[2025-12-09 19:32:28.466] [DEBUG] [tid:140062327686848] (main_cnn.cpp:334) 启动 cnn预测及训练!
[2025-12-09 19:32:28.469] [ERROR] [tid:140062327686848] (KafkaConsumer.cpp:173) Created consumer rdkafka#consumer-2
[2025-12-09 19:32:28.469] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:453) subscribe successed: Success
[2025-12-09 19:32:45.836] [ERROR] [tid:140062327686848] (KafkaConsumer.cpp:89) RebalanceCb: Local: Assign partitions: 
[2025-12-09 19:32:45.836] [ERROR] [tid:140062327686848] (KafkaConsumer.cpp:79) analyzed_queue_cnn[0], 
[2025-12-09 19:32:45.836] [ERROR] [tid:140062327686848] (KafkaConsumer.cpp:79) analyzed_queue_cnn[1], 
[2025-12-09 19:33:30.837] [ERROR] [tid:140062327686848] (KafkaConsumer.cpp:89) RebalanceCb: Local: Revoke partitions: 
[2025-12-09 19:33:30.837] [ERROR] [tid:140062327686848] (KafkaConsumer.cpp:79) analyzed_queue_cnn[0], 
[2025-12-09 19:33:30.837] [ERROR] [tid:140062327686848] (KafkaConsumer.cpp:79) analyzed_queue_cnn[1], 
[2025-12-09 19:33:30.845] [ERROR] [tid:140062327686848] (KafkaConsumer.cpp:89) RebalanceCb: Local: Assign partitions: 
[2025-12-09 19:33:30.845] [ERROR] [tid:140062327686848] (KafkaConsumer.cpp:79) analyzed_queue_cnn[0], 
[2025-12-09 19:33:30.845] [ERROR] [tid:140062327686848] (KafkaConsumer.cpp:79) analyzed_queue_cnn[1], 
[2025-12-09 19:33:30.845] [ERROR] [tid:140062327686848] (KafkaConsumer.cpp:79) analyzed_queue_cnn[2], 
[2025-12-09 19:34:25.792] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 23980 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_http_cat.pcap.UDP_192-168-52-1_60210_239-255-255-250_1900.1726193426.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_http_cat.pcap.UDP_192-168-52-1_60210_239-255-255-250_1900.1726193426.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T113425Z&X-Amz-Signature=e3ddd91b4e580e8f00bd1b96d42116126c1c7d000f493db8a6390c555b18d7cb&X-Amz-Expires=604800"}
[2025-12-09 19:34:25.792] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:34:25.793] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:34:29.084] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:34:29.084] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:34:29.084] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:34:29.084] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:34:29.090] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_http_cat.pcap.UDP_192-168-52-1_60210_239-255-255-250_1900.1726193426.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765308869089, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:34:29.090] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:34:29.090] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 23981 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_https_whoami.pcap.UDP_192-168-52-1_54772_239-255-255-250_1900.1725956199.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_https_whoami.pcap.UDP_192-168-52-1_54772_239-255-255-250_1900.1725956199.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=b1363bc1eee5e1e515021f2836a50d96e0216501949d3e574d20868bdc9082cf&X-Amz-Date=20251209T113428Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 19:34:29.090] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:34:29.090] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:34:29.090] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:34:29.090] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:34:29.090] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:34:29.090] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:34:29.094] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_https_whoami.pcap.UDP_192-168-52-1_54772_239-255-255-250_1900.1725956199.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765308869094, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:34:29.094] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:34:32.028] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 23982 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_https_whoami.pcap.UDP_192-168-52-1_54773_239-255-255-250_1900.1725956199.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_https_whoami.pcap.UDP_192-168-52-1_54773_239-255-255-250_1900.1725956199.jsonl?X-Amz-Date=20251209T113431Z&X-Amz-Expires=604800&X-Amz-Signature=77735ce47cd9003b75ad54fd6751513049e6385b69b4b571a7ec0b967401e3f1&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 19:34:32.028] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:34:32.028] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:34:32.028] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:34:32.028] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:34:32.029] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:34:32.029] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:34:32.034] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_https_whoami.pcap.UDP_192-168-52-1_54773_239-255-255-250_1900.1725956199.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765308872034, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:34:32.034] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:34:35.142] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24344 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-1_52001_239-255-255-250_1900.1726192246.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-1_52001_239-255-255-250_1900.1726192246.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T113434Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=0f3acfe7b77aa96d5ccbee7cf621be7c95fbd199ecac84e89a3571e4f9a98e9d"}
[2025-12-09 19:34:35.142] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:34:35.142] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:34:35.142] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:34:35.142] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:34:35.142] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:34:35.143] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:34:35.151] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-1_52001_239-255-255-250_1900.1726192246.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765308875150, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:34:35.151] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:34:38.262] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24345 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_http_ls.pcap.UDP_192-168-52-1_51595_239-255-255-250_1900.1726192066.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_http_ls.pcap.UDP_192-168-52-1_51595_239-255-255-250_1900.1726192066.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T113437Z&X-Amz-Expires=604800&X-Amz-Signature=2d560789d12492a785f24c954d093846aff2ed425e10c3240f6fb235292ef190&X-Amz-SignedHeaders=host"}
[2025-12-09 19:34:38.262] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:34:38.262] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:34:38.262] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:34:38.262] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:34:38.262] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:34:38.263] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:34:38.271] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_http_ls.pcap.UDP_192-168-52-1_51595_239-255-255-250_1900.1726192066.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765308878271, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:34:38.271] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:34:41.371] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24346 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID73_godzilla_1.10_aspx_windowsserver2008r2_https.pcap.TCP_192-168-17-1_37985_192-168-17-132_443.1726129728.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID73_godzilla_1.10_aspx_windowsserver2008r2_https.pcap.TCP_192-168-17-1_37985_192-168-17-132_443.1726129728.jsonl?X-Amz-Date=20251209T113440Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=02caa3a9fc84e269d27afd7e4eea090b471d1cfbefffd53a4154e38b5af35442&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 19:34:41.371] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:34:41.371] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:34:41.371] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:34:41.371] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:34:41.371] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:34:41.372] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:34:41.700] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID73_godzilla_1.10_aspx_windowsserver2008r2_https.pcap.TCP_192-168-17-1_37985_192-168-17-132_443.1726129728.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765308881699, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129728166655, "etime": 1726129728166655, "src_ip": "192.168.17.1", "dest_ip": "192.168.17.132", "src_port": 37985, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:34:41.700] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:34:44.485] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24347 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID74_godzilla_2.96_aspx_windowsserver2008r2.pcap.TCP_192-168-17-1_37301_192-168-17-132_443.1726129614.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID74_godzilla_2.96_aspx_windowsserver2008r2.pcap.TCP_192-168-17-1_37301_192-168-17-132_443.1726129614.jsonl?X-Amz-Date=20251209T113443Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=487060e92a0a885a7a34e974cbeb3e5f7eccf5e6a942991060a0e6369a7bde95"}
