{ "applications": { "discovery": { "applications": [ { "app_type": "suricata", "app_state": "UNKNOWN", "discovered": 1, "app_state_prev": null, "app_status": "", "app_instance": "", "data": null, "deleted_at": null } ] }, "poller": { "applications": [ { "app_type": "suricata", "app_state": "OK", "discovered": 1, "app_state_prev": "UNKNOWN", "app_status": "", "app_instance": "", "data": "{\"version\":2,\"instances\":[\"ids\"]}", "deleted_at": null } ], "application_metrics": [ { "metric": "alert", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__bittorrent-dht__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__bittorrent-dht__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__bittorrent-dht__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__bittorrent-dht__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__dcerpc_tcp__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__dcerpc_tcp__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__dcerpc_tcp__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__dcerpc_tcp__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__dcerpc_udp__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__dcerpc_udp__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__dcerpc_udp__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__dhcp__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__dhcp__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__dhcp__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__dhcp__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__dnp3__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__dnp3__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__dnp3__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__dnp3__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__dns_tcp__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__dns_tcp__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__dns_tcp__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__dns_tcp__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__dns_udp__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__dns_udp__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__dns_udp__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__enip_tcp__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__enip_tcp__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__enip_tcp__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__enip_tcp__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__enip_udp__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__enip_udp__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__enip_udp__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__failed_tcp__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__ftp__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__ftp__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__ftp__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__ftp__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__ftp-data__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__ftp-data__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__ftp-data__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__ftp-data__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__http__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__http__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__http__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__http__parser", "value": 72, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__http2__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__http2__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__http2__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__http2__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__ike__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__ike__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__ike__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__ike__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__imap__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__imap__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__imap__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__imap__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__krb5_tcp__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__krb5_tcp__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__krb5_tcp__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__krb5_tcp__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__krb5_udp__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__krb5_udp__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__krb5_udp__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__modbus__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__modbus__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__modbus__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__modbus__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__mqtt__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__mqtt__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__mqtt__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__mqtt__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__nfs_tcp__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__nfs_tcp__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__nfs_tcp__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__nfs_tcp__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__nfs_udp__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__nfs_udp__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__nfs_udp__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__ntp__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__ntp__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__ntp__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__ntp__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__pgsql__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__pgsql__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__pgsql__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__pgsql__parser", "value": 2, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__quic__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__quic__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__quic__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__quic__parser", "value": 2439, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__rdp__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__rdp__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__rdp__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__rdp__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__rfb__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__rfb__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__rfb__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__rfb__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__sip__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__sip__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__sip__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__sip__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__smb__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__smb__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__smb__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__smb__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__smtp__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__smtp__gap", "value": 70, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__smtp__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__smtp__parser", "value": 277204, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__snmp__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__snmp__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__snmp__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__snmp__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__ssh__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__ssh__gap", "value": 39, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__ssh__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__ssh__parser", "value": 1232, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__telnet__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__telnet__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__telnet__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__telnet__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__tftp__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__tftp__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__tftp__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__tftp__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__tls__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__tls__gap", "value": 4939, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__tls__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__error__tls__parser", "value": 627081, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__expectations", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__bittorrent-dht", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__dcerpc_tcp", "value": 6, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__dcerpc_udp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__dhcp", "value": 3180, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__dnp3", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__dns_tcp", "value": 40908, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__dns_udp", "value": 25408500, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__enip_tcp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__enip_udp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__failed_tcp", "value": 26257, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__failed_udp", "value": 580648, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__ftp", "value": 4, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__ftp-data", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__http", "value": 