plaso-rubanetra/test_data/firewall.log

20 lines
1.5 KiB
Plaintext
Raw Normal View History

2020-04-06 16:48:34 +00:00
#Version: 1.5
#Software: Microsoft Windows Firewall
#Time Format: Local
#Fields: date time action protocol src-ip dst-ip src-port dst-port size tcpflags tcpsyn tcpack tcpwin icmptype icmpcode info path
2005-04-11 08:05:57 DROP UDP 123.45.78.90 123.156.78.255 137 137 78 - - - - - - - RECEIVE
2005-04-11 08:05:57 DROP UDP 123.45.78.90 255.255.255.255 1631 2234 37 - - - - - - - RECEIVE
2005-04-11 08:05:58 OPEN UDP 123.45.78.90 123.156.78.90 500 500 - - - - - - - - -
2005-04-11 08:05:58 DROP UDP 123.45.78.90 123.156.78.255 138 138 299 - - - - - - - RECEIVE
2005-04-11 08:06:02 CLOSE UDP 123.45.78.90 123.156.78.90 1027 53 - - - - - - - - -
2005-04-11 08:06:02 CLOSE UDP 123.45.78.90 123.156.78.90 137 137 - - - - - - - - -
2005-04-11 08:06:05 DROP UDP 0.0.0.0 255.255.255.255 68 67 328 - - - - - - - RECEIVE
2005-04-11 08:06:26 DROP TCP 123.45.78.90 123.156.78.90 80 1774 576 A 123456789 987654321 12345 - - - RECEIVE
2005-04-11 08:06:27 DROP TCP 123.45.78.90 123.156.78.90 80 1774 576 AP 123456789 987654321 12345 - - - RECEIVE
2005-04-11 08:08:58 DROP ICMP 123.45.78.90 123.156.78.90 7 7 78 - - - - 8 0 - RECEIVE
2005-04-11 08:09:29 OPEN TCP 123.45.78.90 123.156.78.90 1606 445 - - - - - - - - -
2005-04-11 08:09:30 CLOSE TCP 123.45.78.90 123.156.78.90 1607 139 - - - - - - - - -
2005-04-11 08:48:46 DROP TCP 123.45.78.90 123.156.78.90 80 1693 40 A 2351482979 694744025 64675 - - - RECEIVE
2005-04-11 08:48:46 DROP TCP 123.45.78.90 123.156.78.90 80 1693 40 FA 2351482979 694744025 64675 - - - RECEIVE
2005-04-11 08:52:26 INFO-EVENTS-LOST - - - - - - - - - - - - 59 -