[2025-12-09 19:34:44.485] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:34:44.485] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:34:44.486] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:34:44.486] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:34:44.486] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:34:44.486] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:34:44.559] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID74_godzilla_2.96_aspx_windowsserver2008r2.pcap.TCP_192-168-17-1_37301_192-168-17-132_443.1726129614.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765308884559, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129614772799, "etime": 1726129614772799, "src_ip": "192.168.17.1", "dest_ip": "192.168.17.132", "src_port": 37301, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:34:44.559] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:34:47.603] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24348 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID75_godzilla_3.0.3_aspx_windowsserver2008r2.pcap.TCP_192-168-17-1_36634_192-168-17-132_443.1726129504.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID75_godzilla_3.0.3_aspx_windowsserver2008r2.pcap.TCP_192-168-17-1_36634_192-168-17-132_443.1726129504.jsonl?X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=69b4d081549ccb7f790d38b6ecf36ed33a25daae75e1a8c360a87a3b4ba85cec&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T113447Z&X-Amz-Expires=604800"}
[2025-12-09 19:34:47.603] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:34:47.603] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:34:47.604] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:34:47.604] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:34:47.604] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:34:47.605] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:34:47.709] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID75_godzilla_3.0.3_aspx_windowsserver2008r2.pcap.TCP_192-168-17-1_36634_192-168-17-132_443.1726129504.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765308887709, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129504208748, "etime": 1726129504208748, "src_ip": "192.168.17.1", "dest_ip": "192.168.17.132", "src_port": 36634, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:34:47.709] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:34:50.712] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 23983 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID76_godzilla_4.01_aspx_windowsserver2008r2.pcap.TCP_192-168-17-1_35946_192-168-17-132_443.1726129385.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID76_godzilla_4.01_aspx_windowsserver2008r2.pcap.TCP_192-168-17-1_35946_192-168-17-132_443.1726129385.jsonl?X-Amz-Date=20251209T113450Z&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=64615a42c859cf3ff84ba11dd9cf6d84b5c33aac54475bbd52c32b1bb381d61e&X-Amz-Expires=604800"}
[2025-12-09 19:34:50.712] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:34:50.713] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:34:50.713] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:34:50.713] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:34:50.713] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:34:50.714] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:34:50.826] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID76_godzilla_4.01_aspx_windowsserver2008r2.pcap.TCP_192-168-17-1_35946_192-168-17-132_443.1726129385.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765308890826, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129385695037, "etime": 1726129385695037, "src_ip": "192.168.17.1", "dest_ip": "192.168.17.132", "src_port": 35946, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:34:50.826] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:34:53.829] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 23984 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID78_Z_Godzilla_ekp1.0_aspx_windowsserver2008r2_https.pcap.TCP_192-168-17-1_58744_192-168-17-132_443.1726121361.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID78_Z_Godzilla_ekp1.0_aspx_windowsserver2008r2_https.pcap.TCP_192-168-17-1_58744_192-168-17-132_443.1726121361.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T113453Z&X-Amz-Signature=e4fdedbe0254e1f17ff5f791f64cb5018d63c9b34b1ea14eebf423b62bd85399&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 19:34:53.829] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:34:53.829] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:34:53.829] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:34:53.829] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:34:53.829] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:34:53.830] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:34:53.945] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID78_Z_Godzilla_ekp1.0_aspx_windowsserver2008r2_https.pcap.TCP_192-168-17-1_58744_192-168-17-132_443.1726121361.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765308893944, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726121361002401, "etime": 1726121361002401, "src_ip": "192.168.17.1", "dest_ip": "192.168.17.132", "src_port": 58744, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:34:53.945] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:34:56.941] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24349 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_185-125-190-98_80_192-168-112-135_55098.1726130543.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_185-125-190-98_80_192-168-112-135_55098.1726130543.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T113456Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=903f1090217d67509d09ee5cbc1f85f999f6776afaa44925ef0002fe15ab8537"}
[2025-12-09 19:34:56.941] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:34:56.941] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:34:56.941] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:34:56.941] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:34:56.941] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:34:56.942] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:34:57.048] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_185-125-190-98_80_192-168-112-135_55098.1726130543.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765308897047, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130543068344, "etime": 1726130543068344, "src_ip": "192.168.112.135", "dest_ip": "185.125.190.98", "src_port": 55098, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:34:57.048] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:35:00.055] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24350 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_185-125-190-98_80_192-168-112-135_40916.1726129588.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_185-125-190-98_80_192-168-112-135_40916.1726129588.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T113459Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=dcb7a3b8163a1bdc76c37a077626408f8c44283e7842890c11ad8b3bab410269"}
[2025-12-09 19:35:00.055] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:35:00.055] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:35:00.055] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:35:00.055] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:35:00.055] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:35:00.056] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:35:00.166] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_185-125-190-98_80_192-168-112-135_40916.1726129588.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765308900165, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129588557992, "etime": 1726129588557992, "src_ip": "192.168.112.135", "dest_ip": "185.125.190.98", "src_port": 40916, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:35:00.166] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:35:03.170] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 23985 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID77_Z_Godzilla_ekp1.1_aspx_windowsserver2008r2_https.pcap.UDP_192-168-17-2_137_192-168-17-132_137.1726129240.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID77_Z_Godzilla_ekp1.1_aspx_windowsserver2008r2_https.pcap.UDP_192-168-17-2_137_192-168-17-132_137.1726129240.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=da29866cf69cd546f5a8544fee8802594b3da771215ec417f036f7b67c141b85&X-Amz-Expires=604800&X-Amz-Date=20251209T113502Z&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:35:03.170] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:35:03.170] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:35:03.170] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:35:03.170] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:35:03.170] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:35:03.171] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:35:03.179] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID77_Z_Godzilla_ekp1.1_aspx_windowsserver2008r2_https.pcap.UDP_192-168-17-2_137_192-168-17-132_137.1726129240.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765308903179, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:35:03.180] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:35:06.285] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 23986 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__http_ls.pcap.UDP_fe80--59b3-66e0-f7a8-70f8_5353_ff02--fb_5353.1726192478.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__http_ls.pcap.UDP_fe80--59b3-66e0-f7a8-70f8_5353_ff02--fb_5353.1726192478.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=ea324f8ff24e9feb0a0cf993dcb94f5957d5c346c24985200d5f391f8d8609fe&X-Amz-Date=20251209T113505Z"}
