clones/librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-09-21 10:28:13 +00:00
Code Issues Packages Projects Releases Wiki Activity
c6cac9d90b
librenms/tests/data/linux_suricata-v2.json
Zane C. Bowers-Hadley 572258e0c2
add Suricata 7 support to Suricata (#16044) 
* breakout handling of suricata extend v. 1 returns

* initial work for suricata 7.0.0

* add shared file for various Suricata related variables

* update handling for new Suricata stuff

* fix suricata rrd name bits

* update suricata app page a bit

* misc

* add a new v2 suricata graph

* more suricata v2 graphs

* fix app data for suricata

* more graph work

* fix initial graphs

* the page selector for suricata v2

* more cleanup for suricata stuff

* add more graphs

* add suricata_v2_pkt_drop.inc.php

* add suricata_v2_error_delta.inc.php

* add suricata app layer flows graph

* add app layer tx

* start work on bypassed

* add flow bypass stuff

* add suricata error stuff

* add more graphs

* more suricata v2 work

* ...

* add packets overview

* cleanup suricata_packets_overview.inc.php

* more work on the overview graphs

* error delta is now per second

* cleanup suricata_v2_app_layer_error_alloc.inc.php

* add new flow proto stuff

* add suricata_v2_flow_proto

* add new overview graph

* update v2 app layer flows graph

* more v2 graph cleanup

* suricata graph cleanup

* suricata_dec_proto_overview now works

* more graph work for suricata

* more graph work

* add another overview graph

* snmp fix

* add a new overview graph

* add a new over view

* more graph stuff

* more memory graphs

* tidy pages bit

* more work on decoder stuff

* more decoder work

* decoder stuff done

* cleanup suricata_packets_overview.inc.php

* appl layer tx work

* add app flow stuff

* fix suricata_v2_decoder__event__ethernet.inc.php

* fix suricata_v2_decoder__event__ipv4.inc.php

* fix suricata_v2_decoder__event__ipv6.inc.php

* add alloc error stuff

* more error related work

* more error stuff

* start work on internal errors

* add internal error graphs

* parser error stuff done

* more decoder work

* decoder icmpv4

* more decoder work

* ltnull done

* mpls decoder stuff

* nsh decoder work

* decoder ppp done

* more decoder work

* more decoder work

* more vlan work

* vntag decoder stuff done

* descr_len auto set for generic stats

* ipv6 decoder stuff done

* style fix

* style fix

* more style cleanup

* more suricata graph work

* fix require usage

* tweak drop info a bit

* add some checks for for with suricata 7.0.4

* more suricata tweaks

* fix sagan instance handling

* another minor fix

* fix improper munging

* rever something accidentally added to this repo

* add linux_suricata-v2.snmprex

* rename the metrics for instances from instance_ to instances_

* add linux_suricata-v2.json test data

* style fix

* minor munging tweak

* style cleanup

* some app data fixes

* remove a typo from test data

* add deleted_at and make sure discovered is numeric and not a string 1

* derp... json fix

* remove something accidentally added

* fix a small erorr in the test data

* add a missing variable to the test data

* try another tweak for suricata json test stuff

* derp... fix a type in the suricata poller

* revert a test data change

* re-order some the metrics in the test

* some more metric re-ordering

* add a missing status

* remove something that was accidentally added to this branch instead of another

* strcmp cleanup

* style fix
2024-06-09 19:47:15 -05:00

5735 lines
210 KiB
JSON
Raw Blame History

{
"applications": {
"discovery": {
"applications": [
{
"app_type": "suricata",
"app_state": "UNKNOWN",
"discovered": 1,
"app_state_prev": null,
"app_status": "",
"app_instance": "",
"data": null,
"deleted_at": null
}
]
},
"poller": {
"applications": [
{
"app_type": "suricata",
"app_state": "OK",
"discovered": 1,
"app_state_prev": "UNKNOWN",
"app_status": "",
"app_instance": "",
"data": "{\"version\":2,\"instances\":[\"ids\"]}",
"deleted_at": null
}
],
"application_metrics": [
{
"metric": "alert",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__bittorrent-dht__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__bittorrent-dht__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__bittorrent-dht__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__bittorrent-dht__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__dcerpc_tcp__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__dcerpc_tcp__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__dcerpc_tcp__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__dcerpc_tcp__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__dcerpc_udp__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__dcerpc_udp__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__dcerpc_udp__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__dhcp__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__dhcp__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__dhcp__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__dhcp__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__dnp3__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__dnp3__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__dnp3__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__dnp3__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__dns_tcp__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__dns_tcp__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__dns_tcp__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__dns_tcp__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__dns_udp__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__dns_udp__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__dns_udp__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__enip_tcp__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__enip_tcp__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__enip_tcp__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__enip_tcp__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__enip_udp__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__enip_udp__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__enip_udp__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__failed_tcp__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__ftp__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__ftp__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__ftp__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__ftp__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__ftp-data__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__ftp-data__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__ftp-data__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__ftp-data__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__http__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__http__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__http__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__http__parser",
"value": 72,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__http2__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__http2__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__http2__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__http2__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__ike__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__ike__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__ike__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__ike__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__imap__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__imap__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__imap__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__imap__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__krb5_tcp__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__krb5_tcp__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__krb5_tcp__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__krb5_tcp__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__krb5_udp__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__krb5_udp__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__krb5_udp__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__modbus__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__modbus__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__modbus__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__modbus__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__mqtt__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__mqtt__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__mqtt__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__mqtt__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__nfs_tcp__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__nfs_tcp__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__nfs_tcp__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__nfs_tcp__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__nfs_udp__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__nfs_udp__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__nfs_udp__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__ntp__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__ntp__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__ntp__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__ntp__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__pgsql__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__pgsql__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__pgsql__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__pgsql__parser",
