id": 43556,
|
|
"rtt": 0.03791093826293945,
|
|
"query": "corelight.com",
|
|
"qclass": 1,
|
|
"qclass_name": "C_INTERNET",
|
|
"qtype": 1,
|
|
"qtype_name": "A",
|
|
"rcode": 0,
|
|
"rcode_name": "NOERROR",
|
|
"AA": false,
|
|
"TC": false,
|
|
"RD": true,
|
|
"RA": true,
|
|
"Z": 0,
|
|
"answers": [
|
|
"199.60.103.106",
|
|
"199.60.103.6"
|
|
],
|
|
"TTLs": [
|
|
77,
|
|
77
|
|
],
|
|
"rejected": false
|
|
}
|
|
HTTP::log_http: {
|
|
"ts": 1630238734.007674,
|
|
"uid": "ClEkJM2Vm5giqnMf4h",
|
|
"id.orig_h": "172.20.10.3",
|
|
"id.orig_p": 59588,
|
|
"id.resp_h": "199.60.103.106",
|
|
"id.resp_p": 80,
|
|
"trans_depth": 1,
|
|
"method": "GET",
|
|
"host": "corelight.com",
|
|
"uri": "/",
|
|
"version": "1.1",
|
|
"user_agent": "curl/7.76.1",
|
|
"request_body_len": 0,
|
|
"response_body_len": 0,
|
|
"status_code": 301,
|
|
"status_msg": "Moved Permanently",
|
|
"tags": []
|
|
}
|
|
SSL::log_ssl: {
|
|
"ts": 1630238734.2097,
|
|
"uid": "C4J4Th3PJpwUYZZ6gc",
|
|
"id.orig_h": "172.20.10.3",
|
|
"id.orig_p": 45208,
|
|
"id.resp_h": "199.60.103.106",
|
|
"id.resp_p": 443,
|
|
"version": "TLSv13",
|
|
"cipher": "TLS_AES_256_GCM_SHA384",
|
|
"curve": "x25519",
|
|
"server_name": "corelight.com",
|
|
"resumed": false,
|
|
"established": true,
|
|
"ssl_history": "CsiI"
|
|
}
|
|
Conn::log_conn: {
|
|
"ts": 1630238733.951343,
|
|
"uid": "CHhAvVGS1DHFjwGM9",
|
|
"id": {
|
|
"orig_h": "172.20.10.3",
|
|
"orig_p": 55767,
|
|
"resp_h": "172.20.10.1",
|
|
"resp_p": 53
|
|
},
|
|
"proto": "udp",
|
|
"service": "dns",
|
|
"duration": 0.03791093826293945,
|
|
"orig_bytes": 42,
|
|
"resp_bytes": 74,
|
|
"conn_state": "SF",
|
|
"missed_bytes": 0,
|
|
"history": "Dd",
|
|
"orig_pkts": 1,
|
|
"orig_ip_bytes": 70,
|
|
"resp_pkts": 1,
|
|
"resp_ip_bytes": 102
|
|
}
|
|
Conn::log_conn: {
|
|
"ts": 1630238734.184846,
|
|
"uid": "C4J4Th3PJpwUYZZ6gc",
|
|
"id": {
|
|
"orig_h": "172.20.10.3",
|
|
"orig_p": 45208,
|
|
"resp_h": "199.60.103.106",
|
|
"resp_p": 443
|
|
},
|
|
"proto": "tcp",
|
|
"service": "ssl",
|
|
"duration": 0.4085841178894043,
|
|
"orig_bytes": 842,
|
|
"resp_bytes": 96230,
|
|
"conn_state": "SF",
|
|
"missed_bytes": 0,
|
|
"history": "ShADdaFf",
|
|
"orig_pkts": 112,
|
|
"orig_ip_bytes": 6674,
|
|
"resp_pkts": 137,
|
|
"resp_ip_bytes": 103374
|
|
}
|
|
Conn::log_conn: {
|
|
"ts": 1630238733.989832,
|
|
"uid": "ClEkJM2Vm5giqnMf4h",
|
|
"id": {
|
|
"orig_h": "172.20.10.3",
|
|
"orig_p": 59588,
|
|
"resp_h": "199.60.103.106",
|
|
"resp_p": 80
|
|
},
|
|
"proto": "tcp",
|
|
"service": "http",
|
|
"duration": 0.5914499759674072,
|
|
"orig_bytes": 77,
|
|
"resp_bytes": 854,
|
|
"conn_state": "SF",
|
|
"missed_bytes": 0,
|
|
"history": "ShADadFf",
|
|
"orig_pkts": 6,
|
|
"orig_ip_bytes": 397,
|
|
"resp_pkts": 4,
|
|
"resp_ip_bytes": 1070
|
|
}
|