| countries_contacts |
Hosts |
Community |
min |
|
0 |
|
|
| custom_host_lua_script |
Hosts |
Community |
min |
|
0 |
|
|
| dangerous_host |
Hosts |
Community |
min |
|
0 |
|
|
| dns_contacts |
Hosts |
Community |
min |
|
0 |
|
|
| domain_names_contacts |
Hosts |
Community |
min |
|
0 |
|
|
| external_host_script |
Hosts |
Community |
min |
|
0 |
|
|
| flow_flood |
Hosts |
Community |
min |
|
0 |
|
|
| icmp_flood |
Hosts |
Community |
min |
|
0 |
|
|
| ntp_contacts |
Hosts |
Community |
min |
|
0 |
|
|
| remote_connection |
Hosts |
Community |
min |
|
0 |
|
|
| scan |
Hosts |
Enterprise M |
5mins |
|
0 |
|
|
| smtp_contacts |
Hosts |
Community |
min |
|
0 |
|
|
| suspicious_domain_scan |
Hosts |
Enterprise M |
hour |
|
0 |
|
|
| unexpected_gateway |
Hosts |
Community |
min |
|
0 |
|
|
| dropped_alerts |
Interfaces |
Community |
min |
|
0 |
|
|
| ghost_networks |
Interfaces |
Community |
min |
|
0 |
|
|
| no_if_activity |
Interfaces |
Community |
min |
|
0 |
|
|
| no_probe_or_exporter_activity |
Interfaces |
Community |
min |
|
0 |
|
|
| periodic_activity_not_executed |
Interfaces |
Community |
min |
|
0 |
|
|
| slow_periodic_activity |
Interfaces |
Community |
min |
|
0 |
|
|
| too_many_drops |
Interfaces |
Community |
min |
|
0 |
|
|
| broadcast_domain_too_large |
Networks |
Community |
min |
|
0 |
|
|
| flow_flood_victim |
Networks |
Community |
min |
|
0 |
|
|
| ip_reassignment |
Networks |
Community |
min |
|
0 |
|
|
| network_discovery |
Networks |
Community |
min |
|
0 |
|
|
| network_issues |
Networks |
Community |
min |
|
0 |
|
|
| syn_scan_victim |
Networks |
Community |
min |
packet_interface |
0 |
|
|
| binary_application_transfer |
Flows |
Community |
|
|
0 |
00:34 sec |
|
| blacklisted |
Flows |
Community |
|
|
0 |
00:28 sec |
|
| blacklisted_client_contact |
Flows |
Community |
|
|
0 |
00:29 sec |
|
| blacklisted_server_contact |
Flows |
Community |
|
|
0 |
00:26 sec |
|
| broadcast_non_udp_traffic |
Flows |
Community |
|
|
0 |
00:29 sec |
|
| country_check |
Flows |
Community |
|
|
0 |
< 1 ms |
|
| custom_lua_script |
Flows |
Community |
|
|
0 |
< 1 ms |
|
| device_protocol_not_allowed |
Flows |
Community |
|
|
0 |
00:57 sec |
|
| external_alert_check |
Flows |
Community |
|
|
0 |
01:17 |
|
| iec_invalid_command_transition |
Flows |
Community |
|
packet_interface |
0 |
< 1 ms |
|
| iec_invalid_transition |
Flows |
Community |
|
packet_interface |
0 |
< 1 ms |
|
| iec_unexpected_type_id |
Flows |
Community |
|
packet_interface |
0 |
< 1 ms |
|
| known_proto_on_non_std_port |
Flows |
Community |
|
|
0 |
05:41 |
|
| low_goodput |
Flows |
Community |
|
packet_interface, nedge=false |
0 |
04:05 |
|
| ndpi_anonymous_subscriber |
Flows |
Community |
|
|
0 |
00:27 sec |
|
| ndpi_binary_data_transfer |
Flows |
Community |
|
|
0 |
00:24 sec |
|
| ndpi_clear_text_credentials |
Flows |
Community |
|
|
0 |
00:26 sec |
|
| ndpi_desktop_or_file_sharing_session |
Flows |
Community |
|
|
0 |
00:33 sec |
|
| ndpi_dns_fragmented |
Flows |
Community |
|
|
0 |
00:32 sec |
|
| ndpi_dns_large_packet |
Flows |
Community |
|
|
0 |
00:32 sec |
|
| ndpi_dns_suspicious_traffic |
Flows |
Community |
|
|
0 |
00:32 sec |
|
| ndpi_error_code_detected |
Flows |
Community |
|
|
0 |
00:29 sec |
|
| ndpi_http_crawler_bot |
Flows |
Community |
|
|
0 |
00:23 sec |
|
| ndpi_http_obsolete_server |
Flows |
Community |
|
|
0 |
00:32 sec |
|
| ndpi_http_suspicious_content |
Flows |
Community |
|
|
0 |
00:27 sec |
|
| ndpi_http_suspicious_header |
Flows |
Community |
|
|
0 |
00:31 sec |
|
| ndpi_http_suspicious_url |
Flows |
Community |
|
|
0 |
00:29 sec |
|
| ndpi_http_suspicious_user_agent |
Flows |
Community |
|
|
0 |
00:32 sec |
|
| ndpi_invalid_characters |
Flows |
Community |
|
|
0 |
00:28 sec |
|
| ndpi_malformed_packet |