"value": 2,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__quic__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__quic__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__quic__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__quic__parser",
"value": 2439,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__rdp__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__rdp__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__rdp__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__rdp__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__rfb__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__rfb__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__rfb__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__rfb__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__sip__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__sip__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__sip__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__sip__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__smb__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__smb__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__smb__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__smb__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__smtp__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__smtp__gap",
"value": 70,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__smtp__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__smtp__parser",
"value": 277204,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__snmp__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__snmp__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__snmp__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__snmp__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__ssh__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__ssh__gap",
"value": 39,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__ssh__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__ssh__parser",
"value": 1232,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__telnet__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__telnet__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__telnet__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__telnet__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__tftp__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__tftp__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__tftp__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__tftp__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__tls__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__tls__gap",
"value": 4939,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__tls__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__error__tls__parser",
"value": 627081,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__expectations",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__bittorrent-dht",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__dcerpc_tcp",
"value": 6,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__dcerpc_udp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__dhcp",
"value": 3180,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__dnp3",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__dns_tcp",
"value": 40908,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__dns_udp",
"value": 25408500,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__enip_tcp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__enip_udp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__failed_tcp",
"value": 26257,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__failed_udp",
"value": 580648,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__ftp",
"value": 4,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__ftp-data",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__http",
"value": 2274646,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__http2",
"value": 47,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__ike",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__imap",
"value": 4,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__krb5_tcp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__krb5_udp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__modbus",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__mqtt",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__nfs_tcp",
"value": 87,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__nfs_udp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__ntp",
"value": 48869,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__pgsql",
"value": 6238,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__quic",
"value": 3483,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__rdp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__rfb",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__sip",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__smb",
"value": 30,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__smtp",
"value": 362804,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__snmp",
"value": 290965,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__ssh",
"value": 28903,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__telnet",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__tftp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__flow__tls",
"value": 5485861,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__tx__bittorrent-dht",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__tx__dcerpc_tcp",
"value": 6,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__tx__dcerpc_udp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__tx__dhcp",
"value": 67985,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__tx__dnp3",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__tx__dns_tcp",
"value": 81949,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__tx__dns_udp",
"value": 56342448,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__tx__enip_tcp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__tx__enip_udp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__tx__ftp",
"value": 8,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__tx__ftp-data",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__tx__http",
"value": 4499000,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__tx__http2",
"value": 77,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__tx__ike",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__tx__imap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__tx__krb5_tcp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__tx__krb5_udp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__tx__modbus",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__tx__mqtt",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__tx__nfs_tcp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__tx__nfs_udp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__tx__ntp",
"value": 75266,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__tx__pgsql",
"value": 37404,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__tx__quic",
"value": 9256,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__tx__rdp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__tx__rfb",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__tx__sip",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__tx__smb",
"value": 30,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__tx__smtp",
"value": 610596,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__tx__snmp",
"value": 4724882,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__tx__ssh",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__tx__telnet",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__tx__tftp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_app_layer__tx__tls",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_capture__kernel_drops",
"value": 6325373,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_capture__kernel_ifdrops",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_capture__kernel_packets",
"value": 1741216905,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__arp",
"value": 876886,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__avg_pkt_size",
"value": 376,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__bytes",
"value": 653962159280,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__chdlc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__erspan",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__esp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__ethernet",
