{"timestamp":"2025-08-29T09:47:20.149708-0400","flow_id":75589540247617,"pcap_cnt":1063,"event_type":"anomaly","src_ip":"192.168.91.132","src_port":80,"dest_ip":"192.168.91.1","dest_port":53901,"proto":"TCP","pkt_src":"wire/pcap","tx_id":0,"anomaly":{"app_proto":"http","type":"applayer","event":"DUPLICATE_CONTENT_LENGTH_FIELD_IN_REQUEST","layer":"proto_parser"}}
{"timestamp":"2025-08-29T09:47:20.149708-0400","flow_id":75589540247617,"pcap_cnt":1063,"event_type":"anomaly","src_ip":"192.168.91.132","src_port":80,"dest_ip":"192.168.91.1","dest_port":53901,"proto":"TCP","pkt_src":"wire/pcap","tx_id":0,"anomaly":{"app_proto":"http","type":"applayer","event":"REQUEST_BODY_UNEXPECTED","layer":"proto_parser"}}
{"timestamp":"2025-08-29T09:47:20.149831-0400","flow_id":75589540247617,"pcap_cnt":1064,"event_type":"fileinfo","src_ip":"192.168.91.1","src_port":53901,"dest_ip":"192.168.91.132","dest_port":80,"proto":"TCP","pkt_src":"wire/pcap","http":{"hostname":"192.168.91.132","url":"/con","http_content_type":"text/html","http_method":"POST","protocol":"HTTP/1.1","status":400,"length":339},"app_proto":"http","fileinfo":{"filename":"/con","gaps":false,"state":"CLOSED","stored":false,"size":30,"tx_id":0}}
{"timestamp":"2025-08-29T09:47:20.149831-0400","flow_id":75589540247617,"pcap_cnt":1064,"event_type":"http","src_ip":"192.168.91.1","src_port":53901,"dest_ip":"192.168.91.132","dest_port":80,"proto":"TCP","pkt_src":"wire/pcap","tx_id":0,"http":{"hostname":"192.168.91.132","url":"/con","http_content_type":"text/html","http_method":"POST","protocol":"HTTP/1.1","status":400,"length":339}}
{"timestamp":"2025-08-29T09:47:20.149900-0400","flow_id":75589540247617,"pcap_cnt":1066,"event_type":"fileinfo","src_ip":"192.168.91.132","src_port":80,"dest_ip":"192.168.91.1","dest_port":53901,"proto":"TCP","pkt_src":"wire/pcap","http":{"hostname":"192.168.91.132","url":"/con","http_content_type":"text/html","http_method":"POST","protocol":"HTTP/1.1","status":400,"length":339},"app_proto":"http","fileinfo":{"filename":"/con","gaps":false,"state":"CLOSED","stored":false,"size":339,"tx_id":0}}
{"timestamp":"2025-08-29T09:46:04.116935-0400","flow_id":75589540247617,"event_type":"flow","src_ip":"192.168.91.1","src_port":53901,"dest_ip":"192.168.91.132","dest_port":80,"proto":"TCP","app_proto":"http","flow":{"pkts_toserver":5,"pkts_toclient":3,"bytes_toserver":413,"bytes_toclient":692,"start":"2025-08-29T09:47:20.148671-0400","end":"2025-08-29T09:47:20.149900-0400","age":0,"state":"closed","reason":"shutdown","alerted":false},"tcp":{"tcp_flags":"1b","tcp_flags_ts":"1b","tcp_flags_tc":"1b","syn":true,"fin":true,"psh":true,"ack":true,"state":"closed","ts_max_regions":1,"tc_max_regions":1}}
{"timestamp":"2025-08-29T09:47:31.447216-0400","flow_id":1074886782871158,"pcap_cnt":1251,"event_type":"anomaly","src_ip":"192.168.91.132","src_port":8080,"dest_ip":"192.168.91.1","dest_port":53930,"proto":"TCP","pkt_src":"wire/pcap","tx_id":0,"anomaly":{"app_proto":"http","type":"applayer","event":"DUPLICATE_CONTENT_LENGTH_FIELD_IN_REQUEST","layer":"proto_parser"}}
{"timestamp":"2025-08-29T09:47:31.447216-0400","flow_id":1074886782871158,"pcap_cnt":1251,"event_type":"anomaly","src_ip":"192.168.91.132","src_port":8080,"dest_ip":"192.168.91.1","dest_port":53930,"proto":"TCP","pkt_src":"wire/pcap","tx_id":0,"anomaly":{"app_proto":"http","type":"applayer","event":"REQUEST_BODY_UNEXPECTED","layer":"proto_parser"}}
{"timestamp":"2025-08-29T09:47:31.447324-0400","flow_id":1074886782871158,"pcap_cnt":1252,"event_type":"fileinfo","src_ip":"192.168.91.1","src_port":53930,"dest_ip":"192.168.91.132","dest_port":8080,"proto":"TCP","pkt_src":"wire/pcap","http":{"hostname":"192.168.91.132","url":"/prn","http_content_type":"text/html","http_method":"POST","protocol":"HTTP/1.1","status":400,"length":339},"app_proto":"http","fileinfo":{"filename":"/prn","gaps":false,"state":"CLOSED","stored":false,"size":30,"tx_id":0}}
