{"timestamp":"2023-09-30T18:59:14.283410+0000","flow_id":1044413358061550,"in_iface":"ens5","event_type":"flow","src_ip":"192.168.1.1","src_port":58910,"dest_ip":"192.168.1.2","dest_port":80,"proto":"TCP","app_proto":"http","flow":{"pkts_toserver":5,"pkts_toclient":5,"bytes_toserver":619,"bytes_toclient":729,"start":"2023-09-30T18:55:48.440302+0000","end":"2023-09-30T18:55:48.581089+0000","age":0,"state":"closed","reason":"timeout","alerted":false},"tcp":{"tcp_flags":"1b","tcp_flags_ts":"1b","tcp_flags_tc":"1b","syn":true,"fin":true,"psh":true,"ack":true,"state":"closed"}}
{"timestamp":"2023-09-30T18:59:10.275210+0000","flow_id":1042160647726015,"in_iface":"ens5","event_type":"flow","src_ip":"192.168.1.1","src_port":58920,"dest_ip":"192.168.1.2","dest_port":80,"proto":"TCP","app_proto":"http","flow":{"pkts_toserver":5,"pkts_toclient":5,"bytes_toserver":1586,"bytes_toclient":729,"start":"2023-09-30T18:55:48.582591+0000","end":"2023-09-30T18:55:48.723196+0000","age":0,"state":"closed","reason":"timeout","alerted":false},"tcp":{"tcp_flags":"1b","tcp_flags_ts":"1b","tcp_flags_tc":"1b","syn":true,"fin":true,"psh":true,"ack":true,"state":"closed"}}
{"timestamp":"2025-07-18T18:55:48.723196+0000","flow_id":1042160647726015,"in_iface":"ens5","event_type":"fileinfo","src_ip":"107.191.58.76","src_port":58920,"dest_ip":"192.168.1.2","dest_port":80,"proto":"TCP","http":{"hostname":"sharepoint.example.com","url":"/_layouts/15/ToolPane.aspx","http_user_agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:120.0) Gecko/20100101 Firefox/120.0","http_content_type":"application/x-www-form-urlencoded","http_method":"POST","protocol":"HTTP/1.1","status":302,"redirect":"/_layouts/15/spinstall0.aspx","length":1024,"http_referer":"/_layouts/SignOut.aspx"},"app_proto":"http","fileinfo":{"filename":"/_layouts/15/ToolPane.aspx","sid":[],"gaps":false,"state":"CLOSED","stored":false,"size":1024,"tx_id":0}}
{"timestamp":"2025-07-18T18:55:48.722948+0000","flow_id":1042160647726015,"in_iface":"ens5","event_type":"http","src_ip":"107.191.58.76","src_port":58920,"dest_ip":"192.168.1.2","dest_port":80,"proto":"TCP","tx_id":0,"http":{"hostname":"sharepoint.example.com","url":"/_layouts/15/ToolPane.aspx","http_user_agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:120.0) Gecko/20100101 Firefox/120.0","http_content_type":"application/x-www-form-urlencoded","http_method":"POST","protocol":"HTTP/1.1","status":302,"redirect":"/_layouts/15/spinstall0.aspx","length":1024,"http_referer":"/_layouts/SignOut.aspx"}}
{"timestamp":"2025-07-18T18:55:49.581089+0000","flow_id":1044413358061550,"in_iface":"ens5","event_type":"fileinfo","src_ip":"107.191.58.76","src_port":58910,"dest_ip":"192.168.1.2","dest_port":80,"proto":"TCP","http":{"hostname":"sharepoint.example.com","url":"/_layouts/15/spinstall0.aspx","http_user_agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:120.0) Gecko/20100101 Firefox/120.0","http_content_type":"text/html","http_method":"GET","protocol":"HTTP/1.1","status":200,"length":162,"http_referer":"/_layouts/SignOut.aspx"},"app_proto":"http","fileinfo":{"filename":"/_layouts/15/spinstall0.aspx","sid":[],"gaps":false,"state":"CLOSED","stored":false,"size":162,"tx_id":0}}
{"timestamp":"2025-07-18T18:55:49.579343+0000","flow_id":1044413358061550,"in_iface":"ens5","event_type":"http","src_ip":"107.191.58.76","src_port":58910,"dest_ip":"192.168.1.2","dest_port":80,"proto":"TCP","tx_id":0,"http":{"hostname":"sharepoint.example.com","url":"/_layouts/15/spinstall0.aspx","http_user_agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:120.0) Gecko/20100101 Firefox/120.0","http_content_type":"text/html","http_method":"GET","protocol":"HTTP/1.1","status":200,"length":162,"http_referer":"/_layouts/SignOut.aspx"}}