"value": 1734891574,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__chdlc__pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__dce__pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__erspan__header_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__erspan__too_many_vlan_layers",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__erspan__unsupported_version",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__esp__pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ethernet__pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__geneve__unknown_payload_type",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__gre__pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__gre__version0_flags",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__gre__version0_hdr_too_big",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__gre__version0_malformed_sre_hdr",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__gre__version0_recur",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__gre__version1_chksum",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__gre__version1_flags",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__gre__version1_hdr_too_big",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__gre__version1_malformed_sre_hdr",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__gre__version1_no_key",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__gre__version1_recur",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__gre__version1_route",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__gre__version1_ssr",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__gre__version1_wrong_protocol",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__gre__wrong_version",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__icmpv4__ipv4_trunc_pkt",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__icmpv4__ipv4_unknown_ver",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__icmpv4__pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__icmpv4__unknown_code",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__icmpv4__unknown_type",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__icmpv6__experimentation_type",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__icmpv6__ipv6_trunc_pkt",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__icmpv6__ipv6_unknown_version",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__icmpv6__mld_message_with_invalid_h",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__icmpv6__pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__icmpv6__unassigned_type",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__icmpv6__unknown_code",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__icmpv6__unknown_type",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ieee8021ah__header_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipraw__invalid_ip_version",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv4__frag_ignored",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv4__frag_overlap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv4__frag_pkt_too_large",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv4__hlen_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv4__icmpv6",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv4__iplen_smaller_than_hlen",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv4__opt_duplicate",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv4__opt_eol_required",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv4__opt_invalid",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv4__opt_invalid_len",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv4__opt_malformed",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv4__opt_pad_required",
"value": 2,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv4__opt_unknown",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv4__pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv4__trunc_pkt",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv4__wrong_ip_version",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv6__data_after_none_header",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv6__dstopts_only_padding",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv6__dstopts_unknown_opt",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv6__exthdr_ah_res_not_null",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv6__exthdr_dupl_ah",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv6__exthdr_dupl_dh",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv6__exthdr_dupl_eh",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv6__exthdr_dupl_fh",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv6__exthdr_dupl_hh",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv6__exthdr_dupl_rh",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv6__exthdr_invalid_optlen",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv6__exthdr_useless_fh",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv6__fh_non_zero_reserved_field",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv6__frag_ignored",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv6__frag_invalid_length",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv6__frag_overlap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv6__frag_pkt_too_large",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv6__hopopts_only_padding",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv6__hopopts_unknown_opt",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv6__icmpv4",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv6__ipv4_in_ipv6_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv6__ipv4_in_ipv6_wrong_version",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv6__ipv6_in_ipv6_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv6__ipv6_in_ipv6_wrong_version",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv6__pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv6__rh_type_0",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv6__trunc_exthdr",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv6__trunc_pkt",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv6__unknown_next_header",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv6__wrong_ip_version",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ipv6__zero_len_padn",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ltnull__pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ltnull__unsupported_type",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__mpls__bad_label_implicit_null",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__mpls__bad_label_reserved",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__mpls__bad_label_router_alert",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__mpls__header_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__mpls__pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__mpls__unknown_payload_type",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__nsh__bad_header_length",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__nsh__header_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__nsh__reserved_type",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__nsh__unknown_payload",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__nsh__unsupported_type",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__nsh__unsupported_version",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ppp__ip4_pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ppp__ip6_pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ppp__pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ppp__unsup_proto",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ppp__vju_pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__ppp__wrong_type",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__pppoe__malformed_tags",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__pppoe__pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__pppoe__wrong_code",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__sctp__pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__sll__pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__tcp__hlen_too_small",
"value": 31,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__tcp__invalid_optlen",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__tcp__opt_duplicate",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__tcp__opt_invalid_len",
"value": 1,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__tcp__pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__udp__hlen_invalid",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__udp__hlen_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__udp__len_invalid",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__udp__pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__vlan__header_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__vlan__too_many_layers",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__vlan__unknown_type",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__vntag__header_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__vntag__unknown_type",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__event__vxlan__unknown_payload_type",