2274646, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__http2", "value": 47, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__ike", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__imap", "value": 4, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__krb5_tcp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__krb5_udp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__modbus", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__mqtt", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__nfs_tcp", "value": 87, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__nfs_udp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__ntp", "value": 48869, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__pgsql", "value": 6238, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__quic", "value": 3483, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__rdp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__rfb", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__sip", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__smb", "value": 30, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__smtp", "value": 362804, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__snmp", "value": 290965, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__ssh", "value": 28903, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__telnet", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__tftp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__flow__tls", "value": 5485861, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__tx__bittorrent-dht", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__tx__dcerpc_tcp", "value": 6, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__tx__dcerpc_udp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__tx__dhcp", "value": 67985, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__tx__dnp3", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__tx__dns_tcp", "value": 81949, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__tx__dns_udp", "value": 56342448, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__tx__enip_tcp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__tx__enip_udp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__tx__ftp", "value": 8, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__tx__ftp-data", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__tx__http", "value": 4499000, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__tx__http2", "value": 77, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__tx__ike", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__tx__imap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__tx__krb5_tcp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__tx__krb5_udp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__tx__modbus", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__tx__mqtt", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__tx__nfs_tcp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__tx__nfs_udp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__tx__ntp", "value": 75266, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__tx__pgsql", "value": 37404, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__tx__quic", "value": 9256, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__tx__rdp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__tx__rfb", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__tx__sip", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__tx__smb", "value": 30, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__tx__smtp", "value": 610596, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__tx__snmp", "value": 4724882, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__tx__ssh", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__tx__telnet", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__tx__tftp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_app_layer__tx__tls", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_capture__kernel_drops", "value": 6325373, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_capture__kernel_ifdrops", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_capture__kernel_packets", "value": 1741216905, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__arp", "value": 876886, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__avg_pkt_size", "value": 376, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__bytes", "value": 653962159280, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__chdlc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__erspan", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__esp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__ethernet", "value": 1734891574, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__chdlc__pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__dce__pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__erspan__header_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__erspan__too_many_vlan_layers", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__erspan__unsupported_version", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__esp__pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ethernet__pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__geneve__unknown_payload_type", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__gre__pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__gre__version0_flags", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__gre__version0_hdr_too_big", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__gre__version0_malformed_sre_hdr", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__gre__version0_recur", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__gre__version1_chksum", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__gre__version1_flags", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__gre__version1_hdr_too_big", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__gre__version1_malformed_sre_hdr", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__gre__version1_no_key", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__gre__version1_recur", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__gre__version1_route", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__gre__version1_ssr", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__gre__version1_wrong_protocol", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__gre__wrong_version", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__icmpv4__ipv4_trunc_pkt", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__icmpv4__ipv4_unknown_ver", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__icmpv4__pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__icmpv4__unknown_code", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__icmpv4__unknown_type", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__icmpv6__experimentation_type", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__icmpv6__ipv6_trunc_pkt", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__icmpv6__ipv6_unknown_version", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__icmpv6__mld_message_with_invalid_h", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__icmpv6__pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__icmpv6__unassigned_type", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__icmpv6__unknown_code", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__icmpv6__unknown_type", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ieee8021ah__header_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipraw__invalid_ip_version", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv4__frag_ignored", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv4__frag_overlap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv4__frag_pkt_too_large", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv4__hlen_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv4__icmpv6", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv4__iplen_smaller_than_hlen", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv4__opt_duplicate", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv4__opt_eol_required", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv4__opt_invalid", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv4__opt_invalid_len", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv4__opt_malformed", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv4__opt_pad_required", "value": 2, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv4__opt_unknown", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv4__pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv4__trunc_pkt", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv4__wrong_ip_version", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv6__data_after_none_header", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv6__dstopts_only_padding", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv6__dstopts_unknown_opt", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv6__exthdr_ah_res_not_null", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv6__exthdr_dupl_ah", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv6__exthdr_dupl_dh", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv6__exthdr_dupl_eh", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv6__exthdr_dupl_fh", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv6__exthdr_dupl_hh", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv6__exthdr_dupl_rh", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv6__exthdr_invalid_optlen", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv6__exthdr_useless_fh", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv6__fh_non_zero_reserved_field", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv6__frag_ignored", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv6__frag_invalid_length", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv6__frag_overlap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv6__frag_pkt_too_large", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv6__hopopts_only_padding", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv6__hopopts_unknown_opt", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv6__icmpv4", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv6__ipv4_in_ipv6_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv6__ipv4_in_ipv6_wrong_version", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv6__ipv6_in_ipv6_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv6__ipv6_in_ipv6_wrong_version", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv6__pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv6__rh_type_0", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv6__trunc_exthdr", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv6__trunc_pkt", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv6__unknown_next_header", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv6__wrong_ip_version", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ipv6__zero_len_padn", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ltnull__pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ltnull__unsupported_type", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__mpls__bad_label_implicit_null", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__mpls__bad_label_reserved", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__mpls__bad_label_router_alert", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__mpls__header_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__mpls__pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__mpls__unknown_payload_type", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__nsh__bad_header_length", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__nsh__header_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__nsh__reserved_type", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__nsh__unknown_payload", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__nsh__unsupported_type", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__nsh__unsupported_version", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ppp__ip4_pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ppp__ip6_pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ppp__pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ppp__unsup_proto", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ppp__vju_pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__ppp__wrong_type", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__pppoe__malformed_tags", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__pppoe__pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__pppoe__wrong_code", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__sctp__pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__sll__pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__tcp__hlen_too_small", "value": 31, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__tcp__invalid_optlen", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__tcp__opt_duplicate", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__tcp__opt_invalid_len", "value": 1, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__tcp__pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__udp__hlen_invalid", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__udp__hlen_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__udp__len_invalid", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__udp__pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__vlan__header_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__vlan__too_many_layers", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__vlan__unknown_type", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__vntag__header_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__vntag__unknown_type", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__event__vxlan__unknown_payload_type", "value": 37, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__geneve", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__gre", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__icmpv4", "value": 19880450, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__icmpv6", "value": 17813, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__ieee8021ah", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__invalid", "value": 68, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__ipv4", "value": 1733122459, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__ipv4_in_ipv6", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__ipv6", "value": 18591, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__ipv6_in_ipv6", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__max_mac_addrs_dst", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__max_mac_addrs_src", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__max_pkt_size", "value": 1514, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__mpls", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__nsh", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__null", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__pkts", "value": 1734891574, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__ppp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__pppoe", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__raw", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__sctp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__sll", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__tcp", "value": 1492247140, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__teredo", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__too_many_layers", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__udp", "value": 220595479, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__unknown_ethertype", "value": 1054032, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__vlan", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__vlan_qinq", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__vlan_qinqinq", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__vntag", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_decoder__vxlan", "value": 37, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_defrag__ipv4__fragments", "value": 400166, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_defrag__ipv4__reassembled", "value": 180394, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_defrag__ipv6__fragments", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_defrag__ipv6__reassembled", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_defrag__max_frag_hits", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_detect__alert", "value": 26379, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_detect__alert_queue_overflow", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_detect__alerts_suppressed", "value": 391806, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_file_store__fs_errors", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_file_store__open_files", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_file_store__open_files_max_hit", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__active", "value": 1759, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__emerg_mode_entered", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__emerg_mode_over", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__end__state__closed", "value": 7868744, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__end__state__established", "value": 25715466, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__end__state__local_bypassed", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__end__state__new", "value": 983233, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__end__tcp_liberal", "value": 6427, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__end__tcp_state__close_wait", "value": 3171, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__end__tcp_state__closed", "value": 7556083, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__end__tcp_state__closing", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__end__tcp_state__established", "value": 1914, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__end__tcp_state__fin_wait1", "value": 841, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__end__tcp_state__fin_wait2", "value": 35697, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__end__tcp_state__last_ack", "value": 262224, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__end__tcp_state__none", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__end__tcp_state__syn_recv", "value": 4366, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__end__tcp_state__syn_sent", "value": 96970, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__end__tcp_state__time_wait", "value": 50437, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__get_used", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__get_used_eval", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__get_used_eval_busy", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__get_used_eval_reject", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__get_used_failed", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__icmpv4", "value": 128280, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__icmpv6", "value": 10444, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__memcap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__memuse", "value": 7615216, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__mgr__flows_checked", "value": 110169569, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__mgr__flows_evicted", "value": 34286184, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__mgr__flows_evicted_needs_work", "value": 7225174, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__mgr__flows_notimeout", "value": 