{"timestamp":"2025-08-29T09:47:31.447324-0400","flow_id":1074886782871158,"pcap_cnt":1252,"event_type":"http","src_ip":"192.168.91.1","src_port":53930,"dest_ip":"192.168.91.132","dest_port":8080,"proto":"TCP","pkt_src":"wire/pcap","tx_id":0,"http":{"hostname":"192.168.91.132","url":"/prn","http_content_type":"text/html","http_method":"POST","protocol":"HTTP/1.1","status":400,"length":339}}
{"timestamp":"2025-08-29T09:47:31.447342-0400","flow_id":1074886782871158,"pcap_cnt":1254,"event_type":"fileinfo","src_ip":"192.168.91.132","src_port":8080,"dest_ip":"192.168.91.1","dest_port":53930,"proto":"TCP","pkt_src":"wire/pcap","http":{"hostname":"192.168.91.132","url":"/prn","http_content_type":"text/html","http_method":"POST","protocol":"HTTP/1.1","status":400,"length":339},"app_proto":"http","fileinfo":{"filename":"/prn","gaps":false,"state":"CLOSED","stored":false,"size":339,"tx_id":0}}
{"timestamp":"2025-08-29T09:46:04.116935-0400","flow_id":1074886782871158,"event_type":"flow","src_ip":"192.168.91.1","src_port":53930,"dest_ip":"192.168.91.132","dest_port":8080,"proto":"TCP","app_proto":"http","flow":{"pkts_toserver":5,"pkts_toclient":3,"bytes_toserver":413,"bytes_toclient":692,"start":"2025-08-29T09:47:31.446874-0400","end":"2025-08-29T09:47:31.447342-0400","age":0,"state":"closed","reason":"shutdown","alerted":false},"tcp":{"tcp_flags":"1b","tcp_flags_ts":"1b","tcp_flags_tc":"1b","syn":true,"fin":true,"psh":true,"ack":true,"state":"closed","ts_max_regions":1,"tc_max_regions":1}}
{"timestamp":"2025-08-29T09:47:20.151522-0400","flow_id":86270280847266,"pcap_cnt":1079,"event_type":"anomaly","src_ip":"192.168.91.132","src_port":80,"dest_ip":"192.168.91.1","dest_port":53903,"proto":"TCP","pkt_src":"wire/pcap","tx_id":0,"anomaly":{"app_proto":"http","type":"applayer","event":"DUPLICATE_CONTENT_LENGTH_FIELD_IN_REQUEST","layer":"proto_parser"}}
{"timestamp":"2025-08-29T09:47:20.151522-0400","flow_id":86270280847266,"pcap_cnt":1079,"event_type":"anomaly","src_ip":"192.168.91.132","src_port":80,"dest_ip":"192.168.91.1","dest_port":53903,"proto":"TCP","pkt_src":"wire/pcap","tx_id":0,"anomaly":{"app_proto":"http","type":"applayer","event":"REQUEST_BODY_UNEXPECTED","layer":"proto_parser"}}
{"timestamp":"2025-08-29T09:47:20.151638-0400","flow_id":86270280847266,"pcap_cnt":1080,"event_type":"fileinfo","src_ip":"192.168.91.1","src_port":53903,"dest_ip":"192.168.91.132","dest_port":80,"proto":"TCP","pkt_src":"wire/pcap","http":{"hostname":"192.168.91.132","url":"/aux","http_content_type":"text/html","http_method":"POST","protocol":"HTTP/1.1","status":400,"length":339},"app_proto":"http","fileinfo":{"filename":"/aux","gaps":false,"state":"CLOSED","stored":false,"size":30,"tx_id":0}}
{"timestamp":"2025-08-29T09:47:20.151638-0400","flow_id":86270280847266,"pcap_cnt":1080,"event_type":"http","src_ip":"192.168.91.1","src_port":53903,"dest_ip":"192.168.91.132","dest_port":80,"proto":"TCP","pkt_src":"wire/pcap","tx_id":0,"http":{"hostname":"192.168.91.132","url":"/aux","http_content_type":"text/html","http_method":"POST","protocol":"HTTP/1.1","status":400,"length":339}}
{"timestamp":"2025-08-29T09:47:20.151747-0400","flow_id":86270280847266,"pcap_cnt":1082,"event_type":"fileinfo","src_ip":"192.168.91.132","src_port":80,"dest_ip":"192.168.91.1","dest_port":53903,"proto":"TCP","pkt_src":"wire/pcap","http":{"hostname":"192.168.91.132","url":"/aux","http_content_type":"text/html","http_method":"POST","protocol":"HTTP/1.1","status":400,"length":339},"app_proto":"http","fileinfo":{"filename":"/aux","gaps":false,"state":"CLOSED","stored":false,"size":339,"tx_id":0}}
{"timestamp":"2025-08-29T09:46:04.116935-0400","flow_id":86270280847266,"event_type":"flow","src_ip":"192.168.91.1","src_port":53903,"dest_ip":"192.168.91.132","dest_port":80,"proto":"TCP","app_proto":"http","flow":{"pkts_toserver":5,"pkts_toclient":3,"bytes_toserver":413,"bytes_toclient":692,"start":"2025-08-29T09:47:20.151158-0400","end":"2025-08-29T09:47:20.151747-0400","age":0,"state":"closed","reason":"shutdown","alerted":false},"tcp":{"tcp_flags":"1b","tcp_flags_ts":"1b","tcp_flags_tc":"1b","syn":true,"fin":true,"psh":true,"ack":true,"state":"closed","ts_max_regions":1,"tc_max_regions":1}}