"value": 37,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__geneve",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__gre",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__icmpv4",
"value": 19880450,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__icmpv6",
"value": 17813,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__ieee8021ah",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__invalid",
"value": 68,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__ipv4",
"value": 1733122459,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__ipv4_in_ipv6",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__ipv6",
"value": 18591,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__ipv6_in_ipv6",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__max_mac_addrs_dst",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__max_mac_addrs_src",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__max_pkt_size",
"value": 1514,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__mpls",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__nsh",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__null",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__pkts",
"value": 1734891574,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__ppp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__pppoe",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__raw",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__sctp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__sll",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__tcp",
"value": 1492247140,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__teredo",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__too_many_layers",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__udp",
"value": 220595479,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__unknown_ethertype",
"value": 1054032,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__vlan",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__vlan_qinq",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__vlan_qinqinq",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__vntag",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_decoder__vxlan",
"value": 37,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_defrag__ipv4__fragments",
"value": 400166,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_defrag__ipv4__reassembled",
"value": 180394,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_defrag__ipv6__fragments",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_defrag__ipv6__reassembled",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_defrag__max_frag_hits",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_detect__alert",
"value": 26379,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_detect__alert_queue_overflow",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_detect__alerts_suppressed",
"value": 391806,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_file_store__fs_errors",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_file_store__open_files",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_file_store__open_files_max_hit",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__active",
"value": 1759,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__emerg_mode_entered",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__emerg_mode_over",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__end__state__closed",
"value": 7868744,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__end__state__established",
"value": 25715466,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__end__state__local_bypassed",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__end__state__new",
"value": 983233,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__end__tcp_liberal",
"value": 6427,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__end__tcp_state__close_wait",
"value": 3171,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__end__tcp_state__closed",
"value": 7556083,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__end__tcp_state__closing",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__end__tcp_state__established",
"value": 1914,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__end__tcp_state__fin_wait1",
"value": 841,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__end__tcp_state__fin_wait2",
"value": 35697,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__end__tcp_state__last_ack",
"value": 262224,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__end__tcp_state__none",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__end__tcp_state__syn_recv",
"value": 4366,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__end__tcp_state__syn_sent",
"value": 96970,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__end__tcp_state__time_wait",
"value": 50437,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__get_used",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__get_used_eval",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__get_used_eval_busy",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__get_used_eval_reject",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__get_used_failed",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__icmpv4",
"value": 128280,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__icmpv6",
"value": 10444,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__memcap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__memuse",
"value": 7615216,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__mgr__flows_checked",
"value": 110169569,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__mgr__flows_evicted",
"value": 34286184,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__mgr__flows_evicted_needs_work",
"value": 7225174,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__mgr__flows_notimeout",
"value": 75883385,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__mgr__flows_timeout",
"value": 34286184,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__mgr__full_hash_pass",
"value": 303032,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__mgr__rows_maxlen",
"value": 8,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__mgr__rows_per_sec",
"value": 6553,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__recycler__queue_avg",
"value": 7,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__recycler__queue_max",
"value": 948,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__recycler__recycled",
"value": 27061010,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__spare",
"value": 11098,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__tcp",
"value": 8094833,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__tcp_reuse",
"value": 841,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__total",
"value": 34569202,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__udp",
"value": 26335645,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__wrk__flows_evicted",
"value": 2360569,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__wrk__flows_evicted_needs_work",
"value": 7272282,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__wrk__flows_evicted_pkt_inject",
"value": 9771563,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__wrk__flows_injected",
"value": 7225185,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__wrk__flows_injected_max",
"value": 528,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__wrk__spare_sync",
"value": 298602,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__wrk__spare_sync_avg",
"value": 90,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__wrk__spare_sync_empty",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow__wrk__spare_sync_incomplete",
"value": 197770,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow_bypassed__bytes",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow_bypassed__closed",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow_bypassed__local_bytes",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow_bypassed__local_capture_bytes",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow_bypassed__local_capture_pkts",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow_bypassed__local_pkts",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_flow_bypassed__pkts",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_ftp__memcap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_ftp__memuse",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_http__memcap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_http__memuse",
"value": 4817354,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_memcap_pressure",
"value": 5,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_memcap_pressure_max",
"value": 63,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_tcp__ack_unseen_data",
"value": 47005,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_tcp__active_sessions",
"value": 260,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_tcp__insert_data_normal_fail",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_tcp__insert_data_overlap_fail",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_tcp__invalid_checksum",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_tcp__memuse",
