941 lines
19 KiB
JSON
941 lines
19 KiB
JSON
{
|
|
"type": "record",
|
|
"name": "sys_packet_capture_event",
|
|
"namespace": "tsg_galaxy_v3",
|
|
"doc": {
|
|
"primary_key": "common_log_id",
|
|
"partition_key": "common_recv_time",
|
|
"index_key": [
|
|
"common_log_id",
|
|
"common_recv_time",
|
|
"common_policy_id"
|
|
]
|
|
},
|
|
"fields": [
|
|
{
|
|
"name": "common_recv_time",
|
|
"type": "long",
|
|
"doc": {
|
|
"constraints": {
|
|
"type": "timestamp"
|
|
},
|
|
"format": {
|
|
"functions": "current_timestamp"
|
|
},
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Receive Time"
|
|
},
|
|
{
|
|
"name": "common_log_id",
|
|
"type": "long",
|
|
"doc": {
|
|
"format": {
|
|
"functions": "snowflake_id"
|
|
},
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Log ID"
|
|
},
|
|
{
|
|
"name": "common_policy_id",
|
|
"type": "long",
|
|
"doc": {
|
|
"visibility": "hidden"
|
|
},
|
|
"label": "Policy ID"
|
|
},
|
|
{
|
|
"name": "common_subscriber_id",
|
|
"type": "string",
|
|
"doc": {
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Subscriber ID"
|
|
},
|
|
{
|
|
"name": "common_imei",
|
|
"type": "string",
|
|
"doc": {
|
|
"visibility": "disabled"
|
|
},
|
|
"label": "IMEI"
|
|
},
|
|
{
|
|
"name": "common_imsi",
|
|
"type": "string",
|
|
"doc": {
|
|
"visibility": "disabled"
|
|
},
|
|
"label": "IMSI"
|
|
},
|
|
{
|
|
"name": "common_phone_number",
|
|
"type": "string",
|
|
"doc": {
|
|
"visibility": "disabled"
|
|
},
|
|
"label": "Phone Number"
|
|
},
|
|
{
|
|
"name": "common_client_ip",
|
|
"type": "string",
|
|
"doc": {
|
|
"constraints": {
|
|
"type": "ip"
|
|
},
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Client IP"
|
|
},
|
|
{
|
|
"name": "common_internal_ip",
|
|
"type": "string",
|
|
"doc": {
|
|
"constraints": {
|
|
"type": "ip"
|
|
},
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Internal IP"
|
|
},
|
|
{
|
|
"name": "common_client_port",
|
|
"type": "int",
|
|
"doc": {
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Client Port"
|
|
},
|
|
{
|
|
"name": "common_l4_protocol",
|
|
"type": "string",
|
|
"doc": {
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "L4 Protocol"
|
|
},
|
|
{
|
|
"name": "common_address_type",
|
|
"type": "int",
|
|
"doc": {
|
|
"data": [
|
|
{
|
|
"code": "4",
|
|
"value": "ipv4"
|
|
},
|
|
{
|
|
"code": "6",
|
|
"value": "ipv6"
|
|
}
|
|
],
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Address Type"
|
|
},
|
|
{
|
|
"name": "common_server_ip",
|
|
"type": "string",
|
|
"doc": {
|
|
"constraints": {
|
|
"type": "ip"
|
|
},
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Server IP"
|
|
},
|
|
{
|
|
"name": "common_server_port",
|
|
"type": "int",
|
|
"doc": {
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Server Port"
|
|
},
|
|
{
|
|
"name": "common_external_ip",
|
|
"type": "string",
|
|
