パケットの統計情報は以下のようなフォーマットとなります。
{
"timestamp": "1498543774579",
"payloads": {
"traffic.statistics": {
"pkt.len_64_128": 13,
"pkt.len_min64": 527,
"max.pkt.size": 1358,
"fragmented.pkts": 0,
"pppoe.pkts": 0,
"avg.pkt.size": 125,
"unique.flows": 131,
"tcp.pkts": 482,
"pkt.len_128_256": 10,
"pkt.len_256_1024": 9,
"pkt.len_1024_1500": 2,
"pkt.len_grt1500": 0,
"guessed.flow.protos": 68,
"ip.bytes": 70355,
"total.packets": 561,
"ip.packets": 561,
"discarded.bytes": 0,
"ethernet.bytes": 83819,
"udp.pkts": 78,
"vlan.pkts": 0,
"mpls.pkts": 0
},
"detected.protos": [
{
"name": "DNS",
"breed": "Acceptable",
"packets": 16,
"bytes": 3685,
"flows": 8
},
{
"name": "HTTP",
"breed": "Acceptable",
"packets": 90,
"bytes": 10260,
"flows": 10
},
{
"name": "SSL",
"breed": "Safe",
"packets": 99,
"bytes": 11258,
"flows": 15
},
{
"name": "Slack",
"breed": "Acceptable",
"packets": 8,
"bytes": 1584,
"flows": 4
},
{
"name": "Facebook",
"breed": "Fun",
"packets": 3,
"bytes": 386,
"flows": 2
},
{
"name": "Dropbox",
"breed": "Acceptable",
"packets": 21,
"bytes": 2426,
"flows": 6
},
{
"name": "Skype",
"breed": "Acceptable",
"packets": 2,
"bytes": 232,
"flows": 1
},
{
"name": "Google",
"breed": "Acceptable",
"packets": 69,
"bytes": 11043,
"flows": 24
},
{
"name": "Apple",
"breed": "Acceptable",
"packets": 98,
"bytes": 12065,
"flows": 29
},
{
"name": "Amazon",
"breed": "Acceptable",
"packets": 63,
"bytes": 7636,
"flows": 23
}
],
"known.flows": [],
"@timestamp": "20170627T060934Z"
},
"opeartorId": "OP00XXXXXXXX",
"destination": {
"resourceUrl": "https://kinesis.ap-northeast.amazonaws.com/stream",
"service": "kinesis",
"provider": "aws"
},
"sourceProtocol": "null",
"credentialsId": "my-aws-credentials"
}