[2025-12-09 19:35:06.285] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:35:06.285] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:35:06.285] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:35:06.285] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:35:06.285] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:35:06.286] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:35:06.294] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__http_ls.pcap.UDP_fe80--59b3-66e0-f7a8-70f8_5353_ff02--fb_5353.1726192478.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765308906293, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:35:06.294] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:35:09.405] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 23987 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44876.1726132156.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44876.1726132156.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T113508Z&X-Amz-Signature=14c2936173922d0218bccba9eedad4af0d33e3d5129593ce2cb33b7978c0ea5d&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 19:35:09.405] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:35:09.405] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:35:09.405] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:35:09.405] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:35:09.405] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:35:09.406] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:35:09.515] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44876.1726132156.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765308909515, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132156836026, "etime": 1726132156836026, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44876, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:35:09.515] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:35:12.514] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24351 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53322.1726132238.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53322.1726132238.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T113512Z&X-Amz-Signature=1dc2fb5478f4295bd7fab77b01cb33ef2e68d9cde6abde8b3a41b35d6f2f9878&X-Amz-SignedHeaders=host"}
[2025-12-09 19:35:12.514] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:35:12.514] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:35:12.514] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:35:12.514] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:35:12.514] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:35:12.515] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:35:12.615] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53322.1726132238.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765308912615, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132238748089, "etime": 1726132238748089, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53322, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:35:12.615] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:35:15.626] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25602 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__http_ls.pcap.UDP_192-168-52-1_5353_224-0-0-251_5353.1726192478.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__http_ls.pcap.UDP_192-168-52-1_5353_224-0-0-251_5353.1726192478.jsonl?X-Amz-Expires=604800&X-Amz-Signature=d5e98ac343f7f8326d646498fb7888d82ee578c97cd26d7793e457c38e6be3bb&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T113515Z"}
[2025-12-09 19:35:15.626] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:35:15.626] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:35:15.626] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:35:15.626] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:35:15.626] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:35:15.627] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:35:15.635] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__http_ls.pcap.UDP_192-168-52-1_5353_224-0-0-251_5353.1726192478.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765308915634, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:35:15.635] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:35:18.743] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25603 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID78_Z_Godzilla_ekp1.0_aspx_windowsserver2008r2_https.pcap.UDP_fe80--e81c-5aaa-584f-f6fb_546_ff02--1-2_547.1726121355.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID78_Z_Godzilla_ekp1.0_aspx_windowsserver2008r2_https.pcap.UDP_fe80--e81c-5aaa-584f-f6fb_546_ff02--1-2_547.1726121355.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T113518Z&X-Amz-Expires=604800&X-Amz-Signature=3601408aac95ad9f91eee3f3e010c5b874bb3c6c677ee8ba767859b7c2f123f2&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:35:18.743] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:35:18.743] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:35:18.743] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:35:18.743] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:35:18.743] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:35:18.744] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:35:18.753] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID78_Z_Godzilla_ekp1.0_aspx_windowsserver2008r2_https.pcap.UDP_fe80--e81c-5aaa-584f-f6fb_546_ff02--1-2_547.1726121355.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765308918752, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:35:18.753] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:35:21.851] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 23988 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44900.1726132198.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44900.1726132198.jsonl?X-Amz-Signature=099348b04bd3e4e7c7eac9adab396a658d99eb7693383d70b694d95e0df0556b&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Date=20251209T113521Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:35:21.852] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:35:21.852] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:35:21.852] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:35:21.852] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:35:21.852] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:35:21.853] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:35:21.962] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44900.1726132198.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765308921962, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132198894650, "etime": 1726132198894650, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44900, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:35:21.963] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:35:24.969] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25604 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_38764.1726130487.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_38764.1726130487.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=5e81fd98838f1544ff07c3b636a27890e4bcf6104c5b109b9fcd29d6972bb464&X-Amz-Date=20251209T113524Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:35:24.969] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:35:24.969] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:35:24.969] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:35:24.969] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:35:24.969] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:35:24.970] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:35:25.079] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_38764.1726130487.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765308925078, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130487856048, "etime": 1726130487856048, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 38764, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:35:25.079] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:35:28.071] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24352 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_47816.1726130530.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_47816.1726130530.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T113527Z&X-Amz-Expires=604800&X-Amz-Signature=b034e4e4b0b6f3f2afebe9e89d243c826eec103adad8688ae104cdda8d079286&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:35:28.071] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:35:28.071] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:35:28.071] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:35:28.071] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:35:28.071] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:35:28.072] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:35:28.175] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_47816.1726130530.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765308928174, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130530173006, "etime": 1726130530173006, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 47816, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:35:28.175] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:35:31.183] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 23989 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_36538.1726130578.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_36538.1726130578.jsonl?X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T113530Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=674a590c86e6c4e06f997d6baa32169fca4bbac61f406a8d76703618b519e8c1"}
