3565 lines
75 KiB
Plaintext
3565 lines
75 KiB
Plaintext
[
|
|
{
|
|
"_index": "packets-2004-12-05",
|
|
"_type": "doc",
|
|
"_score": null,
|
|
"_source": {
|
|
"layers": {
|
|
"frame_raw": [
|
|
"ffffffffffff000b8201fc4208004500012ca8360000fa11178b00000000ffffffff004400430118591f0101060000003d1d0000000000000000000000000000000000000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501013d0701000b8201fc4232040000000037040103062aff00000000000000",
|
|
0,
|
|
314,
|
|
0,
|
|
1
|
|
],
|
|
"frame": {
|
|
"frame.encap_type_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
13
|
|
],
|
|
"frame.time_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
24
|
|
],
|
|
"frame.offset_shift_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
25
|
|
],
|
|
"frame.time_epoch_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
25
|
|
],
|
|
"frame.time_delta_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
25
|
|
],
|
|
"frame.time_delta_displayed_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
25
|
|
],
|
|
"frame.time_relative_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
25
|
|
],
|
|
"frame.number_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
7
|
|
],
|
|
"frame.len_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
7
|
|
],
|
|
"frame.cap_len_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
7
|
|
],
|
|
"frame.marked_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
2
|
|
],
|
|
"frame.ignored_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
2
|
|
],
|
|
"frame.protocols_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
26
|
|
]
|
|
},
|
|
"eth_raw": [
|
|
"ffffffffffff000b8201fc420800",
|
|
0,
|
|
14,
|
|
0,
|
|
1
|
|
],
|
|
"eth": {
|
|
"eth.dst_raw": [
|
|
"ffffffffffff",
|
|
0,
|
|
6,
|
|
0,
|
|
29
|
|
],
|
|
"eth.dst_tree": {
|
|
"eth.dst_resolved_raw": [
|
|
"ffffffffffff",
|
|
0,
|
|
6,
|
|
0,
|
|
26
|
|
],
|
|
"eth.dst.oui_raw": [
|
|
"ffffff",
|
|
0,
|
|
3,
|
|
0,
|
|
6
|
|
],
|
|
"eth.addr_raw": [
|
|
"ffffffffffff",
|
|
0,
|
|
6,
|
|
0,
|
|
29
|
|
],
|
|
"eth.addr_resolved_raw": [
|
|
"ffffffffffff",
|
|
0,
|
|
6,
|
|
0,
|
|
26
|
|
],
|
|
"eth.addr.oui_raw": [
|
|
"ffffff",
|
|
0,
|
|
3,
|
|
0,
|
|
6
|
|
],
|
|
"eth.dst.lg_raw": [
|
|
"1",
|
|
0,
|
|
3,
|
|
131072,
|
|
2
|
|
],
|
|
"eth.lg_raw": [
|
|
"1",
|
|
0,
|
|
3,
|
|
131072,
|
|
2
|
|
],
|
|
"eth.dst.ig_raw": [
|
|
"1",
|
|
0,
|
|
3,
|
|
65536,
|
|
2
|
|
],
|
|
"eth.ig_raw": [
|
|
"1",
|
|
0,
|
|
3,
|
|
65536,
|
|
2
|
|
]
|
|
},
|
|
"eth.src_raw": [
|
|
"000b8201fc42",
|
|
6,
|
|
6,
|
|
0,
|
|
29
|
|
],
|
|
"eth.src_tree": {
|
|
"eth.src_resolved_raw": [
|
|
"000b8201fc42",
|
|
6,
|
|
6,
|
|
0,
|
|
26
|
|
],
|
|
"eth.src.oui_raw": [
|
|
"000b82",
|
|
6,
|
|
3,
|
|
0,
|
|
6
|
|
],
|
|
"eth.src.oui_resolved_raw": [
|
|
"000b8201fc42",
|
|
6,
|
|
6,
|
|
0,
|
|
26
|
|
],
|
|
"eth.addr_raw": [
|
|
"000b8201fc42",
|
|
6,
|
|
6,
|
|
0,
|
|
29
|
|
],
|
|
"eth.addr_resolved_raw": [
|
|
"000b8201fc42",
|
|
6,
|
|
6,
|
|
0,
|
|
26
|
|
],
|
|
"eth.addr.oui_raw": [
|
|
"000b82",
|
|
6,
|
|
3,
|
|
0,
|
|
6
|
|
],
|
|
"eth.addr.oui_resolved_raw": [
|
|
"000b8201fc42",
|
|
6,
|
|
6,
|
|
0,
|
|
26
|
|
],
|
|
"eth.src.lg_raw": [
|
|
"0",
|
|
6,
|
|
3,
|
|
131072,
|
|
2
|
|
],
|
|
"eth.lg_raw": [
|
|
"0",
|
|
6,
|
|
3,
|
|
131072,
|
|
2
|
|
],
|
|
"eth.src.ig_raw": [
|
|
"0",
|
|
6,
|
|
3,
|
|
65536,
|
|
2
|
|
],
|
|
"eth.ig_raw": [
|
|
"0",
|
|
6,
|
|
3,
|
|
65536,
|
|
2
|
|
]
|
|
},
|
|
"eth.type_raw": [
|
|
"0800",
|
|
12,
|
|
2,
|
|
0,
|
|
5
|
|
]
|
|
},
|
|
"ip_raw": [
|
|
"4500012ca8360000fa11178b00000000ffffffff",
|
|
14,
|
|
20,
|
|
0,
|
|
1
|
|
],
|
|
"ip": {
|
|
"ip.version_raw": [
|
|
"45",
|
|
14,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"ip.hdr_len_raw": [
|
|
"45",
|
|
14,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"ip.dsfield_raw": [
|
|
"00",
|
|
15,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"ip.dsfield_tree": {
|
|
"ip.dsfield.dscp_raw": [
|
|
"0",
|
|
15,
|
|
1,
|
|
252,
|
|
4
|
|
],
|
|
"ip.dsfield.ecn_raw": [
|
|
"0",
|
|
15,
|
|
1,
|
|
3,
|
|
4
|
|
]
|
|
},
|
|
"ip.len_raw": [
|
|
"012c",
|
|
16,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"ip.id_raw": [
|
|
"a836",
|
|
18,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"ip.flags_raw": [
|
|
"0",
|
|
20,
|
|
1,
|
|
224,
|
|
4
|
|
],
|
|
"ip.flags_tree": {
|
|
"ip.flags.rb_raw": [
|
|
"0",
|
|
20,
|
|
1,
|
|
128,
|
|
2
|
|
],
|
|
"ip.flags.df_raw": [
|
|
"0",
|
|
20,
|
|
1,
|
|
64,
|
|
2
|
|
],
|
|
"ip.flags.mf_raw": [
|
|
"0",
|
|
20,
|
|
1,
|
|
32,
|
|
2
|
|
]
|
|
},
|
|
"ip.frag_offset_raw": [
|
|
"0",
|
|
20,
|
|
2,
|
|
8191,
|
|
5
|
|
],
|
|
"ip.ttl_raw": [
|
|
"fa",
|
|
22,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"ip.proto_raw": [
|
|
"11",
|
|
23,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"ip.checksum_raw": [
|
|
"178b",
|
|
24,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"ip.checksum.status_raw": [
|
|
"",
|
|
24,
|
|
0,
|
|
0,
|
|
4
|
|
],
|
|
"ip.src_raw": [
|
|
"00000000",
|
|
26,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"ip.addr_raw": [
|
|
"00000000",
|
|
26,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"ip.src_host_raw": [
|
|
"00000000",
|
|
26,
|
|
4,
|
|
0,
|
|
26
|
|
],
|
|
"ip.host_raw": [
|
|
"00000000",
|
|
26,
|
|
4,
|
|
0,
|
|
26
|
|
],
|
|
"ip.dst_raw": [
|
|
"ffffffff",
|
|
30,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"ip.addr_raw": [
|
|
"ffffffff",
|
|
30,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"ip.dst_host_raw": [
|
|
"ffffffff",
|
|
30,
|
|
4,
|
|
0,
|
|
26
|
|
],
|
|
"ip.host_raw": [
|
|
"ffffffff",
|
|
30,
|
|
4,
|
|
0,
|
|
26
|
|
]
|
|
},
|
|
"udp_raw": [
|
|
"004400430118591f",
|
|
34,
|
|
8,
|
|
0,
|
|
1
|
|
],
|
|
"udp": {
|
|
"udp.srcport_raw": [
|
|
"0044",
