{"timestamp":"2023-10-01T08:51:40.609079+0000","flow_id":1607638975638585,"in_iface":"ens5","event_type":"flow","src_ip":"192.168.1.1","src_port":2626,"dest_ip":"192.168.1.2","dest_port":80,"proto":"TCP","app_proto":"http","flow":{"pkts_toserver":7,"pkts_toclient":5,"bytes_toserver":819,"bytes_toclient":721,"start":"2023-10-01T08:49:17.570915+0000","end":"2023-10-01T08:50:31.572076+0000","age":74,"state":"closed","reason":"timeout","alerted":false},"tcp":{"tcp_flags":"1b","tcp_flags_ts":"1b","tcp_flags_tc":"1b","syn":true,"fin":true,"psh":true,"ack":true,"state":"closed","ts_max_regions":1,"tc_max_regions":1}}
{"timestamp":"2023-10-01T08:50:31.571275+0000","flow_id":1607638975638585,"in_iface":"ens5","event_type":"fileinfo","src_ip":"192.168.1.2","src_port":80,"dest_ip":"192.168.1.1","dest_port":2626,"proto":"TCP","pkt_src":"wire/pcap","http":{"hostname":"example.com","url":"/app/rest/users/id:1/tokens/RPC2","http_user_agent":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.0 Safari/537.36","xff":"45.84.1.145","http_content_type":"text/html","http_method":"POST","protocol":"HTTP/1.1","status":200,"redirect":"https://example.com/app/rest/users/id:1/tokens/RPC2","length":162},"app_proto":"http","fileinfo":{"filename":"/app/rest/users/id:1/tokens/RPC2","gaps":false,"state":"CLOSED","stored":false,"size":162,"tx_id":0}}
{"timestamp":"2023-10-01T08:49:32.453282+0000","flow_id":1607638975638585,"in_iface":"ens5","event_type":"http","src_ip":"192.168.1.1","src_port":2626,"dest_ip":"192.168.1.2","dest_port":80,"proto":"TCP","pkt_src":"wire/pcap","tx_id":0,"http":{"hostname":"example.com","url":"/app/rest/users/id:1/tokens/RPC2","http_user_agent":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.0 Safari/537.36","xff":"45.84.1.145","http_content_type":"text/html","http_method":"POST","protocol":"HTTP/1.1","status":200,"redirect":"https://example.com/app/rest/users/id:1/tokens/RPC2","length":162}}