"value": 2475040,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_tcp__midstream_pickups",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_tcp__overlap",
"value": 438385,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_tcp__overlap_diff_data",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_tcp__pkt_on_wrong_thread",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_tcp__pseudo",
"value": 823992,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_tcp__pseudo_failed",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_tcp__reassembly_gap",
"value": 9929,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_tcp__reassembly_memuse",
"value": 3697168,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_tcp__rst",
"value": 3648542,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_tcp__segment_from_cache",
"value": 210507555,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_tcp__segment_from_pool",
"value": 25923977,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_tcp__segment_memcap_drop",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_tcp__sessions",
"value": 8011963,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_tcp__ssn_from_cache",
"value": 6508924,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_tcp__ssn_from_pool",
"value": 1503039,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_tcp__ssn_memcap_drop",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_tcp__stream_depth_reached",
"value": 19331,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_tcp__syn",
"value": 8352528,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_tcp__synack",
"value": 7944311,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "instances_ids_uptime",
"value": 1877156,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__bittorrent-dht__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__bittorrent-dht__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__bittorrent-dht__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__bittorrent-dht__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__dcerpc_tcp__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__dcerpc_tcp__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__dcerpc_tcp__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__dcerpc_tcp__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__dcerpc_udp__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__dcerpc_udp__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__dcerpc_udp__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__dhcp__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__dhcp__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__dhcp__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__dhcp__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__dnp3__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__dnp3__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__dnp3__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__dnp3__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__dns_tcp__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__dns_tcp__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__dns_tcp__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__dns_tcp__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__dns_udp__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__dns_udp__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__dns_udp__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__enip_tcp__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__enip_tcp__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__enip_tcp__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__enip_tcp__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__enip_udp__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__enip_udp__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__enip_udp__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__failed_tcp__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__ftp__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__ftp__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__ftp__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__ftp__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__ftp-data__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__ftp-data__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__ftp-data__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__ftp-data__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__http__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__http__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__http__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__http__parser",
"value": 72,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__http2__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__http2__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__http2__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__http2__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__ike__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__ike__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__ike__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__ike__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__imap__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__imap__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__imap__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__imap__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__krb5_tcp__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__krb5_tcp__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__krb5_tcp__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__krb5_tcp__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__krb5_udp__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__krb5_udp__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__krb5_udp__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__modbus__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__modbus__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__modbus__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__modbus__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__mqtt__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__mqtt__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__mqtt__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__mqtt__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__nfs_tcp__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__nfs_tcp__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__nfs_tcp__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__nfs_tcp__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__nfs_udp__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__nfs_udp__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__nfs_udp__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__ntp__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__ntp__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__ntp__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__ntp__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__pgsql__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__pgsql__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__pgsql__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__pgsql__parser",
"value": 2,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__quic__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__quic__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__quic__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__quic__parser",
"value": 2439,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__rdp__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__rdp__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__rdp__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__rdp__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__rfb__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__rfb__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__rfb__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__rfb__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__sip__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__sip__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__sip__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__sip__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__smb__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__smb__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__smb__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__smb__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__smtp__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__smtp__gap",
"value": 70,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__smtp__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__smtp__parser",
"value": 277204,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__snmp__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__snmp__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__snmp__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__snmp__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__ssh__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__ssh__gap",