|
|
34,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"udp.dstport_raw": [
|
|
"0043",
|
|
36,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"udp.port_raw": [
|
|
"0044",
|
|
34,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"udp.port_raw": [
|
|
"0043",
|
|
36,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"udp.length_raw": [
|
|
"0118",
|
|
38,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"udp.checksum_raw": [
|
|
"591f",
|
|
40,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"udp.checksum.status_raw": [
|
|
"",
|
|
40,
|
|
0,
|
|
0,
|
|
4
|
|
],
|
|
"udp.stream_raw": [
|
|
"",
|
|
42,
|
|
0,
|
|
0,
|
|
7
|
|
],
|
|
"Timestamps": {
|
|
"udp.time_relative_raw": [
|
|
"",
|
|
34,
|
|
0,
|
|
0,
|
|
25
|
|
],
|
|
"udp.time_delta_raw": [
|
|
"",
|
|
34,
|
|
0,
|
|
0,
|
|
25
|
|
]
|
|
},
|
|
"udp.payload_raw": [
|
|
"0101060000003d1d0000000000000000000000000000000000000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501013d0701000b8201fc4232040000000037040103062aff00000000000000",
|
|
42,
|
|
272,
|
|
0,
|
|
30
|
|
]
|
|
},
|
|
"dhcp_raw": [
|
|
"0101060000003d1d0000000000000000000000000000000000000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501013d0701000b8201fc4232040000000037040103062aff00000000000000",
|
|
42,
|
|
272,
|
|
0,
|
|
1
|
|
],
|
|
"dhcp": {
|
|
"dhcp.type_raw": [
|
|
"01",
|
|
42,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.hw.type_raw": [
|
|
"01",
|
|
43,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.hw.len_raw": [
|
|
"06",
|
|
44,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.hops_raw": [
|
|
"00",
|
|
45,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.id_raw": [
|
|
"00003d1d",
|
|
46,
|
|
4,
|
|
0,
|
|
7
|
|
],
|
|
"dhcp.secs_raw": [
|
|
"0000",
|
|
50,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"dhcp.flags_raw": [
|
|
"0000",
|
|
52,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"dhcp.flags_tree": {
|
|
"dhcp.flags.bc_raw": [
|
|
"0",
|
|
52,
|
|
2,
|
|
32768,
|
|
2
|
|
],
|
|
"dhcp.flags.reserved_raw": [
|
|
"0",
|
|
52,
|
|
2,
|
|
32767,
|
|
5
|
|
]
|
|
},
|
|
"dhcp.ip.client_raw": [
|
|
"00000000",
|
|
54,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"dhcp.ip.your_raw": [
|
|
"00000000",
|
|
58,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"dhcp.ip.server_raw": [
|
|
"00000000",
|
|
62,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"dhcp.ip.relay_raw": [
|
|
"00000000",
|
|
66,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"dhcp.hw.mac_addr_raw": [
|
|
"000b8201fc42",
|
|
70,
|
|
6,
|
|
0,
|
|
29
|
|
],
|
|
"dhcp.hw.addr_padding_raw": [
|
|
"00000000000000000000",
|
|
76,
|
|
10,
|
|
0,
|
|
30
|
|
],
|
|
"dhcp.server_raw": [
|
|
"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
|
|
86,
|
|
64,
|
|
0,
|
|
26
|
|
],
|
|
"dhcp.file_raw": [
|
|
"0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
|
|
150,
|
|
128,
|
|
0,
|
|
26
|
|
],
|
|
"dhcp.cookie_raw": [
|
|
"63825363",
|
|
278,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"dhcp.option.type_raw": [
|
|
"350101",
|
|
282,
|
|
3,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.type_tree": {
|
|
"dhcp.option.length_raw": [
|
|
"01",
|
|
283,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.value_raw": [
|
|
"01",
|
|
284,
|
|
1,
|
|
0,
|
|
30
|
|
],
|
|
"dhcp.option.dhcp_raw": [
|
|
"01",
|
|
284,
|
|
1,
|
|
0,
|
|
4
|
|
]
|
|
},
|
|
"dhcp.option.type_raw": [
|
|
"3d0701000b8201fc42",
|
|
285,
|
|
9,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.type_tree": {
|
|
"dhcp.option.length_raw": [
|
|
"07",
|
|
286,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.value_raw": [
|
|
"01000b8201fc42",
|
|
287,
|
|
7,
|
|
0,
|
|
30
|
|
],
|
|
"dhcp.hw.type_raw": [
|
|
"01",
|
|
287,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.hw.mac_addr_raw": [
|
|
"000b8201fc42",
|
|
288,
|
|
6,
|
|
0,
|
|
29
|
|
]
|
|
},
|
|
"dhcp.option.type_raw": [
|
|
"320400000000",
|
|
294,
|
|
6,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.type_tree": {
|
|
"dhcp.option.length_raw": [
|
|
"04",
|
|
295,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.value_raw": [
|
|
"00000000",
|
|
296,
|
|
4,
|
|
0,
|
|
30
|
|
],
|
|
"dhcp.option.requested_ip_address_raw": [
|
|
"00000000",
|
|
296,
|
|
4,
|
|
0,
|
|
32
|
|
]
|
|
},
|
|
"dhcp.option.type_raw": [
|
|
"37040103062a",
|
|
300,
|
|
6,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.type_tree": {
|
|
"dhcp.option.length_raw": [
|
|
"04",
|
|
301,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.value_raw": [
|
|
"0103062a",
|
|
302,
|
|
4,
|
|
0,
|
|
30
|
|
],
|
|
"dhcp.option.request_list_item_raw": [
|
|
"01",
|
|
302,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.request_list_item_raw": [
|
|
"03",
|
|
303,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.request_list_item_raw": [
|
|
"06",
|
|
304,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.request_list_item_raw": [
|
|
"2a",
|
|
305,
|
|
1,
|
|
0,
|
|
4
|
|
]
|
|
},
|
|
"dhcp.option.type_raw": [
|
|
"ff",
|
|
306,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.type_tree": {
|
|
"dhcp.option.end_raw": [
|
|
"ff",
|
|
306,
|
|
1,
|
|
0,
|
|
4
|
|
]
|
|
},
|
|
"dhcp.option.padding_raw": [
|
|
"00000000000000",
|
|
307,
|
|
7,
|
|
0,
|
|
30
|
|
]
|
|
}
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"_index": "packets-2004-12-05",
|
|
"_type": "doc",
|
|
"_score": null,
|
|
"_source": {
|
|
"layers": {
|
|
"frame_raw": [
|
|
"000b8201fc42000874adf19b0800450001480445000080110000c0a80001c0a8000a00430044013422330201060000003d1d0000000000000000c0a8000ac0a8000100000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501020104ffffff003a04000007083b0400000c4e330400000e103604c0a80001ff0000000000000000000000000000000000000000000000000000",