"doc": {
|
|
"constraints": {
|
|
"type": "ip"
|
|
},
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "External IP"
|
|
},
|
|
{
|
|
"name": "common_action",
|
|
"type": "int",
|
|
"doc": {
|
|
"data": [
|
|
{
|
|
"code": "0",
|
|
"value": "None"
|
|
},
|
|
{
|
|
"code": "1",
|
|
"value": "Monitor"
|
|
},
|
|
{
|
|
"code": "2",
|
|
"value": "Intercept"
|
|
},
|
|
{
|
|
"code": "16",
|
|
"value": "Deny"
|
|
},
|
|
{
|
|
"code": "128",
|
|
"value": "Allow"
|
|
}
|
|
],
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Action"
|
|
},
|
|
{
|
|
"name": "common_direction",
|
|
"type": "int",
|
|
"doc": {
|
|
"data": [
|
|
{
|
|
"code": "69",
|
|
"value": "outbound"
|
|
},
|
|
{
|
|
"code": "73",
|
|
"value": "inbound"
|
|
}
|
|
],
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Direction"
|
|
},
|
|
{
|
|
"name": "common_entrance_id",
|
|
"type": "int",
|
|
"doc": {
|
|
"visibility": "disabled"
|
|
},
|
|
"label": "Entrance ID"
|
|
},
|
|
{
|
|
"name": "common_sled_ip",
|
|
"type": "string",
|
|
"doc": {
|
|
"constraints": {
|
|
"type": "ip"
|
|
},
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Sled IP"
|
|
},
|
|
{
|
|
"name": "common_client_location",
|
|
"type": "string",
|
|
"doc": {
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Client Location"
|
|
},
|
|
{
|
|
"name": "common_client_asn",
|
|
"type": "string",
|
|
"doc": {
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Client ASN"
|
|
},
|
|
{
|
|
"name": "common_server_location",
|
|
"type": "string",
|
|
"doc": {
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Server Location"
|
|
},
|
|
{
|
|
"name": "common_server_asn",
|
|
"type": "string",
|
|
"doc": {
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Server ASN"
|
|
},
|
|
{
|
|
"name": "common_sessions",
|
|
"type": "long",
|
|
"doc": {
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Sessions"
|
|
},
|
|
{
|
|
"name": "common_c2s_pkt_num",
|
|
"type": "long",
|
|
"doc": {
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Packets Sent"
|
|
},
|
|
{
|
|
"name": "common_s2c_pkt_num",
|
|
"type": "long",
|
|
"doc": {
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Packets Received"
|
|
},
|
|
{
|
|
"name": "common_c2s_byte_num",
|
|
"type": "long",
|
|
"doc": {
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Bytes Sent"
|
|
},
|
|
{
|
|
"name": "common_s2c_byte_num",
|
|
"type": "long",
|
|
"doc": {
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Bytes Received"
|
|
},
|
|
{
|
|
"name": "common_c2s_pkt_diff",
|
|
"label": "Packets Sent (Delta)",
|
|
"doc": {
|
|
"visibility": "hidden"
|
|
},
|
|
"type": "long"
|
|
},
|
|
{
|
|
"name": "common_s2c_pkt_diff",
|
|
"label": "Packets Received (Delta)",
|
|
"doc": {
|
|
"visibility": "hidden"
|
|
},
|
|
"type": "long"
|
|
},
|
|
{
|
|
"name": "common_c2s_byte_diff",
|
|
