geedge-jira/attachment/63193/session_record.csv

recv_time,log_id,decoded_as,session_id,start_timestamp_ms,end_timestamp_ms,duration_ms,tcp_handshake_latency_ms,processing_time,ingestion_time,insert_time,device_id,out_link_id,in_link_id,data_center,device_group,sled_ip,address_type,direction,vsys_id,t_vsys_id,flags,flags_identify_info,security_rule_list,security_action,monitor_rule_list,sc_rule_list,statistics_rule_list,sc_rsp_raw,sc_rsp_decrypted,shaping_rule_list,proxy_rule_list,proxy_action,proxy_pinning_status,proxy_intercept_status,proxy_passthrough_reason,proxy_server_side_latency_ms,proxy_client_side_latency_ms,proxy_client_side_version,proxy_server_side_version,proxy_cert_verify,proxy_intercept_error,monitor_mirrored_pkts,monitor_mirrored_bytes,client_ip,client_port,client_os_desc,client_geolocation,client_asn,subscriber_id,imei,imsi,apn,phone_number,server_ip,server_port,server_os_desc,server_geolocation,server_asn,server_fqdn,server_domain,app_transition,app,app_content,ip_protocol,decoded_path,fqdn_category_list,sent_pkts,received_pkts,sent_bytes,received_bytes,tcp_c2s_ip_fragments,tcp_s2c_ip_fragments,tcp_c2s_lost_bytes,tcp_s2c_lost_bytes,tcp_c2s_o3_pkts,tcp_s2c_o3_pkts,tcp_c2s_rtx_pkts,tcp_s2c_rtx_pkts,tcp_c2s_rtx_bytes,tcp_s2c_rtx_bytes,tcp_rtt_ms,tcp_client_isn,tcp_server_isn,packet_capture_file,in_src_mac,out_src_mac,in_dest_mac,out_dest_mac,encapsulation,dup_traffic_flag,tunnel_endpoint_a_desc,tunnel_endpoint_b_desc,http_url,http_host,http_request_line,http_response_line,http_request_content_length,http_request_content_type,http_response_content_length,http_response_content_type,http_request_body,http_response_body,http_sequence,http_cookie,http_referer,http_user_agent,http_set_cookie,http_version,http_status_code,http_response_latency_ms,http_action_file_size,http_session_duration_ms,mail_protocol_type,mail_account,mail_from_cmd,mail_to_cmd,mail_from,mail_password,mail_to,mail_cc,mail_bcc,mail_subject,mail_subject_charset,mail_attachment_name,mail_attachment_name_charset,mail_eml_file,mail_starttls_flag,dns_message_id,dns_qr,dns_opcode,dns_aa,dns_tc,dns_rd,dns_ra,dns_rcode,dns_qdcount,dns_ancount,dns_nscount,dns_arcount,dns_qname,dns_qtype,dns_qclass,dns_cname,dns_sub,dns_rr,dns_response_latency_ms,ssl_version,ssl_sni,ssl_san,ssl_cn,ssl_handshake_latency_ms,ssl_ja3_hash,ssl_ja3s_hash,ssl_cert_issuer,ssl_cert_subject,ssl_esni_flag,ssl_ech_flag,dtls_cookie,dtls_version,dtls_sni,dtls_san,dtls_cn,dtls_handshake_latency_ms,dtls_ja3_fingerprint,dtls_ja3_hash,dtls_cert_issuer,dtls_cert_subject,quic_version,quic_sni,quic_user_agent,ftp_account,ftp_url,ftp_link_type,sip_call_id,sip_originator_description,sip_responder_description,sip_user_agent,sip_server,sip_originator_sdp_connect_ip,sip_originator_sdp_media_port,sip_originator_sdp_media_type,sip_originator_sdp_content,sip_responder_sdp_connect_ip,sip_responder_sdp_media_port,sip_responder_sdp_media_type,sip_responder_sdp_content,sip_duration_s,sip_bye,rtp_payload_type_c2s,rtp_payload_type_s2c,rtp_pcap_path,rtp_originator_dir,ssh_version,ssh_auth_success,ssh_client_version,ssh_server_version,ssh_cipher_alg