|
|
0,
|
|
342,
|
|
0,
|
|
1
|
|
],
|
|
"frame": {
|
|
"frame.encap_type_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
13
|
|
],
|
|
"frame.time_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
24
|
|
],
|
|
"frame.offset_shift_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
25
|
|
],
|
|
"frame.time_epoch_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
25
|
|
],
|
|
"frame.time_delta_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
25
|
|
],
|
|
"frame.time_delta_displayed_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
25
|
|
],
|
|
"frame.time_relative_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
25
|
|
],
|
|
"frame.number_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
7
|
|
],
|
|
"frame.len_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
7
|
|
],
|
|
"frame.cap_len_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
7
|
|
],
|
|
"frame.marked_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
2
|
|
],
|
|
"frame.ignored_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
2
|
|
],
|
|
"frame.protocols_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
26
|
|
]
|
|
},
|
|
"eth_raw": [
|
|
"000b8201fc42000874adf19b0800",
|
|
0,
|
|
14,
|
|
0,
|
|
1
|
|
],
|
|
"eth": {
|
|
"eth.dst_raw": [
|
|
"000b8201fc42",
|
|
0,
|
|
6,
|
|
0,
|
|
29
|
|
],
|
|
"eth.dst_tree": {
|
|
"eth.dst_resolved_raw": [
|
|
"000b8201fc42",
|
|
0,
|
|
6,
|
|
0,
|
|
26
|
|
],
|
|
"eth.dst.oui_raw": [
|
|
"000b82",
|
|
0,
|
|
3,
|
|
0,
|
|
6
|
|
],
|
|
"eth.dst.oui_resolved_raw": [
|
|
"000b8201fc42",
|
|
0,
|
|
6,
|
|
0,
|
|
26
|
|
],
|
|
"eth.addr_raw": [
|
|
"000b8201fc42",
|
|
0,
|
|
6,
|
|
0,
|
|
29
|
|
],
|
|
"eth.addr_resolved_raw": [
|
|
"000b8201fc42",
|
|
0,
|
|
6,
|
|
0,
|
|
26
|
|
],
|
|
"eth.addr.oui_raw": [
|
|
"000b82",
|
|
0,
|
|
3,
|
|
0,
|
|
6
|
|
],
|
|
"eth.addr.oui_resolved_raw": [
|
|
"000b8201fc42",
|
|
0,
|
|
6,
|
|
0,
|
|
26
|
|
],
|
|
"eth.dst.lg_raw": [
|
|
"0",
|
|
0,
|
|
3,
|
|
131072,
|
|
2
|
|
],
|
|
"eth.lg_raw": [
|
|
"0",
|
|
0,
|
|
3,
|
|
131072,
|
|
2
|
|
],
|
|
"eth.dst.ig_raw": [
|
|
"0",
|
|
0,
|
|
3,
|
|
65536,
|
|
2
|
|
],
|
|
"eth.ig_raw": [
|
|
"0",
|
|
0,
|
|
3,
|
|
65536,
|
|
2
|
|
]
|
|
},
|
|
"eth.src_raw": [
|
|
"000874adf19b",
|
|
6,
|
|
6,
|
|
0,
|
|
29
|
|
],
|
|
"eth.src_tree": {
|
|
"eth.src_resolved_raw": [
|
|
"000874adf19b",
|
|
6,
|
|
6,
|
|
0,
|
|
26
|
|
],
|
|
"eth.src.oui_raw": [
|
|
"000874",
|
|
6,
|
|
3,
|
|
0,
|
|
6
|
|
],
|
|
"eth.src.oui_resolved_raw": [
|
|
"000874adf19b",
|
|
6,
|
|
6,
|
|
0,
|
|
26
|
|
],
|
|
"eth.addr_raw": [
|
|
"000874adf19b",
|
|
6,
|
|
6,
|
|
0,
|
|
29
|
|
],
|
|
"eth.addr_resolved_raw": [
|
|
"000874adf19b",
|
|
6,
|
|
6,
|
|
0,
|
|
26
|
|
],
|
|
"eth.addr.oui_raw": [
|
|
"000874",
|
|
6,
|
|
3,
|
|
0,
|
|
6
|
|
],
|
|
"eth.addr.oui_resolved_raw": [
|
|
"000874adf19b",
|
|
6,
|
|
6,
|
|
0,
|
|
26
|
|
],
|
|
"eth.src.lg_raw": [
|
|
"0",
|
|
6,
|
|
3,
|
|
131072,
|
|
2
|
|
],
|
|
"eth.lg_raw": [
|
|
"0",
|
|
6,
|
|
3,
|
|
131072,
|
|
2
|
|
],
|
|
"eth.src.ig_raw": [
|
|
"0",
|
|
6,
|
|
3,
|
|
65536,
|
|
2
|
|
],
|
|
"eth.ig_raw": [
|
|
"0",
|
|
6,
|
|
3,
|
|
65536,
|
|
2
|
|
]
|
|
},
|
|
"eth.type_raw": [
|
|
"0800",
|
|
12,
|
|
2,
|
|
0,
|
|
5
|
|
]
|
|
},
|
|
"ip_raw": [
|
|
"450001480445000080110000c0a80001c0a8000a",
|
|
14,
|
|
20,
|
|
0,
|
|
1
|
|
],
|
|
"ip": {
|
|
"ip.version_raw": [
|
|
"45",
|
|
14,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"ip.hdr_len_raw": [
|
|
"45",
|
|
14,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"ip.dsfield_raw": [
|
|
"00",
|
|
15,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"ip.dsfield_tree": {
|
|
"ip.dsfield.dscp_raw": [
|
|
"0",
|
|
15,
|
|
1,
|
|
252,
|
|
4
|
|
],
|
|
"ip.dsfield.ecn_raw": [
|
|
"0",
|
|
15,
|
|
1,
|
|
3,
|
|
4
|
|
]
|
|
},
|
|
"ip.len_raw": [
|
|
"0148",
|
|
16,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"ip.id_raw": [
|
|
"0445",
|
|
18,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"ip.flags_raw": [
|
|
"0",
|
|
20,
|
|
1,
|
|
224,
|
|
4
|
|
],
|
|
"ip.flags_tree": {
|
|
"ip.flags.rb_raw": [
|
|
"0",
|
|
20,
|
|
1,
|
|
128,
|
|
2
|
|
],
|
|
"ip.flags.df_raw": [
|
|
"0",
|
|
20,
|
|
1,
|
|
64,
|
|
2
|
|
],
|
|
"ip.flags.mf_raw": [
|
|
"0",
|
|
20,
|
|
1,
|
|
32,
|
|
2
|
|
]
|
|
},
|
|
"ip.frag_offset_raw": [
|
|
"0",
|
|
20,
|
|
2,
|
|
8191,
|
|
5
|
|
],
|
|
"ip.ttl_raw": [
|
|
"80",
|
|
22,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"ip.proto_raw": [
|
|
"11",
|
|
23,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"ip.checksum_raw": [
|
|
"0000",
|
|
24,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"ip.checksum.status_raw": [
|
|
"",
|
|
24,
|
|
0,
|
|
0,
|
|
4
|
|
],
|
|
"ip.src_raw": [
|
|
"c0a80001",
|
|
26,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"ip.addr_raw": [
|
|
"c0a80001",
|
|
26,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"ip.src_host_raw": [
|
|
"c0a80001",
|
|
26,
|
|
4,
|
|
0,
|
|
26
|
|
],
|
|
"ip.host_raw": [
|
|
"c0a80001",
|
|
26,
|
|
4,
|
|
0,
|
|
26
|
|
],
|
|
"ip.dst_raw": [
|
|
"c0a8000a",
|
|
30,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"ip.addr_raw": [
|
|
"c0a8000a",
|
|
30,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"ip.dst_host_raw": [
|
|
"c0a8000a",
|
|
30,
|
|
4,
|
|
0,
|
|
26
|
|
],
|
|
"ip.host_raw": [
|
|
"c0a8000a",
|
|
30,
|
|
4,
|
|
0,
|
|
26
|
|
]
|
|
},
|
|
"udp_raw": [
|
|
"0043004401342233",
|
|
34,
|
|
8,
|
|
0,
|
|
1
|
|
],
|
|
"udp": {
|
|
"udp.srcport_raw": [
|
|
"0043",
|
|
34,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"udp.dstport_raw": [
|
|
"0044",
|
|
36,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"udp.port_raw": [
|
|
"0043",
|
|
34,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"udp.port_raw": [
|