"value": 39,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__ssh__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__ssh__parser",
"value": 1232,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__telnet__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__telnet__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__telnet__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__telnet__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__tftp__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__tftp__gap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__tftp__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__tftp__parser",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__tls__alloc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__tls__gap",
"value": 4939,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__tls__internal",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__error__tls__parser",
"value": 627081,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__expectations",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__bittorrent-dht",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__dcerpc_tcp",
"value": 6,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__dcerpc_udp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__dhcp",
"value": 3180,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__dnp3",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__dns_tcp",
"value": 40908,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__dns_udp",
"value": 25408500,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__enip_tcp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__enip_udp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__failed_tcp",
"value": 26257,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__failed_udp",
"value": 580648,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__ftp",
"value": 4,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__ftp-data",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__http",
"value": 2274646,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__http2",
"value": 47,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__ike",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__imap",
"value": 4,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__krb5_tcp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__krb5_udp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__modbus",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__mqtt",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__nfs_tcp",
"value": 87,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__nfs_udp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__ntp",
"value": 48869,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__pgsql",
"value": 6238,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__quic",
"value": 3483,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__rdp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__rfb",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__sip",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__smb",
"value": 30,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__smtp",
"value": 362804,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__snmp",
"value": 290965,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__ssh",
"value": 28903,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__telnet",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__tftp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__flow__tls",
"value": 5485861,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__tx__bittorrent-dht",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__tx__dcerpc_tcp",
"value": 6,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__tx__dcerpc_udp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__tx__dhcp",
"value": 67985,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__tx__dnp3",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__tx__dns_tcp",
"value": 81949,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__tx__dns_udp",
"value": 56342448,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__tx__enip_tcp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__tx__enip_udp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__tx__ftp",
"value": 8,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__tx__ftp-data",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__tx__http",
"value": 4499000,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__tx__http2",
"value": 77,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__tx__ike",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__tx__imap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__tx__krb5_tcp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__tx__krb5_udp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__tx__modbus",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__tx__mqtt",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__tx__nfs_tcp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__tx__nfs_udp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__tx__ntp",
"value": 75266,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__tx__pgsql",
"value": 37404,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__tx__quic",
"value": 9256,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__tx__rdp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__tx__rfb",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__tx__sip",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__tx__smb",
"value": 30,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__tx__smtp",
"value": 610596,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__tx__snmp",
"value": 4724882,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__tx__ssh",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__tx__telnet",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__tx__tftp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_app_layer__tx__tls",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_capture__kernel_drops",
"value": 6325373,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_capture__kernel_drops_any",
"value": 6325373,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_capture__kernel_ifdrops",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_capture__kernel_packets",
"value": 1741216905,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__arp",
"value": 876886,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__avg_pkt_size",
"value": 376,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__bytes",
"value": 653962159280,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__chdlc",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__erspan",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__esp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__ethernet",
"value": 1734891574,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__chdlc__pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__dce__pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__erspan__header_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__erspan__too_many_vlan_layers",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__erspan__unsupported_version",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__esp__pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ethernet__pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__geneve__unknown_payload_type",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__gre__pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__gre__version0_flags",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__gre__version0_hdr_too_big",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__gre__version0_malformed_sre_hdr",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__gre__version0_recur",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__gre__version1_chksum",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__gre__version1_flags",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__gre__version1_hdr_too_big",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__gre__version1_malformed_sre_hdr",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__gre__version1_no_key",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__gre__version1_recur",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__gre__version1_route",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__gre__version1_ssr",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__gre__version1_wrong_protocol",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__gre__wrong_version",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__icmpv4__ipv4_trunc_pkt",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__icmpv4__ipv4_unknown_ver",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__icmpv4__pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__icmpv4__unknown_code",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__icmpv4__unknown_type",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__icmpv6__experimentation