"label": "Bytes Sent (Delta)",
|
|
"doc": {
|
|
"visibility": "hidden"
|
|
},
|
|
"type": "long"
|
|
},
|
|
{
|
|
"name": "common_s2c_byte_diff",
|
|
"label": "Bytes Received (Delta)",
|
|
"doc": {
|
|
"visibility": "hidden"
|
|
},
|
|
"type": "long"
|
|
},
|
|
{
|
|
"name": "common_service",
|
|
"type": "int",
|
|
"doc": {
|
|
"visibility": "disabled"
|
|
},
|
|
"label": "Service"
|
|
},
|
|
{
|
|
"name": "common_schema_type",
|
|
"type": "string",
|
|
"doc": {
|
|
"data": [
|
|
{
|
|
"code": "BASE",
|
|
"value": "BASE"
|
|
},
|
|
{
|
|
"code": "HTTP",
|
|
"value": "HTTP"
|
|
},
|
|
{
|
|
"code": "MAIL",
|
|
"value": "MAIL"
|
|
},
|
|
{
|
|
"code": "DNS",
|
|
"value": "DNS"
|
|
},
|
|
{
|
|
"code": "SSL",
|
|
"value": "SSL"
|
|
},
|
|
{
|
|
"code": "FTP",
|
|
"value": "FTP"
|
|
}
|
|
],
|
|
"visibility": "hidden"
|
|
},
|
|
"label": "Schema Type"
|
|
},
|
|
{
|
|
"name": "common_user_tags",
|
|
"type": "string",
|
|
"doc": {
|
|
"visibility": "disabled"
|
|
},
|
|
"label": "User Tags"
|
|
},
|
|
{
|
|
"name": "common_sub_action",
|
|
"type": "string",
|
|
"doc": {
|
|
"data": [
|
|
{
|
|
"code": "allow",
|
|
"value": "Allow"
|
|
},
|
|
{
|
|
"code": "deny",
|
|
"value": "Deny"
|
|
},
|
|
{
|
|
"code": "monitor",
|
|
"value": "Monitor"
|
|
},
|
|
{
|
|
"code": "replace",
|
|
"value": "Replace"
|
|
},
|
|
{
|
|
"code": "redirect",
|
|
"value": "Redirect"
|
|
},
|
|
{
|
|
"code": "insert",
|
|
"value": "Insert"
|
|
},
|
|
{
|
|
"code": "hijack",
|
|
"value": "Hijack"
|
|
}
|
|
],
|
|
"visibility": "hidden"
|
|
},
|
|
"label": "Sub Action"
|
|
},
|
|
{
|
|
"name": "common_user_region",
|
|
"type": "string",
|
|
"doc": {
|
|
"visibility": "hidden"
|
|
},
|
|
"label": "User Region"
|
|
},
|
|
{
|
|
"name": "common_device_id",
|
|
"type": "string",
|
|
"doc": {
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Device ID"
|
|
},
|
|
{
|
|
"name": "common_egress_link_id",
|
|
"label": "Egress Link ID",
|
|
"doc": {
|
|
"visibility": "hidden"
|
|
},
|
|
"type": "int"
|
|
},
|
|
{
|
|
"name": "common_ingress_link_id",
|
|
"label": "Ingress Link ID",
|
|
"doc": {
|
|
"visibility": "hidden"
|
|
},
|
|
"type": "int"
|
|
},
|
|
{
|
|
"name": "common_isp",
|
|
"type": "string",
|
|
"doc": {
|
|
"visibility": "disabled"
|
|
},
|
|
"label": "ISP"
|
|
},
|
|
{
|
|
"name": "common_device_tag",
|
|
"type": "string",
|
|
"doc": {
|
|
"visibility": "hidden",
|
|
"format": {
|
|
"functions": "flattenSpec,flattenSpec",
|
|
"appendTo": "common_data_center,common_device_group",
|
|
"param": "$.tags[?(@.tag=='data_center')].value,$.tags[?(@.tag=='device_group')].value"
|
|
}
|
|
},
|
|
"label": "Device Tag"
|
|
},
|
|
{
|
|
"name": "common_data_center",
|
|
"label": "Data Center",
|
|
"doc": {
|
|
"constraints": {
|
|
"operator_functions": "=,!="
|
|
},
|
|
"data": {
|
|
"$ref": "device_tag.json#",
|
|