|
"0044",
|
|
36,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"udp.length_raw": [
|
|
"0134",
|
|
38,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"udp.checksum_raw": [
|
|
"2233",
|
|
40,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"udp.checksum.status_raw": [
|
|
"",
|
|
40,
|
|
0,
|
|
0,
|
|
4
|
|
],
|
|
"udp.stream_raw": [
|
|
"",
|
|
42,
|
|
0,
|
|
0,
|
|
7
|
|
],
|
|
"Timestamps": {
|
|
"udp.time_relative_raw": [
|
|
"",
|
|
34,
|
|
0,
|
|
0,
|
|
25
|
|
],
|
|
"udp.time_delta_raw": [
|
|
"",
|
|
34,
|
|
0,
|
|
0,
|
|
25
|
|
]
|
|
},
|
|
"udp.payload_raw": [
|
|
"0201060000003d1d0000000000000000c0a8000ac0a8000100000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501020104ffffff003a04000007083b0400000c4e330400000e103604c0a80001ff0000000000000000000000000000000000000000000000000000",
|
|
42,
|
|
300,
|
|
0,
|
|
30
|
|
]
|
|
},
|
|
"dhcp_raw": [
|
|
"0201060000003d1d0000000000000000c0a8000ac0a8000100000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501020104ffffff003a04000007083b0400000c4e330400000e103604c0a80001ff0000000000000000000000000000000000000000000000000000",
|
|
42,
|
|
300,
|
|
0,
|
|
1
|
|
],
|
|
"dhcp": {
|
|
"dhcp.type_raw": [
|
|
"02",
|
|
42,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.hw.type_raw": [
|
|
"01",
|
|
43,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.hw.len_raw": [
|
|
"06",
|
|
44,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.hops_raw": [
|
|
"00",
|
|
45,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.id_raw": [
|
|
"00003d1d",
|
|
46,
|
|
4,
|
|
0,
|
|
7
|
|
],
|
|
"dhcp.secs_raw": [
|
|
"0000",
|
|
50,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"dhcp.flags_raw": [
|
|
"0000",
|
|
52,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"dhcp.flags_tree": {
|
|
"dhcp.flags.bc_raw": [
|
|
"0",
|
|
52,
|
|
2,
|
|
32768,
|
|
2
|
|
],
|
|
"dhcp.flags.reserved_raw": [
|
|
"0",
|
|
52,
|
|
2,
|
|
32767,
|
|
5
|
|
]
|
|
},
|
|
"dhcp.ip.client_raw": [
|
|
"00000000",
|
|
54,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"dhcp.ip.your_raw": [
|
|
"c0a8000a",
|
|
58,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"dhcp.ip.server_raw": [
|
|
"c0a80001",
|
|
62,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"dhcp.ip.relay_raw": [
|
|
"00000000",
|
|
66,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"dhcp.hw.mac_addr_raw": [
|
|
"000b8201fc42",
|
|
70,
|
|
6,
|
|
0,
|
|
29
|
|
],
|
|
"dhcp.hw.addr_padding_raw": [
|
|
"00000000000000000000",
|
|
76,
|
|
10,
|
|
0,
|
|
30
|
|
],
|
|
"dhcp.server_raw": [
|
|
"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
|
|
86,
|
|
64,
|
|
0,
|
|
26
|
|
],
|
|
"dhcp.file_raw": [
|
|
"0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
|
|
150,
|
|
128,
|
|
0,
|
|
26
|
|
],
|
|
"dhcp.cookie_raw": [
|
|
"63825363",
|
|
278,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"dhcp.option.type_raw": [
|
|
"350102",
|
|
282,
|
|
3,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.type_tree": {
|
|
"dhcp.option.length_raw": [
|
|
"01",
|
|
283,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.value_raw": [
|
|
"02",
|
|
284,
|
|
1,
|
|
0,
|
|
30
|
|
],
|
|
"dhcp.option.dhcp_raw": [
|
|
"02",
|
|
284,
|
|
1,
|
|
0,
|
|
4
|
|
]
|
|
},
|
|
"dhcp.option.type_raw": [
|
|
"0104ffffff00",
|
|
285,
|
|
6,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.type_tree": {
|
|
"dhcp.option.length_raw": [
|
|
"04",
|
|
286,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.value_raw": [
|
|
"ffffff00",
|
|
287,
|
|
4,
|
|
0,
|
|
30
|
|
],
|
|
"dhcp.option.subnet_mask_raw": [
|
|
"ffffff00",
|
|
287,
|
|
4,
|
|
0,
|
|
32
|
|
]
|
|
},
|
|
"dhcp.option.type_raw": [
|
|
"3a0400000708",
|
|
291,
|
|
6,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.type_tree": {
|
|
"dhcp.option.length_raw": [
|
|
"04",
|
|
292,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.value_raw": [
|
|
"00000708",
|
|
293,
|
|
4,
|
|
0,
|
|
30
|
|
],
|
|
"dhcp.option.renewal_time_value_raw": [
|
|
"00000708",
|
|
293,
|
|
4,
|
|
0,
|
|
7
|
|
]
|
|
},
|
|
"dhcp.option.type_raw": [
|
|
"3b0400000c4e",
|
|
297,
|
|
6,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.type_tree": {
|
|
"dhcp.option.length_raw": [
|
|
"04",
|
|
298,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.value_raw": [
|
|
"00000c4e",
|
|
299,
|
|
4,
|
|
0,
|
|
30
|
|
],
|
|
"dhcp.option.rebinding_time_value_raw": [
|
|
"00000c4e",
|
|
299,
|
|
4,
|
|
0,
|
|
7
|
|
]
|
|
},
|
|
"dhcp.option.type_raw": [
|
|
"330400000e10",
|
|
303,
|
|
6,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.type_tree": {
|
|
"dhcp.option.length_raw": [
|
|
"04",
|
|
304,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.value_raw": [
|
|
"00000e10",
|
|
305,
|
|
4,
|
|
0,
|
|
30
|
|
],
|
|
"dhcp.option.ip_address_lease_time_raw": [
|
|
"00000e10",
|
|
305,
|
|
4,
|
|
0,
|
|
7
|
|
]
|
|
},
|
|
"dhcp.option.type_raw": [
|
|
"3604c0a80001",
|
|
309,
|
|
6,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.type_tree": {
|
|
"dhcp.option.length_raw": [
|
|
"04",
|
|
310,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.value_raw": [
|
|
"c0a80001",
|
|
311,
|
|
4,
|
|
0,
|
|
30
|
|
],
|
|
"dhcp.option.dhcp_server_id_raw": [
|
|
"c0a80001",
|
|
311,
|
|
4,
|
|
0,
|
|
32
|
|
]
|
|
},
|
|
"dhcp.option.type_raw": [
|
|
"ff",
|
|
315,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.type_tree": {
|
|
"dhcp.option.end_raw": [
|
|
"ff",
|
|
315,
|
|
1,
|
|
0,
|
|
4
|
|
]
|
|
},
|
|
"dhcp.option.padding_raw": [
|
|
"0000000000000000000000000000000000000000000000000000",
|
|
316,
|
|
26,
|
|
0,
|
|
30
|
|
]
|
|
}
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"_index": "packets-2004-12-05",
|
|
"_type": "doc",
|
|
"_score": null,
|
|
"_source": {
|
|
"layers": {
|
|