_type",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__icmpv6__ipv6_trunc_pkt",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__icmpv6__ipv6_unknown_version",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__icmpv6__mld_message_with_invalid_hl",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__icmpv6__pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__icmpv6__unassigned_type",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__icmpv6__unknown_code",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__icmpv6__unknown_type",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ieee8021ah__header_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipraw__invalid_ip_version",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv4__frag_ignored",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv4__frag_overlap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv4__frag_pkt_too_large",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv4__hlen_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv4__icmpv6",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv4__iplen_smaller_than_hlen",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv4__opt_duplicate",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv4__opt_eol_required",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv4__opt_invalid",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv4__opt_invalid_len",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv4__opt_malformed",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv4__opt_pad_required",
"value": 2,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv4__opt_unknown",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv4__pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv4__trunc_pkt",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv4__wrong_ip_version",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv6__data_after_none_header",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv6__dstopts_only_padding",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv6__dstopts_unknown_opt",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv6__exthdr_ah_res_not_null",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv6__exthdr_dupl_ah",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv6__exthdr_dupl_dh",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv6__exthdr_dupl_eh",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv6__exthdr_dupl_fh",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv6__exthdr_dupl_hh",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv6__exthdr_dupl_rh",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv6__exthdr_invalid_optlen",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv6__exthdr_useless_fh",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv6__fh_non_zero_reserved_field",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv6__frag_ignored",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv6__frag_invalid_length",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv6__frag_overlap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv6__frag_pkt_too_large",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv6__hopopts_only_padding",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv6__hopopts_unknown_opt",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv6__icmpv4",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv6__ipv4_in_ipv6_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv6__ipv4_in_ipv6_wrong_version",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv6__ipv6_in_ipv6_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv6__ipv6_in_ipv6_wrong_version",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv6__pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv6__rh_type_0",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv6__trunc_exthdr",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv6__trunc_pkt",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv6__unknown_next_header",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv6__wrong_ip_version",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ipv6__zero_len_padn",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ltnull__pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ltnull__unsupported_type",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__mpls__bad_label_implicit_null",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__mpls__bad_label_reserved",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__mpls__bad_label_router_alert",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__mpls__header_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__mpls__pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__mpls__unknown_payload_type",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__nsh__bad_header_length",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__nsh__header_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__nsh__reserved_type",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__nsh__unknown_payload",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__nsh__unsupported_type",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__nsh__unsupported_version",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ppp__ip4_pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ppp__ip6_pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ppp__pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ppp__unsup_proto",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ppp__vju_pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__ppp__wrong_type",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__pppoe__malformed_tags",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__pppoe__pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__pppoe__wrong_code",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__sctp__pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__sll__pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__tcp__hlen_too_small",
"value": 31,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__tcp__invalid_optlen",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__tcp__opt_duplicate",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__tcp__opt_invalid_len",
"value": 1,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__tcp__pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__udp__hlen_invalid",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__udp__hlen_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__udp__len_invalid",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__udp__pkt_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__vlan__header_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__vlan__too_many_layers",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__vlan__unknown_type",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__vntag__header_too_small",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__vntag__unknown_type",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__event__vxlan__unknown_payload_type",
"value": 37,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__geneve",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__gre",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__icmpv4",
"value": 19880450,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__icmpv6",
"value": 17813,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__ieee8021ah",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__invalid",
"value": 68,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__ipv4",
"value": 1733122459,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__ipv4_in_ipv6",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__ipv6",
"value": 18591,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__ipv6_in_ipv6",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__max_mac_addrs_dst",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__max_mac_addrs_src",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__max_pkt_size",
"value": 1514,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__mpls",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__nsh",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__null",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__pkts",
"value": 1734891574,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__ppp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__pppoe",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__raw",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__sctp",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__sll",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__tcp",
"value": 1492247140,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__teredo",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__too_many_layers",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__udp",
"value": 220595479,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__unknown_ethertype",
"value": 1054032,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__vlan",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__vlan_qinq",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__vlan_qinqinq",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__vntag",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_decoder__vxlan",