Flows |
Community |
|
|
0 |
00:31 sec |
|
| ndpi_malicious_fingerprint |
Flows |
Community |
|
|
0 |
00:32 sec |
|
| ndpi_malicious_sha1_certificate |
Flows |
Community |
|
|
0 |
00:31 sec |
|
| ndpi_malware_host_contacted |
Flows |
Community |
|
|
0 |
00:32 sec |
|
| ndpi_minor_issues |
Flows |
Community |
|
|
0 |
00:25 sec |
|
| ndpi_mismatching_protocol_with_ip |
Flows |
Community |
|
|
0 |
00:23 sec |
|
| ndpi_numeric_ip_host |
Flows |
Community |
|
|
0 |
00:31 sec |
|
| ndpi_obfuscated_traffic |
Flows |
Community |
|
|
0 |
00:26 sec |
|
| ndpi_periodic_flow |
Flows |
Community |
|
|
0 |
< 1 ms |
|
| ndpi_possible_exploit |
Flows |
Community |
|
|
0 |
00:23 sec |
|
| ndpi_probing_attempt |
Flows |
Community |
|
|
0 |
00:23 sec |
|
| ndpi_punicody_idn |
Flows |
Community |
|
|
0 |
00:23 sec |
|
| ndpi_risky_asn |
Flows |
Community |
|
|
0 |
00:32 sec |
|
| ndpi_risky_domain |
Flows |
Community |
|
|
0 |
00:32 sec |
|
| ndpi_smb_insecure_version |
Flows |
Community |
|
|
0 |
00:31 sec |
|
| ndpi_ssh_obsolete_client |
Flows |
Community |
|
|
0 |
00:30 sec |
|
| ndpi_ssh_obsolete_server |
Flows |
Community |
|
|
0 |
00:31 sec |
|
| ndpi_suspicious_dga_domain |
Flows |
Community |
|
|
0 |
00:32 sec |
|
| ndpi_suspicious_entropy |
Flows |
Community |
|
|
0 |
00:31 sec |
|
| ndpi_tcp_issues |
Flows |
Community |
|
|
0 |
00:26 sec |
|
| ndpi_tls_alpn_sni_mismatch |
Flows |
Community |
|
|
0 |
00:23 sec |
|
| ndpi_tls_certificate_about_to_expire |
Flows |
Community |
|
|
0 |
00:23 sec |
|
| ndpi_tls_fatal_alert |
Flows |
Community |
|
|
0 |
00:34 sec |
|
| ndpi_tls_missing_sni |
Flows |
Community |
|
|
0 |
04:31 |
|
| ndpi_tls_not_carrying_https |
Flows |
Community |
|
|
0 |
04:15 |
|
| ndpi_tls_suspicious_extension |
Flows |
Community |
|
|
0 |
00:27 sec |
|
| ndpi_tls_uncommon_alpn |
Flows |
Community |
|
|
0 |
00:25 sec |
|
| ndpi_unidirectional_traffic |
Flows |
Community |
|
|
0 |
00:28 sec |
|
| ndpi_unsafe_protocol |
Flows |
Community |
|
|
0 |
00:25 sec |
|
| ndpi_url_possible_rce_injection |
Flows |
Community |
|
|
0 |
00:27 sec |
|
| ndpi_url_possible_sql_injection |
Flows |
Community |
|
|
0 |
00:32 sec |
|
| ndpi_url_possible_xss |
Flows |
Community |
|
|
0 |
00:30 sec |
|
| not_purged |
Flows |
Community |
|
|
0 |
00:29 sec |
|
| rare_destination |
Flows |
Community |
|
packet_interface, nedge=false |
0 |
00:35 sec |
|
| remote_access |
Flows |
Community |
|
|
0 |
00:52 sec |
|
| remote_to_local_insecure_flow |
Flows |
Community |
|
|
0 |
00:30 sec |
|
| remote_to_remote |
Flows |
Community |
|
|
0 |
< 1 ms |
|
| tcp_flow_reset |
Flows |
Community |
|
|
0 |
< 1 ms |
|
| tcp_no_data_exchanged |
Flows |
Community |
|
packet_interface |
0 |
00:27 sec |
|
| unexpected_dhcp |
Flows |
Community |
|
|
0 |
< 1 ms |
|
| unexpected_dns |
Flows |
Community |
|
|
0 |
< 1 ms |
|
| unexpected_ntp |
Flows |
Community |
|
|
0 |
< 1 ms |
|
| unexpected_smtp |
Flows |
Community |
|
|
0 |
< 1 ms |
|
| vlan_bidirectional_traffic |
Flows |
Community |
|
|
0 |
< 1 ms |
|
| web_mining |
Flows |
Community |
|
|
0 |
00:27 sec |
|
| zero_tcp_window |
Flows |
Community |
|
packet_interface |
0 |
00:26 sec |
|
| dropped_alerts |
System |
Community |
min |
|
0 |
|
|
| exporters_limit_exceeded |
System |
Community |
min |
|
0 |
|
|
| ids_ips_log |
System |
Community |
min |
|
0 |
|
|
| periodic_activity_not_executed |
System |
Community |
min |
|
0 |
|
|
| redis_reads_writes_exceeded |
System |
Community |
day |
|
0 |
|
|
| slow_periodic_activity |
System |
Community |
min |
|
0 |
|
|
| system_error |
System |
Community |
min |
|
0 |
|
|
| host_log |
Syslog |
Community |
handleEvent |
|
0 |
|
|
| nbox |
Syslog |
Community |
handleEvent |
|
0 |
|
|
| suricata |
Syslog |
Community |
handleEvent |
nedge=false |
0 |
|
|