"frame_raw": [
|
|
"ffffffffffff000b8201fc4208004500012ca8370000fa11178a00000000ffffffff0044004301189fbd0101060000003d1e0000000000000000000000000000000000000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501033d0701000b8201fc423204c0a8000a3604c0a8000137040103062aff00",
|
|
0,
|
|
314,
|
|
0,
|
|
1
|
|
],
|
|
"frame": {
|
|
"frame.encap_type_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
13
|
|
],
|
|
"frame.time_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
24
|
|
],
|
|
"frame.offset_shift_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
25
|
|
],
|
|
"frame.time_epoch_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
25
|
|
],
|
|
"frame.time_delta_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
25
|
|
],
|
|
"frame.time_delta_displayed_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
25
|
|
],
|
|
"frame.time_relative_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
25
|
|
],
|
|
"frame.number_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
7
|
|
],
|
|
"frame.len_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
7
|
|
],
|
|
"frame.cap_len_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
7
|
|
],
|
|
"frame.marked_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
2
|
|
],
|
|
"frame.ignored_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
2
|
|
],
|
|
"frame.protocols_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
26
|
|
]
|
|
},
|
|
"eth_raw": [
|
|
"ffffffffffff000b8201fc420800",
|
|
0,
|
|
14,
|
|
0,
|
|
1
|
|
],
|
|
"eth": {
|
|
"eth.dst_raw": [
|
|
"ffffffffffff",
|
|
0,
|
|
6,
|
|
0,
|
|
29
|
|
],
|
|
"eth.dst_tree": {
|
|
"eth.dst_resolved_raw": [
|
|
"ffffffffffff",
|
|
0,
|
|
6,
|
|
0,
|
|
26
|
|
],
|
|
"eth.dst.oui_raw": [
|
|
"ffffff",
|
|
0,
|
|
3,
|
|
0,
|
|
6
|
|
],
|
|
"eth.addr_raw": [
|
|
"ffffffffffff",
|
|
0,
|
|
6,
|
|
0,
|
|
29
|
|
],
|
|
"eth.addr_resolved_raw": [
|
|
"ffffffffffff",
|
|
0,
|
|
6,
|
|
0,
|
|
26
|
|
],
|
|
"eth.addr.oui_raw": [
|
|
"ffffff",
|
|
0,
|
|
3,
|
|
0,
|
|
6
|
|
],
|
|
"eth.dst.lg_raw": [
|
|
"1",
|
|
0,
|
|
3,
|
|
131072,
|
|
2
|
|
],
|
|
"eth.lg_raw": [
|
|
"1",
|
|
0,
|
|
3,
|
|
131072,
|
|
2
|
|
],
|
|
"eth.dst.ig_raw": [
|
|
"1",
|
|
0,
|
|
3,
|
|
65536,
|
|
2
|
|
],
|
|
"eth.ig_raw": [
|
|
"1",
|
|
0,
|
|
3,
|
|
65536,
|
|
2
|
|
]
|
|
},
|
|
"eth.src_raw": [
|
|
"000b8201fc42",
|
|
6,
|
|
6,
|
|
0,
|
|
29
|
|
],
|
|
"eth.src_tree": {
|
|
"eth.src_resolved_raw": [
|
|
"000b8201fc42",
|
|
6,
|
|
6,
|
|
0,
|
|
26
|
|
],
|
|
"eth.src.oui_raw": [
|
|
"000b82",
|
|
6,
|
|
3,
|
|
0,
|
|
6
|
|
],
|
|
"eth.src.oui_resolved_raw": [
|
|
"000b8201fc42",
|
|
6,
|
|
6,
|
|
0,
|
|
26
|
|
],
|
|
"eth.addr_raw": [
|
|
"000b8201fc42",
|
|
6,
|
|
6,
|
|
0,
|
|
29
|
|
],
|
|
"eth.addr_resolved_raw": [
|
|
"000b8201fc42",
|
|
6,
|
|
6,
|
|
0,
|
|
26
|
|
],
|
|
"eth.addr.oui_raw": [
|
|
"000b82",
|
|
6,
|
|
3,
|
|
0,
|
|
6
|
|
],
|
|
"eth.addr.oui_resolved_raw": [
|
|
"000b8201fc42",
|
|
6,
|
|
6,
|
|
0,
|
|
26
|
|
],
|
|
"eth.src.lg_raw": [
|
|
"0",
|
|
6,
|
|
3,
|
|
131072,
|
|
2
|
|
],
|
|
"eth.lg_raw": [
|
|
"0",
|
|
6,
|
|
3,
|
|
131072,
|
|
2
|
|
],
|
|
"eth.src.ig_raw": [
|
|
"0",
|
|
6,
|
|
3,
|
|
65536,
|
|
2
|
|
],
|
|
"eth.ig_raw": [
|
|
"0",
|
|
6,
|
|
3,
|
|
65536,
|
|
2
|
|
]
|
|
},
|
|
"eth.type_raw": [
|
|
"0800",
|
|
12,
|
|
2,
|
|
0,
|
|
5
|
|
]
|
|
},
|
|
"ip_raw": [
|
|
"4500012ca8370000fa11178a00000000ffffffff",
|
|
14,
|
|
20,
|
|
0,
|
|
1
|
|
],
|
|
"ip": {
|
|
"ip.version_raw": [
|
|
"45",
|
|
14,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"ip.hdr_len_raw": [
|
|
"45",
|
|
14,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"ip.dsfield_raw": [
|
|
"00",
|
|
15,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"ip.dsfield_tree": {
|
|
"ip.dsfield.dscp_raw": [
|
|
"0",
|
|
15,
|
|
1,
|
|
252,
|
|
4
|
|
],
|
|
"ip.dsfield.ecn_raw": [
|
|
"0",
|
|
15,
|
|
1,
|
|
3,
|
|
4
|
|
]
|
|
},
|
|
"ip.len_raw": [
|
|
"012c",
|
|
16,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"ip.id_raw": [
|
|
"a837",
|
|
18,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"ip.flags_raw": [
|
|
"0",
|
|
20,
|
|
1,
|
|
224,
|
|
4
|
|
],
|
|
"ip.flags_tree": {
|
|
"ip.flags.rb_raw": [
|
|
"0",
|
|
20,
|
|
1,
|
|
128,
|
|
2
|
|
],
|
|
"ip.flags.df_raw": [
|
|
"0",
|
|
20,
|
|
1,
|
|
64,
|
|
2
|
|
],
|
|
"ip.flags.mf_raw": [
|
|
"0",
|
|
20,
|
|
1,
|
|
32,
|
|
2
|
|
]
|
|
},
|
|
"ip.frag_offset_raw": [
|
|
"0",
|
|
20,
|
|
2,
|
|
8191,
|
|
5
|
|
],
|
|
"ip.ttl_raw": [
|
|
"fa",
|
|
22,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"ip.proto_raw": [
|
|
"11",
|
|
23,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"ip.checksum_raw": [
|
|
"178a",
|
|
24,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"ip.checksum.status_raw": [
|
|
"",
|
|
24,
|
|
0,
|
|
0,
|
|
4
|
|
],
|
|
"ip.src_raw": [
|
|
"00000000",
|
|
26,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"ip.addr_raw": [
|
|
"00000000",
|
|
26,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"ip.src_host_raw": [
|
|
"00000000",
|
|
26,
|
|
4,
|
|
0,
|
|
26
|
|
],
|
|
"ip.host_raw": [
|
|
"00000000",
|
|
26,
|
|
4,
|
|
0,
|
|
26
|
|
],
|
|
"ip.dst_raw": [
|
|
"ffffffff",
|
|
30,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"ip.addr_raw": [
|
|
"ffffffff",
|
|
30,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"ip.dst_host_raw": [
|
|
"ffffffff",
|
|
30,
|
|
4,
|
|
0,
|
|
26
|
|
],
|
|
"ip.host_raw": [
|
|
"ffffffff",
|
|
30,
|
|
4,
|
|
0,
|
|
26
|
|
]
|
|
},
|
|
"udp_raw": [
|
|
"0044004301189fbd",
|
|
34,
|
|
8,
|
|
0,
|
|
1
|
|
],
|
|
"udp": {
|
|
"udp.srcport_raw": [
|
|
"0044",
|
|
34,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"udp.dstport_raw": [
|
|
"0043",
|
|
36,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"udp.port_raw": [
|
|
"0044",