,ssh_mac_alg,ssh_compression_alg,ssh_kex_alg,ssh_host_key_alg,ssh_host_key,ssh_hassh,stratum_cryptocurrency,stratum_mining_pools,stratum_mining_program,stratum_mining_subscribe,rdp_cookie,rdp_security_protocol,rdp_client_channels,rdp_keyboard_layout,rdp_client_version,rdp_client_name,rdp_client_product_id,rdp_desktop_width,rdp_desktop_height,rdp_requested_color_depth,rdp_certificate_type,rdp_certificate_count,rdp_certificate_permanent,rdp_encryption_level,rdp_encryption_method
2024-09-20T13:56:58+08:00,562663088076619776,BASE,290793884625329815,2024-09-20T13:53:41.035+08:00,2024-09-20T13:55:57.894+08:00,136859,,2024-09-20T13:56:54+08:00,2024-09-20T13:56:58+08:00,2024-09-20T13:57:08+08:00,21426003,65535,65535,,,192.168.40.84,4,Inbound,1,1,57616,"[1,101,12,1,218]",,,,,,,,,,,,,,,,,,,,,,209.14.68.75,59002,unknown,Brazil.Sao Paulo.Barueri..,268581,,,,,,192.168.54.220,43034,unknown,,,,,QuarkVPN_Patch01.QuarkVPN_Patch04,QuarkVPN_Patch04,,udp,ETHERNET.IPv4.UDP,,1972,1605,2690961,208178,0,0,,,,,,,,,,,,,58:b3:8f:fa:3b:11,48:73:97:96:38:27,48:73:97:96:38:27,58:b3:8f:fa:3b:11,"[{""tunnels_schema_type"":""MULTIPATH_ETHERNET"",""c2s_source_mac"":""58:b3:8f:fa:3b:11"",""c2s_destination_mac"":""48:73:97:96:38:27"",""s2c_source_mac"":""48:73:97:96:38:27"",""s2c_destination_mac"":""58:b3:8f:fa:3b:11""}]",0,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
2024-09-20T13:53:45+08:00,562659857103585280,BASE,290565186204415259,2024-09-20T13:52:30.992+08:00,2024-09-20T13:52:45.469+08:00,14477,,2024-09-20T13:53:42+08:00,2024-09-20T13:53:45+08:00,2024-09-20T13:54:08+08:00,21426003,65535,65535,,,192.168.40.84,4,Inbound,1,1,24848,"[1,101,5,1]",,,,,,,,,,,,,,,,,,,,,,50.7.59.4,59001,unknown,Hong Kong.Unknown.Kai Yi Wan..,30058,,,,,,192.168.54.220,49256,unknown,,,,,QuarkVPN_Patch01.QuarkVPN_Patch04,QuarkVPN_Patch04,,udp,ETHERNET.IPv4.UDP,,1974,964,2762150,128166,0,0,,,,,,,,,,,,,58:b3:8f:fa:3b:11,48:73:97:96:38:27,48:73:97:96:38:27,58:b3:8f:fa:3b:11,"[{""tunnels_schema_type"":""MULTIPATH_ETHERNET"",""c2s_source_mac"":""58:b3:8f:fa:3b:11"",""c2s_destination_mac"":""48:73:97:96:38:27"",""s2c_source_mac"":""48:73:97:96:38:27"",""s2c_destination_mac"":""58:b3:8f:fa:3b:11""}]",0,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
2024-09-20T13:44:34+08:00,562650614501736448,BASE,290723515858551837,2024-09-20T13:42:12.244+08:00,2024-09-20T13:43:34.490+08:00,82246,,2024-09-20T13:44:31+08:00,2024-09-20T13:44:34+08:00,2024-09-20T13:44:37+08:00,21426003,65535,65535,,,192.168.40.84,4,Inbound,1,1,24784,"[1,382,209,4,1]",,,,,,,,,,,,,,,,,,,,,,50.7.59.4,59001,unknown,Hong Kong.Unknown.Kai Yi Wan..,30058,,,,,,192.168.54.220,50149,unknown,,,,,QuarkVPN_Patch01.QuarkVPN_Patch04,QuarkVPN_Patch04,,udp,ETHERNET.IPv4.UDP,,1611,1352,2125736,194484,0,0,,,,,,,,,,,,,58:b3:8f:fa:3b:11,48:73:97:96:38:27,48:73:97:96:38:27,58:b3:8f:fa:3b:11,"[{""tunnels_schema_type"":""MULTIPATH_ETHERNET"",""c2s_source_mac"":""58:b3:8f:fa:3b:11"",""c2s_destination_mac"":""48:73:97:96:38:27"",""s2c_source_mac"":""48:73:97:96:38:27"",""s2c_destination_mac"":""58:b3:8f:fa:3b:11""}]",0,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