[2025-12-09 19:35:31.183] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:35:31.183] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:35:31.184] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:35:31.184] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:35:31.184] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:35:31.185] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:35:31.297] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_36538.1726130578.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765308931297, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130578536187, "etime": 1726130578536187, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 36538, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:35:31.297] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:35:34.300] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 23990 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_34308.1726129515.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_34308.1726129515.jsonl?X-Amz-Date=20251209T113533Z&X-Amz-Signature=789415c7c2d3fac446ff37dff0eb061aad23df91d4b13d1d2448c34fc2e00907&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 19:35:34.300] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:35:34.300] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:35:34.301] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:35:34.301] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:35:34.301] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:35:34.302] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:35:34.410] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_34308.1726129515.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765308934410, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129515036169, "etime": 1726129515036169, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 34308, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:35:34.410] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:35:37.414] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25605 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_52090.1726129584.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_52090.1726129584.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T113536Z&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=2f55c6865990fea3f5dc5e61330fd0832d6946adfd31ea1a7d371cd1e2c5d7d1"}
[2025-12-09 19:35:37.414] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:35:37.414] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:35:37.415] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:35:37.415] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:35:37.415] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:35:37.415] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:35:37.534] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_52090.1726129584.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765308937533, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129584155492, "etime": 1726129584155492, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 52090, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:35:37.534] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:35:40.524] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24353 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_35708.1726129632.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_35708.1726129632.jsonl?X-Amz-Date=20251209T113540Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=6813fd42fbc6220b89ded0a78697665b514dff2ab7bf76fefc077b5d437653f5"}
[2025-12-09 19:35:40.524] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:35:40.524] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:35:40.524] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:35:40.524] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:35:40.524] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:35:40.525] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:35:40.627] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_35708.1726129632.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765308940627, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129632474958, "etime": 1726129632474958, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 35708, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:35:40.627] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:35:43.626] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24354 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49233.1727232101.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49233.1727232101.jsonl?X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Date=20251209T113543Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=4efa9e4104ca6b2ad69ae828afb08dd8596d5770653c2ccc163de9dfb8905906&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:35:43.626] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:35:43.626] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:35:43.626] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:35:43.626] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:35:43.626] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:35:43.627] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:35:43.721] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49233.1727232101.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765308943721, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727232101567952, "etime": 1727232101567952, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49233, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:35:43.721] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:35:46.738] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24355 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50122.1726212710.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50122.1726212710.jsonl?X-Amz-Date=20251209T113546Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=fe2c3bb9bafb4793622afbb7792f2a2acabd97c854e7d43e36beb4474c02d5e8"}
[2025-12-09 19:35:46.738] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:35:46.738] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:35:46.738] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:35:46.738] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:35:46.738] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:35:46.739] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:35:46.846] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50122.1726212710.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765308946846, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726212710677896, "etime": 1726212710677896, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50122, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:35:46.847] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:35:49.844] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25606 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP2.pcap.TCP_192-168-112-140_51119_192-168-112-141_49196.1727231967.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP2.pcap.TCP_192-168-112-140_51119_192-168-112-141_49196.1727231967.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T113549Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=99366cf2834fa197306e26aa9acd031777e873c75a3f0ae300084f9d9ab2d340"}
[2025-12-09 19:35:49.844] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:35:49.844] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:35:49.844] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:35:49.844] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:35:49.844] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:35:49.845] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:35:49.952] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP2.pcap.TCP_192-168-112-140_51119_192-168-112-141_49196.1727231967.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765308949951, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727231967330495, "etime": 1727231967330495, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49196, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:35:49.952] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:35:52.958] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24356 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-http-1.pcap.TCP_192-168-163-21_42202_192-168-163-23_443.1726208536.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-http-1.pcap.TCP_192-168-163-21_42202_192-168-163-23_443.1726208536.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=b1c877961cfb754c2d68ff4ad3501d3bd58198276a48b8f6718c79eff1a28b27&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T113552Z&X-Amz-SignedHeaders=host"}
[2025-12-09 19:35:52.958] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:35:52.958] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:35:52.958] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:35:52.958] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:35:52.958] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:35:52.959] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:35:53.069] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-http-1.pcap.TCP_192-168-163-21_42202_192-168-163-23_443.1726208536.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765308953068, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726208536491396, "etime": 1726208536491396, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 42202, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:35:53.069] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:35:56.072] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 23991 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_47642.1726130399.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_47642.1726130399.jsonl?X-Amz-Expires=604800&X-Amz-Date=20251209T113555Z&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=edbe135b4fa08b113aea416882bb87a32006cacd1573487f8479ea2ca02af1c5"}