75883385, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__mgr__flows_timeout", "value": 34286184, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__mgr__full_hash_pass", "value": 303032, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__mgr__rows_maxlen", "value": 8, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__mgr__rows_per_sec", "value": 6553, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__recycler__queue_avg", "value": 7, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__recycler__queue_max", "value": 948, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__recycler__recycled", "value": 27061010, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__spare", "value": 11098, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__tcp", "value": 8094833, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__tcp_reuse", "value": 841, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__total", "value": 34569202, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__udp", "value": 26335645, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__wrk__flows_evicted", "value": 2360569, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__wrk__flows_evicted_needs_work", "value": 7272282, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__wrk__flows_evicted_pkt_inject", "value": 9771563, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__wrk__flows_injected", "value": 7225185, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__wrk__flows_injected_max", "value": 528, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__wrk__spare_sync", "value": 298602, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__wrk__spare_sync_avg", "value": 90, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__wrk__spare_sync_empty", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow__wrk__spare_sync_incomplete", "value": 197770, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow_bypassed__bytes", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow_bypassed__closed", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow_bypassed__local_bytes", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow_bypassed__local_capture_bytes", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow_bypassed__local_capture_pkts", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow_bypassed__local_pkts", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_flow_bypassed__pkts", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_ftp__memcap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_ftp__memuse", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_http__memcap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_http__memuse", "value": 4817354, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_memcap_pressure", "value": 5, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_memcap_pressure_max", "value": 63, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_tcp__ack_unseen_data", "value": 47005, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_tcp__active_sessions", "value": 260, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_tcp__insert_data_normal_fail", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_tcp__insert_data_overlap_fail", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_tcp__invalid_checksum", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_tcp__memuse", "value": 2475040, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_tcp__midstream_pickups", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_tcp__overlap", "value": 438385, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_tcp__overlap_diff_data", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_tcp__pkt_on_wrong_thread", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_tcp__pseudo", "value": 823992, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_tcp__pseudo_failed", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_tcp__reassembly_gap", "value": 9929, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_tcp__reassembly_memuse", "value": 3697168, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_tcp__rst", "value": 3648542, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_tcp__segment_from_cache", "value": 210507555, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_tcp__segment_from_pool", "value": 25923977, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_tcp__segment_memcap_drop", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_tcp__sessions", "value": 8011963, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_tcp__ssn_from_cache", "value": 6508924, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_tcp__ssn_from_pool", "value": 1503039, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_tcp__ssn_memcap_drop", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_tcp__stream_depth_reached", "value": 19331, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_tcp__syn", "value": 8352528, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_tcp__synack", "value": 7944311, "value_prev": null, "app_type": "suricata" }, { "metric": "instances_ids_uptime", "value": 1877156, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__bittorrent-dht__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__bittorrent-dht__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__bittorrent-dht__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__bittorrent-dht__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__dcerpc_tcp__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__dcerpc_tcp__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__dcerpc_tcp__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__dcerpc_tcp__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__dcerpc_udp__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__dcerpc_udp__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__dcerpc_udp__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__dhcp__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__dhcp__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__dhcp__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__dhcp__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__dnp3__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__dnp3__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__dnp3__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__dnp3__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__dns_tcp__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__dns_tcp__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__dns_tcp__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__dns_tcp__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__dns_udp__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__dns_udp__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__dns_udp__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__enip_tcp__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__enip_tcp__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__enip_tcp__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__enip_tcp__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__enip_udp__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__enip_udp__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__enip_udp__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__failed_tcp__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__ftp__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__ftp__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__ftp__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__ftp__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__ftp-data__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__ftp-data__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__ftp-data__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__ftp-data__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__http__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__http__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__http__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__http__parser", "value": 72, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__http2__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__http2__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__http2__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__http2__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__ike__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__ike__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__ike__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__ike__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__imap__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__imap__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__imap__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__imap__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__krb5_tcp__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__krb5_tcp__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__krb5_tcp__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__krb5_tcp__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__krb5_udp__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__krb5_udp__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__krb5_udp__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__modbus__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__modbus__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__modbus__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__modbus__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__mqtt__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__mqtt__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__mqtt__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__mqtt__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__nfs_tcp__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__nfs_tcp__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__nfs_tcp__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__nfs_tcp__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__nfs_udp__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__nfs_udp__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__nfs_udp__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__ntp__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__ntp__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__ntp__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__ntp__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__pgsql__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__pgsql__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__pgsql__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__pgsql__parser", "value": 2, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__quic__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__quic__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__quic__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__quic__parser", "value": 2439, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__rdp__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__rdp__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__rdp__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__rdp__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__rfb__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__rfb__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__rfb__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__rfb__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__sip__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__sip__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__sip__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__sip__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__smb__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__smb__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__smb__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__smb__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__smtp__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__smtp__gap", "value": 70, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__smtp__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__smtp__parser", "value": 277204, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__snmp__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__snmp__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__snmp__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__snmp__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__ssh__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__ssh__gap", "value": 39, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__ssh__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__ssh__parser", "value": 1232, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__telnet__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__telnet__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__telnet__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__telnet__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__tftp__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__tftp__gap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__tftp__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__tftp__parser", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__tls__alloc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__tls__gap", "value": 4939, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__tls__internal", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__error__tls__parser", "value": 627081, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__expectations", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__bittorrent-dht", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__dcerpc_tcp", "value": 6, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__dcerpc_udp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__dhcp", "value": 3180, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__dnp3", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__dns_tcp", "value": 40908, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__dns_udp", "value": 25408500, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__enip_tcp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__enip_udp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__failed_tcp", "value": 26257, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__failed_udp", "value": 580648, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__ftp", "value": 4, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__ftp-data", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__http", "value": 2274646, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__http2", "value": 47, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__ike", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__imap", "value": 4, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__krb5_tcp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__krb5_udp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__modbus", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__mqtt", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__nfs_tcp", "value": 87, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__nfs_udp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__ntp", "value": 48869, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__pgsql", "value": 6238, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__quic", "value": 3483, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__rdp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__rfb", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__sip", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__smb", "value": 30, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__smtp", "value": 362804, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__snmp", "value": 290965, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__ssh", "value": 28903, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__telnet", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__tftp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__flow__tls", "value": 5485861, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__tx__bittorrent-dht", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__tx__dcerpc_tcp", "value": 6, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__tx__dcerpc_udp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__tx__dhcp", "value": 67985, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__tx__dnp3", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__tx__dns_tcp", "value": 81949, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__tx__dns_udp", "value": 56342448, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__tx__enip_tcp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__tx__enip_udp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__tx__ftp", "value": 8, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__tx__ftp-data", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__tx__http", "value": 4499000, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__tx__http2", "value": 77, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__tx__ike", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__tx__imap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__tx__krb5_tcp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__tx__krb5_udp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__tx__modbus", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__tx__mqtt", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__tx__nfs_tcp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__tx__nfs_udp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__tx__ntp", "value": 75266, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__tx__pgsql", "value": 37404, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__tx__quic", "value": 9256, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__tx__rdp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__tx__rfb", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__tx__sip", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__tx__smb", "value": 30, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__tx__smtp", "value": 610596, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__tx__snmp", "value": 4724882, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__tx__ssh", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__tx__telnet", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__tx__tftp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_app_layer__tx__tls", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_capture__kernel_drops", "value": 6325373, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_capture__kernel_drops_any", "value": 6325373, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_capture__kernel_ifdrops", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_capture__kernel_packets", "value": 1741216905, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__arp", "value": 876886, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__avg_pkt_size", "value": 376, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__bytes", "value": 653962159280, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__chdlc", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__erspan", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__esp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__ethernet", "value": 