|
|
34,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"udp.port_raw": [
|
|
"0043",
|
|
36,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"udp.length_raw": [
|
|
"0118",
|
|
38,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"udp.checksum_raw": [
|
|
"9fbd",
|
|
40,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"udp.checksum.status_raw": [
|
|
"",
|
|
40,
|
|
0,
|
|
0,
|
|
4
|
|
],
|
|
"udp.stream_raw": [
|
|
"",
|
|
42,
|
|
0,
|
|
0,
|
|
7
|
|
],
|
|
"Timestamps": {
|
|
"udp.time_relative_raw": [
|
|
"",
|
|
34,
|
|
0,
|
|
0,
|
|
25
|
|
],
|
|
"udp.time_delta_raw": [
|
|
"",
|
|
34,
|
|
0,
|
|
0,
|
|
25
|
|
]
|
|
},
|
|
"udp.payload_raw": [
|
|
"0101060000003d1e0000000000000000000000000000000000000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501033d0701000b8201fc423204c0a8000a3604c0a8000137040103062aff00",
|
|
42,
|
|
272,
|
|
0,
|
|
30
|
|
]
|
|
},
|
|
"dhcp_raw": [
|
|
"0101060000003d1e0000000000000000000000000000000000000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501033d0701000b8201fc423204c0a8000a3604c0a8000137040103062aff00",
|
|
42,
|
|
272,
|
|
0,
|
|
1
|
|
],
|
|
"dhcp": {
|
|
"dhcp.type_raw": [
|
|
"01",
|
|
42,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.hw.type_raw": [
|
|
"01",
|
|
43,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.hw.len_raw": [
|
|
"06",
|
|
44,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.hops_raw": [
|
|
"00",
|
|
45,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.id_raw": [
|
|
"00003d1e",
|
|
46,
|
|
4,
|
|
0,
|
|
7
|
|
],
|
|
"dhcp.secs_raw": [
|
|
"0000",
|
|
50,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"dhcp.flags_raw": [
|
|
"0000",
|
|
52,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"dhcp.flags_tree": {
|
|
"dhcp.flags.bc_raw": [
|
|
"0",
|
|
52,
|
|
2,
|
|
32768,
|
|
2
|
|
],
|
|
"dhcp.flags.reserved_raw": [
|
|
"0",
|
|
52,
|
|
2,
|
|
32767,
|
|
5
|
|
]
|
|
},
|
|
"dhcp.ip.client_raw": [
|
|
"00000000",
|
|
54,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"dhcp.ip.your_raw": [
|
|
"00000000",
|
|
58,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"dhcp.ip.server_raw": [
|
|
"00000000",
|
|
62,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"dhcp.ip.relay_raw": [
|
|
"00000000",
|
|
66,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"dhcp.hw.mac_addr_raw": [
|
|
"000b8201fc42",
|
|
70,
|
|
6,
|
|
0,
|
|
29
|
|
],
|
|
"dhcp.hw.addr_padding_raw": [
|
|
"00000000000000000000",
|
|
76,
|
|
10,
|
|
0,
|
|
30
|
|
],
|
|
"dhcp.server_raw": [
|
|
"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
|
|
86,
|
|
64,
|
|
0,
|
|
26
|
|
],
|
|
"dhcp.file_raw": [
|
|
"0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
|
|
150,
|
|
128,
|
|
0,
|
|
26
|
|
],
|
|
"dhcp.cookie_raw": [
|
|
"63825363",
|
|
278,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"dhcp.option.type_raw": [
|
|
"350103",
|
|
282,
|
|
3,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.type_tree": {
|
|
"dhcp.option.length_raw": [
|
|
"01",
|
|
283,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.value_raw": [
|
|
"03",
|
|
284,
|
|
1,
|
|
0,
|
|
30
|
|
],
|
|
"dhcp.option.dhcp_raw": [
|
|
"03",
|
|
284,
|
|
1,
|
|
0,
|
|
4
|
|
]
|
|
},
|
|
"dhcp.option.type_raw": [
|
|
"3d0701000b8201fc42",
|
|
285,
|
|
9,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.type_tree": {
|
|
"dhcp.option.length_raw": [
|
|
"07",
|
|
286,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.value_raw": [
|
|
"01000b8201fc42",
|
|
287,
|
|
7,
|
|
0,
|
|
30
|
|
],
|
|
"dhcp.hw.type_raw": [
|
|
"01",
|
|
287,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.hw.mac_addr_raw": [
|
|
"000b8201fc42",
|
|
288,
|
|
6,
|
|
0,
|
|
29
|
|
]
|
|
},
|
|
"dhcp.option.type_raw": [
|
|
"3204c0a8000a",
|
|
294,
|
|
6,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.type_tree": {
|
|
"dhcp.option.length_raw": [
|
|
"04",
|
|
295,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.value_raw": [
|
|
"c0a8000a",
|
|
296,
|
|
4,
|
|
0,
|
|
30
|
|
],
|
|
"dhcp.option.requested_ip_address_raw": [
|
|
"c0a8000a",
|
|
296,
|
|
4,
|
|
0,
|
|
32
|
|
]
|
|
},
|
|
"dhcp.option.type_raw": [
|
|
"3604c0a80001",
|
|
300,
|
|
6,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.type_tree": {
|
|
"dhcp.option.length_raw": [
|
|
"04",
|
|
301,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.value_raw": [
|
|
"c0a80001",
|
|
302,
|
|
4,
|
|
0,
|
|
30
|
|
],
|
|
"dhcp.option.dhcp_server_id_raw": [
|
|
"c0a80001",
|
|
302,
|
|
4,
|
|
0,
|
|
32
|
|
]
|
|
},
|
|
"dhcp.option.type_raw": [
|
|
"37040103062a",
|
|
306,
|
|
6,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.type_tree": {
|
|
"dhcp.option.length_raw": [
|
|
"04",
|
|
307,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.value_raw": [
|
|
"0103062a",
|
|
308,
|
|
4,
|
|
0,
|
|
30
|
|
],
|
|
"dhcp.option.request_list_item_raw": [
|
|
"01",
|
|
308,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.request_list_item_raw": [
|
|
"03",
|
|
309,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.request_list_item_raw": [
|
|
"06",
|
|
310,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.request_list_item_raw": [
|
|
"2a",
|
|
311,
|
|
1,
|
|
0,
|
|
4
|
|
]
|
|
},
|
|
"dhcp.option.type_raw": [
|
|
"ff",
|
|
312,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.type_tree": {
|
|
"dhcp.option.end_raw": [
|
|
"ff",
|
|
312,
|
|
1,
|
|
0,
|
|
4
|
|
]
|
|
},
|
|
"dhcp.option.padding_raw": [
|
|
"00",
|
|
313,
|
|
1,
|
|
0,
|
|
30
|
|
]
|
|
}
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"_index": "packets-2004-12-05",
|
|
"_type": "doc",
|
|
"_score": null,
|
|
"_source": {
|
|
"layers": {
|
|
"frame_raw": [
|
|