{"timestamp":"2025-07-19T07:28:12.283410+0000","flow_id":1044413358061551,"in_iface":"ens5","event_type":"flow","src_ip":"104.238.159.149","src_port":58911,"dest_ip":"192.168.1.2","dest_port":80,"proto":"TCP","app_proto":"http","flow":{"pkts_toserver":5,"pkts_toclient":5,"bytes_toserver":619,"bytes_toclient":729,"start":"2025-07-19T07:28:12.440302+0000","end":"2025-07-19T07:28:12.581089+0000","age":0,"state":"closed","reason":"timeout","alerted":false},"tcp":{"tcp_flags":"1b","tcp_flags_ts":"1b","tcp_flags_tc":"1b","syn":true,"fin":true,"psh":true,"ack":true,"state":"closed"}}
{"timestamp":"2025-07-19T07:28:13.275210+0000","flow_id":1042160647726016,"in_iface":"ens5","event_type":"flow","src_ip":"104.238.159.149","src_port":58921,"dest_ip":"192.168.1.2","dest_port":80,"proto":"TCP","app_proto":"http","flow":{"pkts_toserver":5,"pkts_toclient":5,"bytes_toserver":1586,"bytes_toclient":729,"start":"2025-07-19T07:28:13.582591+0000","end":"2025-07-19T07:28:13.723196+0000","age":0,"state":"closed","reason":"timeout","alerted":false},"tcp":{"tcp_flags":"1b","tcp_flags_ts":"1b","tcp_flags_tc":"1b","syn":true,"fin":true,"psh":true,"ack":true,"state":"closed"}}
{"timestamp":"2025-07-19T07:28:13.723196+0000","flow_id":1042160647726016,"in_iface":"ens5","event_type":"fileinfo","src_ip":"104.238.159.149","src_port":58921,"dest_ip":"192.168.1.2","dest_port":80,"proto":"TCP","http":{"hostname":"sharepoint.example.com","url":"/_layouts/15/ToolPane.aspx?DisplayMode=Edit&a=/ToolPane.aspx","http_user_agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:120.0) Gecko/20100101 Firefox/120.0","http_content_type":"application/x-www-form-urlencoded","http_method":"POST","protocol":"HTTP/1.1","status":302,"redirect":"/_layouts/15/spinstall0.aspx","length":1024,"http_referer":"/_layouts/SignOut.aspx"},"app_proto":"http","fileinfo":{"filename":"/_layouts/15/ToolPane.aspx","sid":[],"gaps":false,"state":"CLOSED","stored":false,"size":1024,"tx_id":0}}
{"timestamp":"2025-07-19T07:28:13.722948+0000","flow_id":1042160647726016,"in_iface":"ens5","event_type":"http","src_ip":"104.238.159.149","src_port":58921,"dest_ip":"192.168.1.2","dest_port":80,"proto":"TCP","tx_id":0,"http":{"hostname":"sharepoint.example.com","url":"/_layouts/15/ToolPane.aspx?DisplayMode=Edit&a=/ToolPane.aspx","http_user_agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:120.0) Gecko/20100101 Firefox/120.0","http_content_type":"application/x-www-form-urlencoded","http_method":"POST","protocol":"HTTP/1.1","status":302,"redirect":"/_layouts/15/spinstall0.aspx","length":1024,"http_referer":"/_layouts/SignOut.aspx"}}
{"timestamp":"2025-07-19T07:28:14.581089+0000","flow_id":1044413358061551,"in_iface":"ens5","event_type":"fileinfo","src_ip":"104.238.159.149","src_port":58911,"dest_ip":"192.168.1.2","dest_port":80,"proto":"TCP","http":{"hostname":"sharepoint.example.com","url":"/_layouts/15/spinstall0.aspx","http_user_agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:120.0) Gecko/20100101 Firefox/120.0","http_content_type":"text/html","http_method":"GET","protocol":"HTTP/1.1","status":200,"length":162,"http_referer":"/_layouts/SignOut.aspx"},"app_proto":"http","fileinfo":{"filename":"/_layouts/15/spinstall0.aspx","sid":[],"gaps":false,"state":"CLOSED","stored":false,"size":162,"tx_id":0}}
{"timestamp":"2025-07-19T07:28:14.579343+0000","flow_id":1044413358061551,"in_iface":"ens5","event_type":"http","src_ip":"104.238.159.149","src_port":58911,"dest_ip":"192.168.1.2","dest_port":80,"proto":"TCP","tx_id":0,"http":{"hostname":"sharepoint.example.com","url":"/_layouts/15/spinstall0.aspx","http_user_agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:120.0) Gecko/20100101 Firefox/120.0","http_content_type":"text/html","http_method":"GET","protocol":"HTTP/1.1","status":200,"length":162,"http_referer":"/_layouts/SignOut.aspx"}}