Skip to main content
Version: 2.11.1

TCP/IP Vulnerability (10190 / 20194)

KeyField DescriptionComments
NFO timestampFormat: Mmm dd hh:mm:ss
NFO server IP addressFormat: IPv4_address
NFO server NetFlow source IDConfigurable.
nfc_idMessage type identifier“nfc_id=20194”
exp_ipNetwork device (exporter) IP address<IPv4 address>
event_typebegin | cont | endThe attack current state
t_eventNFO time of event<number>, unix sec. NFO time at the end of the time interval when the event was identified.
t_reportNFO time of report<number>, unix sec. NFO time to which this message pertains
flood_typeFlood type<string>, “SYN”, “SYN-ACK”,”ACK”,”PSH”,”FIN/RST”
confidenceConfidence score<number>, A value >= 90 indicating confidence in the event detection
trendTrend<string>, increasing, steady, abating
t_intObservation time interval, msec<number>