"000b8201fc42000874adf19b0800450001480446000080110000c0a80001c0a8000a004300440134dfdb0201060000003d1e0000000000000000c0a8000a0000000000000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501053a04000007083b0400000c4e330400000e103604c0a800010104ffffff00ff0000000000000000000000000000000000000000000000000000",
|
|
0,
|
|
342,
|
|
0,
|
|
1
|
|
],
|
|
"frame": {
|
|
"frame.encap_type_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
13
|
|
],
|
|
"frame.time_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
24
|
|
],
|
|
"frame.offset_shift_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
25
|
|
],
|
|
"frame.time_epoch_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
25
|
|
],
|
|
"frame.time_delta_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
25
|
|
],
|
|
"frame.time_delta_displayed_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
25
|
|
],
|
|
"frame.time_relative_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
25
|
|
],
|
|
"frame.number_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
7
|
|
],
|
|
"frame.len_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
7
|
|
],
|
|
"frame.cap_len_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
7
|
|
],
|
|
"frame.marked_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
2
|
|
],
|
|
"frame.ignored_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
2
|
|
],
|
|
"frame.protocols_raw": [
|
|
"",
|
|
0,
|
|
0,
|
|
0,
|
|
26
|
|
]
|
|
},
|
|
"eth_raw": [
|
|
"000b8201fc42000874adf19b0800",
|
|
0,
|
|
14,
|
|
0,
|
|
1
|
|
],
|
|
"eth": {
|
|
"eth.dst_raw": [
|
|
"000b8201fc42",
|
|
0,
|
|
6,
|
|
0,
|
|
29
|
|
],
|
|
"eth.dst_tree": {
|
|
"eth.dst_resolved_raw": [
|
|
"000b8201fc42",
|
|
0,
|
|
6,
|
|
0,
|
|
26
|
|
],
|
|
"eth.dst.oui_raw": [
|
|
"000b82",
|
|
0,
|
|
3,
|
|
0,
|
|
6
|
|
],
|
|
"eth.dst.oui_resolved_raw": [
|
|
"000b8201fc42",
|
|
0,
|
|
6,
|
|
0,
|
|
26
|
|
],
|
|
"eth.addr_raw": [
|
|
"000b8201fc42",
|
|
0,
|
|
6,
|
|
0,
|
|
29
|
|
],
|
|
"eth.addr_resolved_raw": [
|
|
"000b8201fc42",
|
|
0,
|
|
6,
|
|
0,
|
|
26
|
|
],
|
|
"eth.addr.oui_raw": [
|
|
"000b82",
|
|
0,
|
|
3,
|
|
0,
|
|
6
|
|
],
|
|
"eth.addr.oui_resolved_raw": [
|
|
"000b8201fc42",
|
|
0,
|
|
6,
|
|
0,
|
|
26
|
|
],
|
|
"eth.dst.lg_raw": [
|
|
"0",
|
|
0,
|
|
3,
|
|
131072,
|
|
2
|
|
],
|
|
"eth.lg_raw": [
|
|
"0",
|
|
0,
|
|
3,
|
|
131072,
|
|
2
|
|
],
|
|
"eth.dst.ig_raw": [
|
|
"0",
|
|
0,
|
|
3,
|
|
65536,
|
|
2
|
|
],
|
|
"eth.ig_raw": [
|
|
"0",
|
|
0,
|
|
3,
|
|
65536,
|
|
2
|
|
]
|
|
},
|
|
"eth.src_raw": [
|
|
"000874adf19b",
|
|
6,
|
|
6,
|
|
0,
|
|
29
|
|
],
|
|
"eth.src_tree": {
|
|
"eth.src_resolved_raw": [
|
|
"000874adf19b",
|
|
6,
|
|
6,
|
|
0,
|
|
26
|
|
],
|
|
"eth.src.oui_raw": [
|
|
"000874",
|
|
6,
|
|
3,
|
|
0,
|
|
6
|
|
],
|
|
"eth.src.oui_resolved_raw": [
|
|
"000874adf19b",
|
|
6,
|
|
6,
|
|
0,
|
|
26
|
|
],
|
|
"eth.addr_raw": [
|
|
"000874adf19b",
|
|
6,
|
|
6,
|
|
0,
|
|
29
|
|
],
|
|
"eth.addr_resolved_raw": [
|
|
"000874adf19b",
|
|
6,
|
|
6,
|
|
0,
|
|
26
|
|
],
|
|
"eth.addr.oui_raw": [
|
|
"000874",
|
|
6,
|
|
3,
|
|
0,
|
|
6
|
|
],
|
|
"eth.addr.oui_resolved_raw": [
|
|
"000874adf19b",
|
|
6,
|
|
6,
|
|
0,
|
|
26
|
|
],
|
|
"eth.src.lg_raw": [
|
|
"0",
|
|
6,
|
|
3,
|
|
131072,
|
|
2
|
|
],
|
|
"eth.lg_raw": [
|
|
"0",
|
|
6,
|
|
3,
|
|
131072,
|
|
2
|
|
],
|
|
"eth.src.ig_raw": [
|
|
"0",
|
|
6,
|
|
3,
|
|
65536,
|
|
2
|
|
],
|
|
"eth.ig_raw": [
|
|
"0",
|
|
6,
|
|
3,
|
|
65536,
|
|
2
|
|
]
|
|
},
|
|
"eth.type_raw": [
|
|
"0800",
|
|
12,
|
|
2,
|
|
0,
|
|
5
|
|
]
|
|
},
|
|
"ip_raw": [
|
|
"450001480446000080110000c0a80001c0a8000a",
|
|
14,
|
|
20,
|
|
0,
|
|
1
|
|
],
|
|
"ip": {
|
|
"ip.version_raw": [
|
|
"45",
|
|
14,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"ip.hdr_len_raw": [
|
|
"45",
|
|
14,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"ip.dsfield_raw": [
|
|
"00",
|
|
15,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"ip.dsfield_tree": {
|
|
"ip.dsfield.dscp_raw": [
|
|
"0",
|
|
15,
|
|
1,
|
|
252,
|
|
4
|
|
],
|
|
"ip.dsfield.ecn_raw": [
|
|
"0",
|
|
15,
|
|
1,
|
|
3,
|
|
4
|
|
]
|
|
},
|
|
"ip.len_raw": [
|
|
"0148",
|
|
16,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"ip.id_raw": [
|
|
"0446",
|
|
18,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"ip.flags_raw": [
|
|
"0",
|
|
20,
|
|
1,
|
|
224,
|
|
4
|
|
],
|
|
"ip.flags_tree": {
|
|
"ip.flags.rb_raw": [
|
|
"0",
|
|
20,
|
|
1,
|
|
128,
|
|
2
|
|
],
|
|
"ip.flags.df_raw": [
|
|
"0",
|
|
20,
|
|
1,
|
|
64,
|
|
2
|
|
],
|
|
"ip.flags.mf_raw": [
|
|
"0",
|
|
20,
|
|
1,
|
|
32,
|
|
2
|
|
]
|
|
},
|
|
"ip.frag_offset_raw": [
|
|
"0",
|
|
20,
|
|
2,
|
|
8191,
|
|
5
|
|
],
|
|
"ip.ttl_raw": [
|
|
"80",
|
|
22,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"ip.proto_raw": [
|
|
"11",
|
|
23,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"ip.checksum_raw": [
|
|
"0000",
|
|
24,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"ip.checksum.status_raw": [
|
|
"",
|
|
24,
|
|
0,
|
|
0,
|
|
4
|
|
],
|
|
"ip.src_raw": [
|
|
"c0a80001",
|
|
26,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"ip.addr_raw": [
|
|
"c0a80001",
|
|
26,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"ip.src_host_raw": [
|
|
"c0a80001",
|
|
26,
|
|
4,
|
|
0,
|
|
26
|
|
],
|
|
"ip.host_raw": [
|
|
"c0a80001",
|
|
26,
|
|
4,
|
|
0,
|
|
26
|
|
],
|
|
"ip.dst_raw": [
|
|
"c0a8000a",
|
|
30,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"ip.addr_raw": [
|
|
"c0a8000a",
|
|
30,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"ip.dst_host_raw": [
|
|
"c0a8000a",
|
|
30,
|
|
4,
|
|
0,
|
|
26
|
|
],
|
|
"ip.host_raw": [
|
|
"c0a8000a",
|
|
30,
|
|
4,
|
|
0,
|
|
26
|
|
]
|
|
},
|
|
"udp_raw": [
|
|
"004300440134dfdb",
|
|
34,
|
|
8,
|
|
0,
|
|
1
|
|
],
|
|
"udp": {
|
|
"udp.srcport_raw": [
|
|
"0043",
|
|
34,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"udp.dstport_raw": [