[2025-12-09 19:35:56.072] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:35:56.072] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:35:56.072] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:35:56.072] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:35:56.072] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:35:56.073] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:35:56.183] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_47642.1726130399.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765308956182, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130399635810, "etime": 1726130399635810, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 47642, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:35:56.183] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:35:59.186] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24357 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID60_behinderv4.1_aspx_winserver2012r2-tls1.3_1.pcap.TCP_10-0-4-15_443_218-26-55-102_43315.1726308782.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID60_behinderv4.1_aspx_winserver2012r2-tls1.3_1.pcap.TCP_10-0-4-15_443_218-26-55-102_43315.1726308782.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=91cb62e0449ff9f63711af525d13c82f92b6ac9f5aaaafef750124d2a45e6f91&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T113558Z&X-Amz-Expires=604800"}
[2025-12-09 19:35:59.186] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:35:59.186] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:35:59.187] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:35:59.187] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:35:59.187] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:35:59.188] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:35:59.297] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID60_behinderv4.1_aspx_winserver2012r2-tls1.3_1.pcap.TCP_10-0-4-15_443_218-26-55-102_43315.1726308782.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765308959297, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726308782057781, "etime": 1726308782057781, "src_ip": "218.26.55.102", "dest_ip": "10.0.4.15", "src_port": 43315, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:35:59.297] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:36:02.304] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24358 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_cat.pcap.UDP_192-168-52-2_53_192-168-52-129_36168.1726192308.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_cat.pcap.UDP_192-168-52-2_53_192-168-52-129_36168.1726192308.jsonl?X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=3050e4b45e6f9f19a12d611afbf72c35d23ce119ee69c06f7fffb23699a98481&X-Amz-Date=20251209T113601Z"}
[2025-12-09 19:36:02.304] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:36:02.304] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:36:02.304] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:36:02.304] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:36:02.304] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:36:02.305] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:36:02.314] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_cat.pcap.UDP_192-168-52-2_53_192-168-52-129_36168.1726192308.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765308962313, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:36:02.314] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:36:05.418] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25607 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_cat.pcap.UDP_192-168-52-2_53_192-168-52-129_57739.1726192309.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_cat.pcap.UDP_192-168-52-2_53_192-168-52-129_57739.1726192309.jsonl?X-Amz-Signature=d9d22eb043554bb7825e1ffae67ea1453e74f60e4e56a8643259668c42ae441b&X-Amz-Date=20251209T113604Z&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 19:36:05.418] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:36:05.418] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:36:05.418] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:36:05.418] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:36:05.418] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:36:05.419] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:36:05.427] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_cat.pcap.UDP_192-168-52-2_53_192-168-52-129_57739.1726192309.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765308965426, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:36:05.427] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:36:08.526] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25608 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_ls.pcap.UDP_192-168-52-2_53_192-168-52-129_36839.1726192280.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_ls.pcap.UDP_192-168-52-2_53_192-168-52-129_36839.1726192280.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=3800b20f3a35d3262485954e65eb4733044b9f22d41683d6e6d606e62c613bb2&X-Amz-Date=20251209T113608Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 19:36:08.526] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:36:08.526] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:36:08.527] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:36:08.527] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:36:08.527] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:36:08.528] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:36:08.536] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_ls.pcap.UDP_192-168-52-2_53_192-168-52-129_36839.1726192280.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765308968535, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:36:08.536] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:36:11.644] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 23992 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_https_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_43683.1725956188.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_https_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_43683.1725956188.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T113611Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=2ffd4ac6bd013c90c4758a04935f194cb436ced3748ea546ae8727ba238da9c3"}
[2025-12-09 19:36:11.644] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:36:11.644] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:36:11.644] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:36:11.644] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:36:11.644] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:36:11.645] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:36:11.653] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_https_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_43683.1725956188.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765308971653, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:36:11.653] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:36:14.754] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24359 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_https_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_56848.1725956188.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_https_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_56848.1725956188.jsonl?X-Amz-Signature=eb6d90a41295b36616ef8abb139fd5490ea882b3b6675701208ec289e0aba100&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T113614Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 19:36:14.755] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:36:14.755] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:36:14.755] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:36:14.755] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:36:14.755] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:36:14.756] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:36:14.764] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_https_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_56848.1725956188.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765308974763, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:36:14.764] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:36:17.857] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25609 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_54524.1726192241.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_54524.1726192241.jsonl?X-Amz-Date=20251209T113617Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=e2d834300f562c2999860aae594fa03b7de80d4d1e2c40bb0ec0f0ffed61751f&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 19:36:17.857] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:36:17.857] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:36:17.857] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:36:17.857] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:36:17.858] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:36:17.858] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:36:17.867] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_54524.1726192241.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765308977866, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:36:17.867] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:36:20.958] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24360 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_58070.1726192241.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_58070.1726192241.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=fabc1d9b5acf91e19aa39c9f85a3dc493477a4b783f7c9fa4f709f2a18c7f9e5&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T113620Z"}
