recv_time,log_id,decoded_as,session_id,start_timestamp_ms,end_timestamp_ms,duration_ms,tcp_handshake_latency_ms,processing_time,ingestion_time,insert_time,device_id,out_link_id,in_link_id,data_center,device_group,sled_ip,address_type,direction,vsys_id,t_vsys_id,flags,flags_identify_info,c2s_ttl,s2c_ttl,security_rule_list,security_action,monitor_rule_list,sc_rule_list,statistics_rule_list,sc_rsp_raw,sc_rsp_decrypted,shaping_rule_list,proxy_rule_list,proxy_action,proxy_pinning_status,proxy_intercept_status,proxy_passthrough_reason,proxy_server_side_latency_ms,proxy_client_side_latency_ms,proxy_client_side_version,proxy_server_side_version,proxy_cert_verify,proxy_intercept_error,monitor_mirrored_pkts,monitor_mirrored_bytes,client_ip,client_ip_tags,client_port,client_os_desc,client_geolocation,client_country,client_super_administrative_area,client_administrative_area,client_sub_administrative_area,client_asn,subscriber_id,imei,imsi,apn,phone_number,server_ip,server_ip_tags,server_port,server_os_desc,server_geolocation,server_country,server_super_administrative_area,server_administrative_area,server_sub_administrative_area,server_asn,server_fqdn,server_fqdn_tags,server_domain,app_transition,app,app_category,app_content,app_extra_info,ip_protocol,decoded_path,fqdn_category_list,sent_pkts,received_pkts,sent_bytes,received_bytes,tcp_c2s_ip_fragments,tcp_s2c_ip_fragments,tcp_c2s_lost_bytes,tcp_s2c_lost_bytes,tcp_c2s_o3_pkts,tcp_s2c_o3_pkts,tcp_c2s_rtx_pkts,tcp_s2c_rtx_pkts,tcp_c2s_rtx_bytes,tcp_s2c_rtx_bytes,tcp_rtt_ms,tcp_client_isn,tcp_server_isn,packet_capture_file,in_src_mac,out_src_mac,in_dest_mac,out_dest_mac,encapsulation,dup_traffic_flag,tunnel_id_list,tunnel_endpoint_a_desc,tunnel_endpoint_b_desc,http_url,http_host,http_request_line,http_response_line,http_request_content_length,http_request_content_type,http_response_content_length,http_response_content_type,http_request_body,http_response_body,http_sequence,http_cookie,http_referer,http_user_agent,http_set_cookie,http_version,http_status_code,http_response_latency_ms,http_action_file_size,http_session_duration_ms,mail_protocol_type,mail_account,mail_from_cmd,mail_to_cmd,mail_from,mail_password,mail_to,mail_cc,mail_bcc,mail_subject,mail_subject_charset,mail_attachment_name,mail_attachment_name_charset,mail_eml_file,mail_starttls_flag,dns_message_id,dns_qr,dns_opcode,dns_aa,dns_tc,dns_rd,dns_ra,dns_rcode,dns_qdcount,dns_ancount,dns_nscount,dns_arcount,dns_qname,dns_qtype,dns_qclass,dns_cname,dns_sub,dns_rr,dns_response_latency_ms,ssl_version,ssl_sni,ssl_san,ssl_cn,ssl_handshake_latency_ms,ssl_ja3_hash,ssl_ja3s_hash,ssl_cert_issuer,ssl_cert_subject,ssl_esni_flag,ssl_ech_flag,dtls_cookie,dtls_version,dtls_sni,dtls_san,dtls_cn,dtls_handshake_latency_ms,dtls_ja3_fingerprint,dtls_ja3_hash,dtls_cert_issuer,dtls_cert_subject,quic_version,quic_sni,quic_user_agent,ftp_account,ftp_url,ftp_link_type,sip_call_id,sip_originator_description,sip_responder_description,sip_user_agent,sip_server,sip_originator_sdp_connect_ip,sip_originator_sdp_media_port,sip_originator_sdp_media_type,sip_originator_sdp_content,sip_responder_sdp_connect_ip,sip_responder_sdp_media_port,sip_responder_sdp_media_type,sip_responder_sdp_content,sip_duration_s,sip_bye,sip_bye_reason,rtp_payload_type_c2s,rtp_payload_type_s2c,rtp_pcap_path,rtp_originator_dir,ssh_version,ssh_auth_success,ssh_client_version,ssh_server_version,ssh_cipher_alg,ssh_mac_alg,ssh_compression_alg,ssh_kex_alg,ssh_host_key_alg,ssh_host_key,ssh_hassh,stratum_cryptocurrency,stratum_mining_pools,stratum_mining_program,stratum_mining_subscribe,rdp_cookie,rdp_security_protocol,rdp_client_channels,rdp_keyboard_layout,rdp_client_version,rdp_client_name,rdp_client_product_id,rdp_desktop_width,rdp_desktop_height,rdp_requested_color_depth,rdp_certificate_type,rdp_certificate_count,rdp_certificate_permanent,rdp_encryption_level,rdp_encryption_method
2024-09-30T16:23:17+08:00,577305957139742720,BASE,291066593052457913,2024-09-30T16:20:15.778+08:00,2024-09-30T16:21:17.790+08:00,62012,,2024-09-30T16:23:17+08:00,2024-09-30T16:23:17+08:00,2024-09-30T16:23:42+08:00,9800165603191146,29,29,XXG-TSG-BJ,XXG-TSG-BJ,192.168.40.62,4,Outbound,1,1,57544,"[1,1171,141,1,2,618]",127,51,,,,【Don't disable】Service Chain_Mirror,Doufenghu Traffic Statistics Test;0906 statistics,[2002],,,,,,,,,,,,,,,,192.168.58.54,,56122,Unknown,,,,,,,,,,,,162.159.198.1,[Country Code:US],1701,Unknown,,US,,,,,,,,quic.http3.cloudflare.warp-masque,warp-masque,networking,unknown,,udp,ETHERNET.IPv4.UDP,,624,772,285692,176069,0,0,,,,,,,,,,,,,58:b3:8f:fa:3b:11,48:73:97:96:38:27,48:73:97:96:38:27,58:b3:8f:fa:3b:11,"[{""tunnels_schema_type"":""MULTIPATH_ETHERNET"",""c2s_source_mac"":""48:73:97:96:38:27"",""c2s_destination_mac"":""58:b3:8f:fa:3b:11"",""s2c_source_mac"":""58:b3:8f:fa:3b:11"",""s2c_destination_mac"":""48:73:97:96:38:27""}]",0,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,