add attachments 2025-09-14 22:00:20 +00:00			recv_time,log_id,decoded_as,session_id,start_timestamp_ms,end_timestamp_ms,duration_ms,tcp_handshake_latency_ms,processing_time,ingestion_time,insert_time,device_id,out_link_id,in_link_id,data_center,device_group,sled_ip,address_type,direction,vsys_id,t_vsys_id,flags,flags_identify_info,security_rule_list,security_action,monitor_rule_list,sc_rule_list,statistics_rule_list,sc_rsp_raw,sc_rsp_decrypted,shaping_rule_list,proxy_rule_list,proxy_action,proxy_pinning_status,proxy_intercept_status,proxy_passthrough_reason,proxy_server_side_latency_ms,proxy_client_side_latency_ms,proxy_client_side_version,proxy_server_side_version,proxy_cert_verify,proxy_intercept_error,monitor_mirrored_pkts,monitor_mirrored_bytes,client_ip,client_port,client_os_desc,client_geolocation,client_asn,subscriber_id,imei,imsi,apn,phone_number,server_ip,server_port,server_os_desc,server_geolocation,server_asn,server_fqdn,server_domain,app_transition,app,app_content,ip_protocol,decoded_path,fqdn_category_list,sent_pkts,received_pkts,sent_bytes,received_bytes,tcp_c2s_ip_fragments,tcp_s2c_ip_fragments,tcp_c2s_lost_bytes,tcp_s2c_lost_bytes,tcp_c2s_o3_pkts,tcp_s2c_o3_pkts,tcp_c2s_rtx_pkts,tcp_s2c_rtx_pkts,tcp_c2s_rtx_bytes,tcp_s2c_rtx_bytes,tcp_rtt_ms,tcp_client_isn,tcp_server_isn,packet_capture_file,in_src_mac,out_src_mac,in_dest_mac,out_dest_mac,encapsulation,dup_traffic_flag,tunnel_endpoint_a_desc,tunnel_endpoint_b_desc,http_url,http_host,http_request_line,http_response_line,http_request_content_length,http_request_content_type,http_response_content_length,http_response_content_type,http_request_body,http_response_body,http_sequence,http_cookie,http_referer,http_user_agent,http_set_cookie,http_version,http_status_code,http_response_latency_ms,http_action_file_size,http_session_duration_ms,mail_protocol_type,mail_account,mail_from_cmd,mail_to_cmd,mail_from,mail_password,mail_to,mail_cc,mail_bcc,mail_subject,mail_subject_charset,mail_attachment_name,mail_attachment_name_charset,mail_eml_file,mail_starttls_flag,dns_message_id,dns_qr,dns_opcode,dns_aa,dns_tc,dns_rd,dns_ra,dns_rcode,dns_qdcount,dns_ancount,dns_nscount,dns_arcount,dns_qname,dns_qtype,dns_qclass,dns_cname,dns_sub,dns_rr,dns_response_latency_ms,ssl_version,ssl_sni,ssl_san,ssl_cn,ssl_handshake_latency_ms,ssl_ja3_hash,ssl_ja3s_hash,ssl_cert_issuer,ssl_cert_subject,ssl_esni_flag,ssl_ech_flag,dtls_cookie,dtls_version,dtls_sni,dtls_san,dtls_cn,dtls_handshake_latency_ms,dtls_ja3_fingerprint,dtls_ja3_hash,dtls_cert_issuer,dtls_cert_subject,quic_version,quic_sni,quic_user_agent,ftp_account,ftp_url,ftp_link_type,sip_call_id,sip_originator_description,sip_responder_description,sip_user_agent,sip_server,sip_originator_sdp_connect_ip,sip_originator_sdp_media_port,sip_originator_sdp_media_type,sip_originator_sdp_content,sip_responder_sdp_connect_ip,sip_responder_sdp_media_port,sip_responder_sdp_media_type,sip_responder_sdp_content,sip_duration_s,sip_bye,rtp_payload_type_c2s,rtp_payload_type_s2c,rtp_pcap_path,rtp_originator_dir,ssh_version,ssh_auth_success,ssh_client_version,ssh_server_version,ssh_cipher_alg,ssh_mac_alg,ssh_compression_alg,ssh_kex_alg,ssh_host_key_alg,ssh_host_key,ssh_hassh,stratum_cryptocurrency,stratum_mining_pools,stratum_mining_program,stratum_mining_subscribe,rdp_cookie,rdp_security_protocol,rdp_client_channels,rdp_keyboard_layout,rdp_client_version,rdp_client_name,rdp_client_product_id,rdp_desktop_width,rdp_desktop_height,rdp_requested_color_depth,rdp_certificate_type,rdp_certificate_count,rdp_certificate_permanent,rdp_encryption_level,rdp_encryption_method
			2024-09-20T13:56:58+08:00,562663088076619776,BASE,290793884625329815,2024-09-20T13:53:41.035+08:00,2024-09-20T13:55:57.894+08:00,136859,,2024-09-20T13:56:54+08:00,2024-09-20T13:56:58+08:00,2024-09-20T13:57:08+08:00,21426003,65535,65535,,,192.168.40.84,4,Inbound,1,1,57616,"[1,101,12,1,218]",,,,,,,,,,,,,,,,,,,,,,209.14.68.75,59002,unknown,Brazil.Sao Paulo.Barueri..,268581,,,,,,192.168.54.220,43034,unknown,,,,,QuarkVPN_Patch01.QuarkVPN_Patch04,QuarkVPN_Patch04,,udp,ETHERNET.IPv4.UDP,,1972,1605,2690961,208178,0,0,,,,,,,,,,,,,58:b3:8f:fa:3b:11,48:73:97:96:38:27,48:73:97:96:38:27,58:b3:8f:fa:3b:11,"[{""tunnels_schema_type"":""MULTIPATH_ETHERNET"",""c2s_source_mac"":""58:b3:8f:fa:3b:11"",""c2s_destination_mac"":""48:73:97:96:38:27"",""s2c_source_mac"":""48:73:97:96:38:27"",""s2c_destination_mac"":""58:b3:8f:fa:3b:11""}]",0,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
			2024-09-20T13:53:45+08:00,562659857103585280,BASE,290565186204415259,2024-09-20T13:52:30.992+08:00,2024-09-20T13:52:45.469+08:00,14477,,2024-09-20T13:53:42+08:00,2024-09-20T13:53:45+08:00,2024-09-20T13:54:08+08:00,21426003,65535,65535,,,192.168.40.84,4,Inbound,1,1,24848,"[1,101,5,1]",,,,,,,,,,,,,,,,,,,,,,50.7.59.4,59001,unknown,Hong Kong.Unknown.Kai Yi Wan..,30058,,,,,,192.168.54.220,49256,unknown,,,,,QuarkVPN_Patch01.QuarkVPN_Patch04,QuarkVPN_Patch04,,udp,ETHERNET.IPv4.UDP,,1974,964,2762150,128166,0,0,,,,,,,,,,,,,58:b3:8f:fa:3b:11,48:73:97:96:38:27,48:73:97:96:38:27,58:b3:8f:fa:3b:11,"[{""tunnels_schema_type"":""MULTIPATH_ETHERNET"",""c2s_source_mac"":""58:b3:8f:fa:3b:11"",""c2s_destination_mac"":""48:73:97:96:38:27"",""s2c_source_mac"":""48:73:97:96:38:27"",""s2c_destination_mac"":""58:b3:8f:fa:3b:11""}]",0,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
			2024-09-20T13:44:34+08:00,562650614501736448,BASE,290723515858551837,2024-09-20T13:42:12.244+08:00,2024-09-20T13:43:34.490+08:00,82246,,2024-09-20T13:44:31+08:00,2024-09-20T13:44:34+08:00,2024-09-20T13:44:37+08:00,21426003,65535,65535,,,192.168.40.84,4,Inbound,1,1,24784,"[1,382,209,4,1]",,,,,,,,,,,,,,,,,,,,,,50.7.59.4,59001,unknown,Hong Kong.Unknown.Kai Yi Wan..,30058,,,,,,192.168.54.220,50149,unknown,,,,,QuarkVPN_Patch01.QuarkVPN_Patch04,QuarkVPN_Patch04,,udp,ETHERNET.IPv4.UDP,,1611,1352,2125736,194484,0,0,,,,,,,,,,,,,58:b3:8f:fa:3b:11,48:73:97:96:38:27,48:73:97:96:38:27,58:b3:8f:fa:3b:11,"[{""tunnels_schema_type"":""MULTIPATH_ETHERNET"",""c2s_source_mac"":""58:b3:8f:fa:3b:11"",""c2s_destination_mac"":""48:73:97:96:38:27"",""s2c_source_mac"":""48:73:97:96:38:27"",""s2c_destination_mac"":""58:b3:8f:fa:3b:11""}]",0,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,