[2025-12-09 19:36:20.958] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:36:20.958] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:36:20.959] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:36:20.959] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:36:20.959] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:36:20.960] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:36:20.968] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_58070.1726192241.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765308980967, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:36:20.968] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:36:24.081] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24361 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_38634.1726042297.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_38634.1726042297.jsonl?X-Amz-Expires=604800&X-Amz-Date=20251209T113623Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=43a90b3138e54e5cfe9ef454a077275b11b8155cf7fd1a68c5da0a211be27b83&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host"}
[2025-12-09 19:36:24.081] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:36:24.081] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:36:24.081] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:36:24.081] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:36:24.082] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:36:24.082] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:36:24.090] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_38634.1726042297.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765308984090, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:36:24.090] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:36:27.196] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25610 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_43725.1726042297.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_43725.1726042297.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=d4d11dc6dc67a6c79c7b1dfe7ed25862ba786611b4c7501881a6b5ebcaf094db&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T113626Z"}
[2025-12-09 19:36:27.196] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:36:27.196] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:36:27.197] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:36:27.197] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:36:27.197] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:36:27.198] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:36:27.206] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_43725.1726042297.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765308987205, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:36:27.206] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:36:30.317] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 23993 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_http_cat.pcap.UDP_192-168-52-2_53_192-168-52-129_45267.1726192105.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_http_cat.pcap.UDP_192-168-52-2_53_192-168-52-129_45267.1726192105.jsonl?X-Amz-Date=20251209T113629Z&X-Amz-Signature=5cef982e5a69139e5384f8c630ad329e9e3da6f90a8635252c60995e86203772&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 19:36:30.317] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:36:30.317] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:36:30.317] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:36:30.317] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:36:30.318] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:36:30.318] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:36:30.327] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_http_cat.pcap.UDP_192-168-52-2_53_192-168-52-129_45267.1726192105.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765308990326, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:36:30.327] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:36:33.427] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24362 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_http_cat.pcap.UDP_192-168-52-2_53_192-168-52-129_52385.1726192105.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_http_cat.pcap.UDP_192-168-52-2_53_192-168-52-129_52385.1726192105.jsonl?X-Amz-Signature=5f60cc9c8e1eeb309c9f3cebf61510ed361667ac8014d9893caecf51240147c8&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T113632Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:36:33.427] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:36:33.427] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:36:33.428] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:36:33.428] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:36:33.428] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:36:33.429] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:36:33.436] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_http_cat.pcap.UDP_192-168-52-2_53_192-168-52-129_52385.1726192105.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765308993435, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:36:33.436] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:36:36.530] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24363 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_http_ls.pcap.UDP_192-168-52-2_53_192-168-52-129_34303.1726192068.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_http_ls.pcap.UDP_192-168-52-2_53_192-168-52-129_34303.1726192068.jsonl?X-Amz-Signature=4745def512270310bf5eeb92acd65ecf50d2032e6762153b9901cbb7fa91cdc0&X-Amz-Date=20251209T113636Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:36:36.530] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:36:36.530] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:36:36.531] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:36:36.531] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:36:36.531] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:36:36.531] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:36:36.539] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_http_ls.pcap.UDP_192-168-52-2_53_192-168-52-129_34303.1726192068.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765308996538, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:36:36.539] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:36:39.631] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 23994 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_http_ls.pcap.UDP_192-168-52-2_53_192-168-52-129_60066.1726192068.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_http_ls.pcap.UDP_192-168-52-2_53_192-168-52-129_60066.1726192068.jsonl?X-Amz-Signature=006e7065ddbaace7b9302aa1a0e23ef3ea6e65bf77719d431e796de994a09def&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T113639Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 19:36:39.631] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:36:39.631] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:36:39.631] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:36:39.632] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:36:39.632] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:36:39.632] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:36:39.641] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_http_ls.pcap.UDP_192-168-52-2_53_192-168-52-129_60066.1726192068.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765308999640, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:36:39.641] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:36:42.748] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25611 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_https_cat.pcap.UDP_192-168-52-2_53_192-168-52-129_41939.1726042454.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_https_cat.pcap.UDP_192-168-52-2_53_192-168-52-129_41939.1726042454.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=6566b82e89f06bdec0dfe992b4e70b7525ac4fecd5ea30d30730957f5a1ba183&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T113642Z&X-Amz-Expires=604800"}
[2025-12-09 19:36:42.748] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:36:42.748] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:36:42.748] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:36:42.748] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:36:42.748] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:36:42.749] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:36:42.757] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_https_cat.pcap.UDP_192-168-52-2_53_192-168-52-129_41939.1726042454.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309002756, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:36:42.757] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:36:45.857] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25612 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_https_cat.pcap.UDP_192-168-52-2_53_192-168-52-129_55735.1726042454.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_https_cat.pcap.UDP_192-168-52-2_53_192-168-52-129_55735.1726042454.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=cbeff3258cb8f9780dbffaa92d44e26f7ad00fe2c644c0f5645dfd73328037db&X-Amz-Date=20251209T113645Z"}
