Filename: sessions.pcap
Status: Failed
IDS: suricata-3.0
Ruleset: etproenall-all
Runtime: 86.3096110821 seconds
Hash: 732f896d981a50fc939016c0cd7c36d1
Uploaded: 1510023645

Logfiles


packet_stats.log - (1336 bytes) - download
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
Packet profile dump:

IP ver   Proto   cnt            min            max            avg            tot           %% 
------   -----   ----------     ------------   ------------   -----------    -----------   ---
Note: Protocol 256 tracks pseudo/tunnel packets.

Per Thread module stats:

Thread Module              IP ver   Proto   cnt            min            max            avg            tot           %% 
------------------------   ------   -----   ----------     ------------   ------------   -----------    -----------   ---
Note: TMM_STREAMTCP includes TCP app layer parsers, see below.

Per App layer parser stats:

App Layer              IP ver   Proto   cnt            min            max            avg         
--------------------   ------   -----   ----------     ------------   ------------   ----------- 

Log Thread Module          IP ver   Proto   cnt            min            max            avg            tot           %% 
------------------------   ------   -----   ----------     ------------   ------------   -----------    -----------   ---

General detection engine stats:

Detection phase            IP ver   Proto   cnt            min            max            avg            tot         
------------------------   ------   -----   ----------     ------------   ------------   -----------    ----------- 


stats.log - (574 bytes) - download
1
2
3
4
5
6
7
8
9
-------------------------------------------------------------------
Date: 11/7/2017 -- 03:02:33 (uptime: 0d, 00h 00m 01s)
-------------------------------------------------------------------
Counter                   | TM Name                   | Value
-------------------------------------------------------------------
flow.spare                | Total                     | 10000
tcp.memuse                | Total                     | 393216
tcp.reassembly_memuse     | Total                     | 12320544
flow.memuse               | Total                     | 7074304


perf.txt - (447 bytes) - download
1
2
3
4
5
  --------------------------------------------------------------------------
  Date: 11/7/2017 -- 03:02:33
  --------------------------------------------------------------------------
   Num      Rule         Gid      Rev      Ticks        %      Checks   Matches  Max Ticks   Avg Ticks   Avg Match   Avg No Match
  -------- ------------ -------- -------- ------------ ------ -------- -------- ----------- ----------- ----------- -------------- 


keyword_perf.log - (706 bytes) - download
1
2
3
4
5
6
7
  --------------------------------------------------------------------------------------------------------------------------------
  Date: 11/7/2017 -- 03:02:33
  --------------------------------------------------------------------------------------------------------------------------------
  Stats for: total
  --------------------------------------------------------------------------------------------------------------------------------
  Keyword          Ticks           Checks          Matches         Max Ticks       Avg             Avg Match       Avg No Match   
  ---------------- --------------- --------------- --------------- --------------- --------------- --------------- --------------- 


IDSDeathBlossom.py.log - (910 bytes) - download
1
2
3
4
5
6
2017-11-07 03:00:46,020 - INFO - __init__ - /opt/IDSDeathBlossom/IDSDeathBlossom.py +38 - DBType: MYSQL
2017-11-07 03:00:47,387 - INFO - <module> - /opt/IDSDeathBlossom/IDSDeathBlossom.py +247 - Runmode set to run
2017-11-07 03:00:47,388 - INFO - <module> - /opt/IDSDeathBlossom/IDSDeathBlossom.py +248 - Targets set to suricata-3.0-etproenall-all
2017-11-07 03:00:47,389 - INFO - run - /opt/IDSDeathBlossom/IDSDeathBlossom.py +320 - looping 1 times in runmode run
2017-11-07 03:00:47,389 - INFO - run - /opt/IDSDeathBlossom/IDSDeathBlossom.py +330 - run with success 0 out of 1
2017-11-07 03:00:47,389 - INFO - execute - /opt/IDSDeathBlossom/IDSDeathBlossom.py +207 - Executing: /opt/suricata30/bin/suricata -c /opt/suricata30/etc/etproenall/suricata30-etproenall-all.yaml -l /var/www/html/732f896d981a50fc939016c0cd7c36d100281a7c633a7e00ccc30d2d3948afcd -r /var/pcap/11072017.0250-sessions.pcap -vvv -k none