1734891574, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__chdlc__pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__dce__pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__erspan__header_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__erspan__too_many_vlan_layers", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__erspan__unsupported_version", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__esp__pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ethernet__pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__geneve__unknown_payload_type", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__gre__pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__gre__version0_flags", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__gre__version0_hdr_too_big", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__gre__version0_malformed_sre_hdr", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__gre__version0_recur", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__gre__version1_chksum", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__gre__version1_flags", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__gre__version1_hdr_too_big", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__gre__version1_malformed_sre_hdr", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__gre__version1_no_key", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__gre__version1_recur", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__gre__version1_route", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__gre__version1_ssr", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__gre__version1_wrong_protocol", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__gre__wrong_version", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__icmpv4__ipv4_trunc_pkt", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__icmpv4__ipv4_unknown_ver", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__icmpv4__pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__icmpv4__unknown_code", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__icmpv4__unknown_type", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__icmpv6__experimentation_type", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__icmpv6__ipv6_trunc_pkt", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__icmpv6__ipv6_unknown_version", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__icmpv6__mld_message_with_invalid_hl", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__icmpv6__pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__icmpv6__unassigned_type", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__icmpv6__unknown_code", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__icmpv6__unknown_type", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ieee8021ah__header_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipraw__invalid_ip_version", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv4__frag_ignored", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv4__frag_overlap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv4__frag_pkt_too_large", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv4__hlen_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv4__icmpv6", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv4__iplen_smaller_than_hlen", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv4__opt_duplicate", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv4__opt_eol_required", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv4__opt_invalid", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv4__opt_invalid_len", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv4__opt_malformed", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv4__opt_pad_required", "value": 2, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv4__opt_unknown", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv4__pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv4__trunc_pkt", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv4__wrong_ip_version", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv6__data_after_none_header", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv6__dstopts_only_padding", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv6__dstopts_unknown_opt", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv6__exthdr_ah_res_not_null", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv6__exthdr_dupl_ah", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv6__exthdr_dupl_dh", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv6__exthdr_dupl_eh", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv6__exthdr_dupl_fh", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv6__exthdr_dupl_hh", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv6__exthdr_dupl_rh", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv6__exthdr_invalid_optlen", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv6__exthdr_useless_fh", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv6__fh_non_zero_reserved_field", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv6__frag_ignored", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv6__frag_invalid_length", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv6__frag_overlap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv6__frag_pkt_too_large", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv6__hopopts_only_padding", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv6__hopopts_unknown_opt", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv6__icmpv4", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv6__ipv4_in_ipv6_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv6__ipv4_in_ipv6_wrong_version", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv6__ipv6_in_ipv6_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv6__ipv6_in_ipv6_wrong_version", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv6__pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv6__rh_type_0", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv6__trunc_exthdr", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv6__trunc_pkt", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv6__unknown_next_header", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv6__wrong_ip_version", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ipv6__zero_len_padn", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ltnull__pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ltnull__unsupported_type", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__mpls__bad_label_implicit_null", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__mpls__bad_label_reserved", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__mpls__bad_label_router_alert", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__mpls__header_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__mpls__pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__mpls__unknown_payload_type", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__nsh__bad_header_length", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__nsh__header_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__nsh__reserved_type", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__nsh__unknown_payload", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__nsh__unsupported_type", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__nsh__unsupported_version", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ppp__ip4_pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ppp__ip6_pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ppp__pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ppp__unsup_proto", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ppp__vju_pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__ppp__wrong_type", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__pppoe__malformed_tags", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__pppoe__pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__pppoe__wrong_code", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__sctp__pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__sll__pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__tcp__hlen_too_small", "value": 31, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__tcp__invalid_optlen", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__tcp__opt_duplicate", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__tcp__opt_invalid_len", "value": 1, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__tcp__pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__udp__hlen_invalid", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__udp__hlen_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__udp__len_invalid", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__udp__pkt_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__vlan__header_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__vlan__too_many_layers", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__vlan__unknown_type", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__vntag__header_too_small", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__vntag__unknown_type", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__event__vxlan__unknown_payload_type", "value": 37, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__geneve", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__gre", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__icmpv4", "value": 19880450, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__icmpv6", "value": 17813, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__ieee8021ah", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__invalid", "value": 68, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__ipv4", "value": 1733122459, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__ipv4_in_ipv6", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__ipv6", "value": 18591, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__ipv6_in_ipv6", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__max_mac_addrs_dst", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__max_mac_addrs_src", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__max_pkt_size", "value": 1514, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__mpls", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__nsh", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__null", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__pkts", "value": 