[2025-12-09 19:36:45.857] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:36:45.857] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:36:45.857] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:36:45.857] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:36:45.857] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:36:45.858] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:36:45.866] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_https_cat.pcap.UDP_192-168-52-2_53_192-168-52-129_55735.1726042454.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309005865, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:36:45.866] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:36:48.975] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25613 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_https_ls.pcap.UDP_192-168-52-2_53_192-168-52-129_37527.1726042424.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_https_ls.pcap.UDP_192-168-52-2_53_192-168-52-129_37527.1726042424.jsonl?X-Amz-Signature=3ff3d452232913ba50f8be2c57f5a277367bb99f0f6b10a890c95c780d4bd296&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T113648Z&X-Amz-Expires=604800"}
[2025-12-09 19:36:48.975] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:36:48.976] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:36:48.976] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:36:48.976] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:36:48.976] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:36:48.977] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:36:48.985] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_https_ls.pcap.UDP_192-168-52-2_53_192-168-52-129_37527.1726042424.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309008984, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:36:48.985] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:36:52.096] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25614 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_https_ls.pcap.UDP_192-168-52-2_53_192-168-52-129_60160.1726042424.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_https_ls.pcap.UDP_192-168-52-2_53_192-168-52-129_60160.1726042424.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T113651Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=ec19065ebe3c61f95088e50c774b81931a796df4bd57e39a28cd0c5e2ca96ef7"}
[2025-12-09 19:36:52.096] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:36:52.096] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:36:52.097] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:36:52.097] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:36:52.097] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:36:52.098] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:36:52.106] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_https_ls.pcap.UDP_192-168-52-2_53_192-168-52-129_60160.1726042424.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309012105, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:36:52.106] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:36:55.197] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 23995 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_https_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_53411.1725954694.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_https_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_53411.1725954694.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T113654Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=525b7925f217fcb666e49695ab9e500ccb10c2e114af78baff6d9c71a761c37e"}
[2025-12-09 19:36:55.197] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:36:55.198] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:36:55.198] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:36:55.198] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:36:55.198] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:36:55.199] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:36:55.207] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_https_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_53411.1725954694.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309015206, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:36:55.207] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:36:58.306] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24364 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_https_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_57957.1725954694.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_https_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_57957.1725954694.jsonl?X-Amz-Expires=604800&X-Amz-Signature=5f7a14a1b50ee86d7a269cc9b91f7dfcaff5e4c4b1574cefd3b631b6c6f6fde7&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T113657Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host"}
[2025-12-09 19:36:58.306] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:36:58.306] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:36:58.307] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:36:58.307] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:36:58.307] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:36:58.308] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:36:58.316] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_https_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_57957.1725954694.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309018315, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:36:58.316] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:37:01.417] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24365 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_http_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_42613.1726192027.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_http_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_42613.1726192027.jsonl?X-Amz-Signature=ae355a733cfaf4b7ab7de19e976d0bcd78c4eb6ee55da09d7f1e4f2bff33cee7&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T113700Z"}
[2025-12-09 19:37:01.417] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:37:01.417] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:37:01.417] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:37:01.417] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:37:01.417] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:37:01.418] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:37:01.426] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_http_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_42613.1726192027.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309021426, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:37:01.426] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:37:04.529] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 23996 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_http_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_55400.1726192027.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_http_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_55400.1726192027.jsonl?X-Amz-Signature=90618efc76818d0bb75dcd7c1c88123fda24c2d7527de734de2f48c6248a5c39&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T113704Z"}
[2025-12-09 19:37:04.529] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:37:04.529] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:37:04.529] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:37:04.529] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:37:04.530] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:37:04.530] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:37:04.539] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_http_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_55400.1726192027.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309024538, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:37:04.539] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:37:07.648] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25615 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_whoami.pcap.TCP_192-168-52-1_21041_192-168-52-129_443.1725955218.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_whoami.pcap.TCP_192-168-52-1_21041_192-168-52-129_443.1725955218.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=808c7566967674f6b54963a523d5c734dd6eb6d30e7ef171b1b9a30f13d1b67f&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T113707Z"}
