{"timestamp":"2024-02-21T12:56:17.340322+0000","flow_id":646854177502744,"in_iface":"ens5","event_type":"flow","src_ip":"10.0.3.130","src_port":12746,"dest_ip":"10.0.4.227","dest_port":80,"proto":"TCP","app_proto":"http","flow":{"pkts_toserver":5,"pkts_toclient":5,"bytes_toserver":707,"bytes_toclient":741,"start":"2024-02-21T12:53:14.740431+0000","end":"2024-02-21T12:55:16.355869+0000","age":122,"state":"closed","reason":"timeout","alerted":false},"tcp":{"tcp_flags":"1b","tcp_flags_ts":"1b","tcp_flags_tc":"1b","syn":true,"fin":true,"psh":true,"ack":true,"state":"closed","ts_max_regions":1,"tc_max_regions":1}}
{"timestamp":"2024-02-21T12:55:16.354650+0000","flow_id":646854177502744,"in_iface":"ens5","event_type":"fileinfo","src_ip":"10.0.4.227","src_port":80,"dest_ip":"10.0.3.130","dest_port":12746,"proto":"TCP","pkt_src":"wire/pcap","http":{"hostname":"example.com","url":"/SetupWizard.aspx/eXjZELemBx","http_user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36","xff":"172.104.224.18","http_content_type":"text/html","http_method":"POST","protocol":"HTTP/1.1","status":200,"redirect":"https://example.com/SetupWizard.aspx/eXjZELemBx","length":162},"app_proto":"http","fileinfo":{"filename":"/SetupWizard.aspx/eXjZELemBx","gaps":false,"state":"CLOSED","stored":false,"size":162,"tx_id":0}}
{"timestamp":"2024-02-21T12:54:11.352870+0000","flow_id":646854177502744,"in_iface":"ens5","event_type":"http","src_ip":"10.0.3.130","src_port":12746,"dest_ip":"10.0.4.227","dest_port":80,"proto":"TCP","pkt_src":"wire/pcap","tx_id":0,"http":{"hostname":"example.com","url":"/SetupWizard.aspx/eXjZELemBx","http_user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36","xff":"172.104.224.18","http_content_type":"text/html","http_method":"POST","protocol":"HTTP/1.1","status":200,"redirect":"https://example.com/SetupWizard.aspx/eXjZELemBx","length":162}}