1734891574, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__ppp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__pppoe", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__raw", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__sctp", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__sll", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__tcp", "value": 1492247140, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__teredo", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__too_many_layers", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__udp", "value": 220595479, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__unknown_ethertype", "value": 1054032, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__vlan", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__vlan_qinq", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__vlan_qinqinq", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__vntag", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_decoder__vxlan", "value": 37, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_defrag__ipv4__fragments", "value": 400166, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_defrag__ipv4__reassembled", "value": 180394, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_defrag__ipv6__fragments", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_defrag__ipv6__reassembled", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_defrag__max_frag_hits", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_detect__alert", "value": 26379, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_detect__alert_queue_overflow", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_detect__alerts_suppressed", "value": 391806, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_drop_percent", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_error_delta", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_file_store__fs_errors", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_file_store__open_files", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_file_store__open_files_max_hit", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__active", "value": 1759, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__emerg_mode_entered", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__emerg_mode_over", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__end__state__closed", "value": 7868744, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__end__state__established", "value": 25715466, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__end__state__local_bypassed", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__end__state__new", "value": 983233, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__end__tcp_liberal", "value": 6427, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__end__tcp_state__close_wait", "value": 3171, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__end__tcp_state__closed", "value": 7556083, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__end__tcp_state__closing", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__end__tcp_state__established", "value": 1914, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__end__tcp_state__fin_wait1", "value": 841, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__end__tcp_state__fin_wait2", "value": 35697, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__end__tcp_state__last_ack", "value": 262224, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__end__tcp_state__none", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__end__tcp_state__syn_recv", "value": 4366, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__end__tcp_state__syn_sent", "value": 96970, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__end__tcp_state__time_wait", "value": 50437, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__get_used", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__get_used_eval", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__get_used_eval_busy", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__get_used_eval_reject", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__get_used_failed", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__icmpv4", "value": 128280, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__icmpv6", "value": 10444, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__memcap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__memuse", "value": 7615216, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__mgr__flows_checked", "value": 110169569, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__mgr__flows_evicted", "value": 34286184, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__mgr__flows_evicted_needs_work", "value": 7225174, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__mgr__flows_notimeout", "value": 75883385, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__mgr__flows_timeout", "value": 34286184, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__mgr__full_hash_pass", "value": 303032, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__mgr__rows_maxlen", "value": 8, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__mgr__rows_per_sec", "value": 6553, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__recycler__queue_avg", "value": 7, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__recycler__queue_max", "value": 948, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__recycler__recycled", "value": 27061010, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__spare", "value": 11098, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__tcp", "value": 8094833, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__tcp_reuse", "value": 841, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__total", "value": 34569202, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__udp", "value": 26335645, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__wrk__flows_evicted", "value": 2360569, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__wrk__flows_evicted_needs_work", "value": 7272282, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__wrk__flows_evicted_pkt_inject", "value": 9771563, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__wrk__flows_injected", "value": 7225185, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__wrk__flows_injected_max", "value": 528, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__wrk__spare_sync", "value": 298602, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__wrk__spare_sync_avg", "value": 90, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__wrk__spare_sync_empty", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow__wrk__spare_sync_incomplete", "value": 197770, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow_bypassed__bytes", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow_bypassed__closed", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow_bypassed__local_bytes", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow_bypassed__local_capture_bytes", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow_bypassed__local_capture_pkts", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow_bypassed__local_pkts", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_flow_bypassed__pkts", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_ftp__memcap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_ftp__memuse", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_http__memcap", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_http__memuse", "value": 4817354, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_memcap_pressure", "value": 5, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_memcap_pressure_max", "value": 63, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_tcp__ack_unseen_data", "value": 47005, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_tcp__active_sessions", "value": 260, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_tcp__insert_data_normal_fail", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_tcp__insert_data_overlap_fail", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_tcp__invalid_checksum", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_tcp__memuse", "value": 2475040, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_tcp__midstream_pickups", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_tcp__overlap", "value": 438385, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_tcp__overlap_diff_data", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_tcp__pkt_on_wrong_thread", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_tcp__pseudo", "value": 823992, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_tcp__pseudo_failed", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_tcp__reassembly_gap", "value": 9929, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_tcp__reassembly_memuse", "value": 3697168, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_tcp__rst", "value": 3648542, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_tcp__segment_from_cache", "value": 210507555, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_tcp__segment_from_pool", "value": 25923977, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_tcp__segment_memcap_drop", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_tcp__sessions", "value": 8011963, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_tcp__ssn_from_cache", "value": 6508924, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_tcp__ssn_from_pool", "value": 1503039, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_tcp__ssn_memcap_drop", "value": 0, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_tcp__stream_depth_reached", "value": 19331, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_tcp__syn", "value": 8352528, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_tcp__synack", "value": 7944311, "value_prev": null, "app_type": "suricata" }, { "metric": "totals_uptime", "value": 1877156, "value_prev": null, "app_type": "suricata" } ] } } }