"value": 37,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_defrag__ipv4__fragments",
"value": 400166,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_defrag__ipv4__reassembled",
"value": 180394,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_defrag__ipv6__fragments",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_defrag__ipv6__reassembled",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_defrag__max_frag_hits",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_detect__alert",
"value": 26379,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_detect__alert_queue_overflow",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_detect__alerts_suppressed",
"value": 391806,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_drop_percent",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_error_delta",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_file_store__fs_errors",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_file_store__open_files",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_file_store__open_files_max_hit",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__active",
"value": 1759,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__emerg_mode_entered",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__emerg_mode_over",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__end__state__closed",
"value": 7868744,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__end__state__established",
"value": 25715466,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__end__state__local_bypassed",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__end__state__new",
"value": 983233,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__end__tcp_liberal",
"value": 6427,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__end__tcp_state__close_wait",
"value": 3171,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__end__tcp_state__closed",
"value": 7556083,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__end__tcp_state__closing",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__end__tcp_state__established",
"value": 1914,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__end__tcp_state__fin_wait1",
"value": 841,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__end__tcp_state__fin_wait2",
"value": 35697,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__end__tcp_state__last_ack",
"value": 262224,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__end__tcp_state__none",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__end__tcp_state__syn_recv",
"value": 4366,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__end__tcp_state__syn_sent",
"value": 96970,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__end__tcp_state__time_wait",
"value": 50437,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__get_used",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__get_used_eval",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__get_used_eval_busy",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__get_used_eval_reject",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__get_used_failed",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__icmpv4",
"value": 128280,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__icmpv6",
"value": 10444,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__memcap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__memuse",
"value": 7615216,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__mgr__flows_checked",
"value": 110169569,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__mgr__flows_evicted",
"value": 34286184,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__mgr__flows_evicted_needs_work",
"value": 7225174,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__mgr__flows_notimeout",
"value": 75883385,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__mgr__flows_timeout",
"value": 34286184,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__mgr__full_hash_pass",
"value": 303032,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__mgr__rows_maxlen",
"value": 8,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__mgr__rows_per_sec",
"value": 6553,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__recycler__queue_avg",
"value": 7,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__recycler__queue_max",
"value": 948,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__recycler__recycled",
"value": 27061010,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__spare",
"value": 11098,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__tcp",
"value": 8094833,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__tcp_reuse",
"value": 841,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__total",
"value": 34569202,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__udp",
"value": 26335645,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__wrk__flows_evicted",
"value": 2360569,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__wrk__flows_evicted_needs_work",
"value": 7272282,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__wrk__flows_evicted_pkt_inject",
"value": 9771563,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__wrk__flows_injected",
"value": 7225185,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__wrk__flows_injected_max",
"value": 528,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__wrk__spare_sync",
"value": 298602,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__wrk__spare_sync_avg",
"value": 90,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__wrk__spare_sync_empty",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow__wrk__spare_sync_incomplete",
"value": 197770,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow_bypassed__bytes",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow_bypassed__closed",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow_bypassed__local_bytes",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow_bypassed__local_capture_bytes",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow_bypassed__local_capture_pkts",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow_bypassed__local_pkts",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_flow_bypassed__pkts",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_ftp__memcap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_ftp__memuse",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_http__memcap",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_http__memuse",
"value": 4817354,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_memcap_pressure",
"value": 5,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_memcap_pressure_max",
"value": 63,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_tcp__ack_unseen_data",
"value": 47005,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_tcp__active_sessions",
"value": 260,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_tcp__insert_data_normal_fail",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_tcp__insert_data_overlap_fail",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_tcp__invalid_checksum",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_tcp__memuse",
"value": 2475040,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_tcp__midstream_pickups",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_tcp__overlap",
"value": 438385,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_tcp__overlap_diff_data",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_tcp__pkt_on_wrong_thread",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_tcp__pseudo",
"value": 823992,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_tcp__pseudo_failed",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_tcp__reassembly_gap",
"value": 9929,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_tcp__reassembly_memuse",
"value": 3697168,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_tcp__rst",
"value": 3648542,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_tcp__segment_from_cache",
"value": 210507555,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_tcp__segment_from_pool",
"value": 25923977,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_tcp__segment_memcap_drop",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_tcp__sessions",
"value": 8011963,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_tcp__ssn_from_cache",
"value": 6508924,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_tcp__ssn_from_pool",
"value": 1503039,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_tcp__ssn_memcap_drop",
"value": 0,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_tcp__stream_depth_reached",
"value": 19331,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_tcp__syn",
"value": 8352528,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_tcp__synack",
"value": 7944311,
"value_prev": null,
"app_type": "suricata"
},
{
"metric": "totals_uptime",
"value": 1877156,
"value_prev": null,
"app_type": "suricata"
}
]
}
}
}
Reference in New Issue View Git Blame Copy Permalink