Application Protocol Level Attack - Active Clients (10190 / 20198)
Key
Field Description
Comments
NFO timestamp
Format: Mmm dd hh:mm:ss
NFO server IP address
Format: IPv4_address
NFO server NetFlow source ID
Configurable.
nfc_id
Message type identifier
“nfc_id=20198”
exp_ip
Network device (exporter) IP address
<IPv4_address>
dest_ip
Monitored server IP address
<IPv4_address>
dest_port
Monitored server port number
<number>
protocol
Transport Protocol (TCP = 6, UDP = 17)
<number>
src_ip
Client IPv4 address
<IPv4_address>
[src_host]
Host name of an active client
<string>
[src_cc]
Country code of an active client
<string>
percent_of_total
Percent of total connections to the server made by the client during the observation interval
<decimal>, e.g. 25.444% is 25.444
t_int
Observation time interval, msec
<number>
Last modified 2yr ago
Copy link