"key": "$[?(@.tagType=='data_center')].subTags.[?(@.tagType=='data_center')]['tagValue']",
|
|
"value": "$[?(@.tagType=='data_center')].subTags.[?(@.tagType=='data_center')]['tagName']"
|
|
},
|
|
"visibility": "enabled"
|
|
},
|
|
"type": "string"
|
|
},
|
|
{
|
|
"name": "common_device_group",
|
|
"label": "Device Group",
|
|
"doc": {
|
|
"constraints": {
|
|
"operator_functions": "=,!="
|
|
},
|
|
"data": {
|
|
"$ref": "device_tag.json#",
|
|
"key": "$[?(@.tagType=='device_group')].subTags.[?(@.tagType=='device_group')]['tagValue']",
|
|
"value": "$[?(@.tagType=='device_group')].subTags.[?(@.tagType=='device_group')]['tagName']"
|
|
},
|
|
"visibility": "enabled"
|
|
},
|
|
"type": "string"
|
|
},
|
|
{
|
|
"name": "common_app_behavior",
|
|
"label": "Application Behavior",
|
|
"doc": {
|
|
"visibility": "hidden"
|
|
},
|
|
"type": "string"
|
|
},
|
|
{
|
|
"name": "common_encapsulation",
|
|
"type": "int",
|
|
"doc": {
|
|
"data": [
|
|
{
|
|
"code": "0",
|
|
"value": "Ethernet"
|
|
},
|
|
{
|
|
"code": "8",
|
|
"value": "PPP"
|
|
},
|
|
{
|
|
"code": "12",
|
|
"value": "CiscoHDLC"
|
|
}
|
|
],
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Encapsulation"
|
|
},
|
|
{
|
|
"name": "common_app_label",
|
|
"type": "string",
|
|
"doc": {
|
|
"visibility": "disabled"
|
|
},
|
|
"label": "Application Label"
|
|
},
|
|
{
|
|
"name": "common_tunnels",
|
|
"type": "string",
|
|
"doc": {
|
|
"visibility": "hidden"
|
|
},
|
|
"label": "Tunnels"
|
|
},
|
|
{
|
|
"name": "common_protocol_label",
|
|
"type": "string",
|
|
"doc": {
|
|
"visibility": "hidden"
|
|
},
|
|
"label": "Protocol Label"
|
|
},
|
|
{
|
|
"name": "common_app_id",
|
|
"type": "string",
|
|
"label": "Application ID",
|
|
"doc": {
|
|
"visibility": "hidden"
|
|
}
|
|
},
|
|
{
|
|
"name": "common_userdefine_app_name",
|
|
"label": "User Define App Name",
|
|
"type": "string",
|
|
"doc": {
|
|
"visibility": "hidden"
|
|
}
|
|
},
|
|
{
|
|
"name": "common_app_identify_info",
|
|
"label": "App Identity Info",
|
|
"doc": {
|
|
"visibility": "hidden"
|
|
},
|
|
"type": "string"
|
|
},
|
|
{
|
|
"name": "common_app_surrogate_id",
|
|
"type": "string",
|
|
"label": "Surrogate ID",
|
|
"doc": {
|
|
"visibility": "hidden"
|
|
}
|
|
},
|
|
{
|
|
"name": "common_l7_protocol",
|
|
"type": "string",
|
|
"doc": {
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "L7 Protocol"
|
|
},
|
|
{
|
|
"name": "common_service_category",
|
|
"label": "FQDN Category",
|
|
"doc": {
|
|
"visibility": "enabled"
|
|
},
|
|
"type": {
|
|
"type": "array",
|
|
"items": "int"
|
|
}
|
|
},
|
|
{
|
|
"name": "common_start_time",
|
|
"type": "long",
|
|
"doc": {
|
|
"constraints": {
|
|
"type": "timestamp"
|
|
},
|
|
"visibility": "hidden"
|
|
},
|
|
"label": "Start Time"
|
|
},
|
|
{
|
|
"name": "common_end_time",
|
|
"type": "long",
|
|
"doc": {
|
|
"constraints": {
|
|