|
|
"0044",
|
|
36,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"udp.port_raw": [
|
|
"0043",
|
|
34,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"udp.port_raw": [
|
|
"0044",
|
|
36,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"udp.length_raw": [
|
|
"0134",
|
|
38,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"udp.checksum_raw": [
|
|
"dfdb",
|
|
40,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"udp.checksum.status_raw": [
|
|
"",
|
|
40,
|
|
0,
|
|
0,
|
|
4
|
|
],
|
|
"udp.stream_raw": [
|
|
"",
|
|
42,
|
|
0,
|
|
0,
|
|
7
|
|
],
|
|
"Timestamps": {
|
|
"udp.time_relative_raw": [
|
|
"",
|
|
34,
|
|
0,
|
|
0,
|
|
25
|
|
],
|
|
"udp.time_delta_raw": [
|
|
"",
|
|
34,
|
|
0,
|
|
0,
|
|
25
|
|
]
|
|
},
|
|
"udp.payload_raw": [
|
|
"0201060000003d1e0000000000000000c0a8000a0000000000000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501053a04000007083b0400000c4e330400000e103604c0a800010104ffffff00ff0000000000000000000000000000000000000000000000000000",
|
|
42,
|
|
300,
|
|
0,
|
|
30
|
|
]
|
|
},
|
|
"dhcp_raw": [
|
|
"0201060000003d1e0000000000000000c0a8000a0000000000000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501053a04000007083b0400000c4e330400000e103604c0a800010104ffffff00ff0000000000000000000000000000000000000000000000000000",
|
|
42,
|
|
300,
|
|
0,
|
|
1
|
|
],
|
|
"dhcp": {
|
|
"dhcp.type_raw": [
|
|
"02",
|
|
42,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.hw.type_raw": [
|
|
"01",
|
|
43,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.hw.len_raw": [
|
|
"06",
|
|
44,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.hops_raw": [
|
|
"00",
|
|
45,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.id_raw": [
|
|
"00003d1e",
|
|
46,
|
|
4,
|
|
0,
|
|
7
|
|
],
|
|
"dhcp.secs_raw": [
|
|
"0000",
|
|
50,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"dhcp.flags_raw": [
|
|
"0000",
|
|
52,
|
|
2,
|
|
0,
|
|
5
|
|
],
|
|
"dhcp.flags_tree": {
|
|
"dhcp.flags.bc_raw": [
|
|
"0",
|
|
52,
|
|
2,
|
|
32768,
|
|
2
|
|
],
|
|
"dhcp.flags.reserved_raw": [
|
|
"0",
|
|
52,
|
|
2,
|
|
32767,
|
|
5
|
|
]
|
|
},
|
|
"dhcp.ip.client_raw": [
|
|
"00000000",
|
|
54,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"dhcp.ip.your_raw": [
|
|
"c0a8000a",
|
|
58,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"dhcp.ip.server_raw": [
|
|
"00000000",
|
|
62,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"dhcp.ip.relay_raw": [
|
|
"00000000",
|
|
66,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"dhcp.hw.mac_addr_raw": [
|
|
"000b8201fc42",
|
|
70,
|
|
6,
|
|
0,
|
|
29
|
|
],
|
|
"dhcp.hw.addr_padding_raw": [
|
|
"00000000000000000000",
|
|
76,
|
|
10,
|
|
0,
|
|
30
|
|
],
|
|
"dhcp.server_raw": [
|
|
"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
|
|
86,
|
|
64,
|
|
0,
|
|
26
|
|
],
|
|
"dhcp.file_raw": [
|
|
"0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
|
|
150,
|
|
128,
|
|
0,
|
|
26
|
|
],
|
|
"dhcp.cookie_raw": [
|
|
"63825363",
|
|
278,
|
|
4,
|
|
0,
|
|
32
|
|
],
|
|
"dhcp.option.type_raw": [
|
|
"350105",
|
|
282,
|
|
3,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.type_tree": {
|
|
"dhcp.option.length_raw": [
|
|
"01",
|
|
283,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.value_raw": [
|
|
"05",
|
|
284,
|
|
1,
|
|
0,
|
|
30
|
|
],
|
|
"dhcp.option.dhcp_raw": [
|
|
"05",
|
|
284,
|
|
1,
|
|
0,
|
|
4
|
|
]
|
|
},
|
|
"dhcp.option.type_raw": [
|
|
"3a0400000708",
|
|
285,
|
|
6,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.type_tree": {
|
|
"dhcp.option.length_raw": [
|
|
"04",
|
|
286,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.value_raw": [
|
|
"00000708",
|
|
287,
|
|
4,
|
|
0,
|
|
30
|
|
],
|
|
"dhcp.option.renewal_time_value_raw": [
|
|
"00000708",
|
|
287,
|
|
4,
|
|
0,
|
|
7
|
|
]
|
|
},
|
|
"dhcp.option.type_raw": [
|
|
"3b0400000c4e",
|
|
291,
|
|
6,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.type_tree": {
|
|
"dhcp.option.length_raw": [
|
|
"04",
|
|
292,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.value_raw": [
|
|
"00000c4e",
|
|
293,
|
|
4,
|
|
0,
|
|
30
|
|
],
|
|
"dhcp.option.rebinding_time_value_raw": [
|
|
"00000c4e",
|
|
293,
|
|
4,
|
|
0,
|
|
7
|
|
]
|
|
},
|
|
"dhcp.option.type_raw": [
|
|
"330400000e10",
|
|
297,
|
|
6,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.type_tree": {
|
|
"dhcp.option.length_raw": [
|
|
"04",
|
|
298,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.value_raw": [
|
|
"00000e10",
|
|
299,
|
|
4,
|
|
0,
|
|
30
|
|
],
|
|
"dhcp.option.ip_address_lease_time_raw": [
|
|
"00000e10",
|
|
299,
|
|
4,
|
|
0,
|
|
7
|
|
]
|
|
},
|
|
"dhcp.option.type_raw": [
|
|
"3604c0a80001",
|
|
303,
|
|
6,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.type_tree": {
|
|
"dhcp.option.length_raw": [
|
|
"04",
|
|
304,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.value_raw": [
|
|
"c0a80001",
|
|
305,
|
|
4,
|
|
0,
|
|
30
|
|
],
|
|
"dhcp.option.dhcp_server_id_raw": [
|
|
"c0a80001",
|
|
305,
|
|
4,
|
|
0,
|
|
32
|
|
]
|
|
},
|
|
"dhcp.option.type_raw": [
|
|
"0104ffffff00",
|
|
309,
|
|
6,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.type_tree": {
|
|
"dhcp.option.length_raw": [
|
|
"04",
|
|
310,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.value_raw": [
|
|
"ffffff00",
|
|
311,
|
|
4,
|
|
0,
|
|
30
|
|
],
|
|
"dhcp.option.subnet_mask_raw": [
|
|
"ffffff00",
|
|
311,
|
|
4,
|
|
0,
|
|
32
|
|
]
|
|
},
|
|
"dhcp.option.type_raw": [
|
|
"ff",
|
|
315,
|
|
1,
|
|
0,
|
|
4
|
|
],
|
|
"dhcp.option.type_tree": {
|
|
"dhcp.option.end_raw": [
|
|
"ff",
|
|
315,
|
|
1,
|
|
0,
|
|
4
|
|
]
|
|
},
|
|
"dhcp.option.padding_raw": [
|
|
"0000000000000000000000000000000000000000000000000000",
|
|
316,
|
|
26,
|
|
0,
|
|
30
|
|
]
|
|
}
|
|
}
|
|
}
|
|
}
|
|
]
|