"type": "timestamp"
|
|
},
|
|
"visibility": "hidden"
|
|
},
|
|
"label": "End Time"
|
|
},
|
|
{
|
|
"name": "common_establish_latency_ms",
|
|
"type": "long",
|
|
"doc": {
|
|
"visibility": "hidden"
|
|
},
|
|
"label": "TCP Handshake Latency (ms)"
|
|
},
|
|
{
|
|
"name": "common_con_duration_ms",
|
|
"type": "long",
|
|
"doc": {
|
|
"visibility": "hidden"
|
|
},
|
|
"label": "Duration (ms)"
|
|
},
|
|
{
|
|
"name": "common_stream_dir",
|
|
"type": "int",
|
|
"doc": {
|
|
"data": [
|
|
{
|
|
"code": "1",
|
|
"value": "c2s"
|
|
},
|
|
{
|
|
"code": "2",
|
|
"value": "s2c"
|
|
},
|
|
{
|
|
"code": "3",
|
|
"value": "double"
|
|
}
|
|
],
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Stream Direction"
|
|
},
|
|
{
|
|
"name": "common_address_list",
|
|
"type": "string",
|
|
"doc": {
|
|
"visibility": "disabled"
|
|
},
|
|
"label": "Address List"
|
|
},
|
|
{
|
|
"name": "common_has_dup_traffic",
|
|
"type": "int",
|
|
"doc": {
|
|
"data": [
|
|
{
|
|
"code": "0",
|
|
"value": "No"
|
|
},
|
|
{
|
|
"code": "1",
|
|
"value": "Yes"
|
|
}
|
|
],
|
|
"visibility": "hidden"
|
|
},
|
|
"label": "Duplication Traffic"
|
|
},
|
|
{
|
|
"name": "common_stream_error",
|
|
"type": "string",
|
|
"doc": {
|
|
"visibility": "hidden"
|
|
},
|
|
"label": "Stream Error"
|
|
},
|
|
{
|
|
"name": "common_stream_trace_id",
|
|
"type": "long",
|
|
"doc": {
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Session ID"
|
|
},
|
|
{
|
|
"name": "common_link_info_c2s",
|
|
"type": "string",
|
|
"doc": {
|
|
"visibility": "hidden"
|
|
},
|
|
"label": "Link Info (c2s)"
|
|
},
|
|
{
|
|
"name": "common_link_info_s2c",
|
|
"type": "string",
|
|
"doc": {
|
|
"visibility": "hidden"
|
|
},
|
|
"label": "Link Info (s2c)"
|
|
},
|
|
{
|
|
"name": "common_packet_capture_file",
|
|
"label": "Packet Capture File",
|
|
"doc": {
|
|
"visibility": "hidden",
|
|
"constraints": {
|
|
"type": "file"
|
|
}
|
|
},
|
|
"type": "string"
|
|
},
|
|
{
|
|
"name": "common_c2s_ipfrag_num",
|
|
"type": "long",
|
|
"doc": {
|
|
"visibility": "hidden"
|
|
},
|
|
"label": "Fragmentation Packets (c2s)"
|
|
},
|
|
{
|
|
"name": "common_s2c_ipfrag_num",
|
|
"type": "long",
|
|
"doc": {
|
|
"visibility": "hidden"
|
|
},
|
|
"label": "Fragmentation Packets (s2c)"
|
|
},
|
|
{
|
|
"name": "common_c2s_tcp_lostlen",
|
|
"type": "long",
|
|
"doc": {
|
|
"visibility": "hidden"
|
|
},
|
|
"label": "Sequence Gap Loss (c2s)"
|
|
},
|
|
{
|
|
"name": "common_s2c_tcp_lostlen",
|
|
"type": "long",
|
|
"doc": {
|
|
"visibility": "hidden"
|
|
},
|
|
"label": "Sequence Gap Loss (s2c)"
|
|
},
|
|
{
|
|
"name": "common_c2s_tcp_unorder_num",
|
|
"type": "long",
|
|
"doc": {
|
|
"visibility": "hidden"
|
|
},
|
|
"label": "Unordered Packets (c2s)"
|
|
},
|
|
{
|
|
"name": "common_s2c_tcp_unorder_num",
|
|
"type": "long",
|
|
"doc": {
|
|
"visibility": "hidden"
|
|
},
|
|
"label": "Unordered Packets (s2c)"
|
|
},
|
|
{
|
|
"name": "common_c2s_pkt_retrans",
|
|
"type": "long",
|
|
"doc": {
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Packet Retransmission (c2s)"
|
|
},
|
|
{
|
|
"name": "common_s2c_pkt_retrans",
|
|
"type": "long",
|
|
"doc": {
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Packet Retransmission (s2c)"
|
|
},
|
|
{
|
|
"name": "common_c2s_byte_retrans",
|
|
"type": "long",
|
|
"doc": {
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Byte Retransmission (c2s)"
|
|
},
|
|
{
|
|
"name": "common_s2c_byte_retrans",
|
|
"type": "long",
|
|
"doc": {
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Byte Retransmission (s2c)"
|
|
},
|
|
{
|
|
"name": "common_tcp_client_isn",
|
|
"label": "TCP Client ISN",
|
|
"doc": {
|
|
"visibility": "disabled"
|
|
},
|
|
"type": "long"
|
|
},
|
|
{
|
|
"name": "common_tcp_server_isn",
|
|
"label": "TCP Server ISN",
|
|
"doc": {
|
|
"visibility": "disabled"
|
|
},
|
|
"type": "long"
|
|
},
|
|
{
|
|
"name": "common_first_ttl",
|
|
"type": "int",
|
|
"doc": {
|
|
"visibility": "hidden"
|
|
},
|
|
"label": "First TTL"
|
|
},
|
|
{
|
|
"name": "common_processing_time",
|
|
"type": "long",
|
|
"doc": {
|
|
"constraints": {
|
|
"type": "timestamp"
|
|
},
|
|
"format": {
|
|
"functions": "current_timestamp"
|
|
},
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Processing Time"
|
|
},
|
|
{
|
|
"name": "common_ingestion_time",
|
|
"label": "Ingestion Time",
|
|
"doc": {
|
|
"constraints": {
|
|
"type": "timestamp"
|
|
},
|
|
"format": {
|
|
"functions": "ingestion_time"
|
|
},
|
|
"visibility": "enabled"
|
|
},
|
|
"type": "long"
|
|
},
|
|
{
|
|
"name": "common_mirrored_pkts",
|
|
"label": "Mirrored Packets",
|
|
"type": "long",
|
|
"doc": {
|
|
"visibility": "hidden"
|
|
}
|
|
},
|
|
{
|
|
"name": "common_mirrored_bytes",
|
|
"label": "Mirrored Bytes",
|
|
"type": "long",
|
|
"doc": {
|
|
"visibility": "hidden"
|
|
}
|
|
},
|
|
{
|
|
"name": "nic_name",
|
|
"type": "string",
|
|
"doc": {
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Nic Name"
|
|
},
|
|
{
|
|
"name": "origin_source_mac",
|
|
"type": "string",
|
|
"doc": {
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Origin Source Mac"
|
|
},
|
|
{
|
|
"name": "origin_dest_mac",
|
|
"type": "string",
|
|
"doc": {
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Origin Dest Mac"
|
|
},
|
|
{
|
|
"name": "packet_url",
|
|
"type": "string",
|
|
"doc": {
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Packet URL"
|
|
},
|
|
{
|
|
"name": "pcap_storage_task_id",
|
|
"type": "int",
|
|
"doc": {
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Task ID"
|
|
},
|
|
{
|
|
"name": "pcap_storage_duration",
|
|
"type": "int",
|
|
"doc": {
|
|
"visibility": "enabled"
|
|
},
|
|
"label": "Duration"
|
|
}
|
|
]
|
|
} |