[2025-12-09 19:37:07.648] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:37:07.648] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:37:07.649] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:37:07.649] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:37:07.649] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:37:07.650] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:37:07.759] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_whoami.pcap.TCP_192-168-52-1_21041_192-168-52-129_443.1725955218.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309027758, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1725955218411554, "etime": 1725955218411554, "src_ip": "192.168.52.129", "dest_ip": "192.168.52.1", "src_port": 443, "dest_port": 21041, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:37:07.759] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:37:10.761] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24366 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-1_65094_239-255-255-250_1900.1726192252.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-1_65094_239-255-255-250_1900.1726192252.jsonl?X-Amz-Date=20251209T113710Z&X-Amz-Expires=604800&X-Amz-Signature=58f0bfd72a293361067972307adc530b2519e7a5157f587b15b41a5116dc4627&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 19:37:10.761] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:37:10.761] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:37:10.762] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:37:10.762] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:37:10.762] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:37:10.763] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:37:10.771] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-1_65094_239-255-255-250_1900.1726192252.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309030770, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:37:10.771] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:37:13.879] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 23997 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_domain_mogaizwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49264.1726045047.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_domain_mogaizwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49264.1726045047.jsonl?X-Amz-Signature=213fc7550602e4bef60e97244ded3ad6068eab10ee6fab411aa9971a1a605748&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T113713Z&X-Amz-Expires=604800"}
[2025-12-09 19:37:13.880] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:37:13.880] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:37:13.880] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:37:13.880] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:37:13.880] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:37:13.881] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:37:13.990] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_domain_mogaizwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49264.1726045047.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309033990, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726045047324732, "etime": 1726045047324732, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49264, "dest_port": 50050, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:37:13.990] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:37:16.989] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24367 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_IP.pcap.TCP_192-168-88-22_50050_192-168-88-30_49235.1726043314.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_IP.pcap.TCP_192-168-88-22_50050_192-168-88-30_49235.1726043314.jsonl?X-Amz-Expires=604800&X-Amz-Date=20251209T113716Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=221a227584ed2362e029552d46cc757e77e7f9bd09bf0f5388b53837dd44d365"}
[2025-12-09 19:37:16.989] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:37:16.989] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:37:16.989] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:37:16.989] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:37:16.989] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:37:16.990] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:37:17.091] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_IP.pcap.TCP_192-168-88-22_50050_192-168-88-30_49235.1726043314.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309037090, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726043314857611, "etime": 1726043314857611, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49235, "dest_port": 50050, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:37:17.091] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:37:20.103] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24368 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_domainzwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49217.1726040470.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_domainzwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49217.1726040470.jsonl?X-Amz-Date=20251209T113719Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=e34e7d69a8e46b8d4eeb17d48c88b6e2c961e9e742c35aeabec3e458c410f1d2&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 19:37:20.103] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:37:20.103] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:37:20.103] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:37:20.103] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:37:20.103] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:37:20.104] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:37:20.215] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_domainzwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49217.1726040470.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309040215, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726040470461471, "etime": 1726040470461471, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49217, "dest_port": 50050, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:37:20.215] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:37:23.219] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25616 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_IP.pcap.TCP_192-168-88-24_50050_192-168-88-30_49204.1726039121.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_IP.pcap.TCP_192-168-88-24_50050_192-168-88-30_49204.1726039121.jsonl?X-Amz-Expires=604800&X-Amz-Signature=30fd518a5c9d71f549bf22291ff70b033a19ee0eca2851a5aa39345f282d77d4&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T113722Z"}
[2025-12-09 19:37:23.219] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:37:23.219] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:37:23.219] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:37:23.219] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:37:23.219] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:37:23.220] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:37:23.330] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_IP.pcap.TCP_192-168-88-24_50050_192-168-88-30_49204.1726039121.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309043330, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726039121341960, "etime": 1726039121341960, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49204, "dest_port": 50050, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:37:23.330] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:37:26.322] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25617 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_domain_mogaizwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49259.1726044658.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_domain_mogaizwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49259.1726044658.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T113725Z&X-Amz-Expires=604800&X-Amz-Signature=a088539edbc15f282b9bc03ae0796d719db1d3dffbbc7ab9f1d4c3528f37cc50"}
[2025-12-09 19:37:26.322] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:37:26.322] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:37:26.322] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:37:26.322] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:37:26.322] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:37:26.323] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:37:26.428] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_domain_mogaizwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49259.1726044658.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309046428, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726044658246049, "etime": 1726044658246049, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49259, "dest_port": 50050, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:37:26.428] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:37:29.430] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25618 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_domain_mogaizwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49263.1726045043.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_domain_mogaizwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49263.1726045043.jsonl?X-Amz-Expires=604800&X-Amz-Date=20251209T113728Z&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=281bdc3dd83bc6468fc5d7fbf860fd47701432bdf6ef489f56c02c2a97a15204"}
[2025-12-09 19:37:29.431] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:37:29.431] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:37:29.431] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:37:29.431] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:37:29.431] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:37:29.432] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:37:29.540] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_domain_mogaizwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49263.1726045043.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309049540, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726045043846022, "etime": 1726045043846022, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49263, "dest_port": 50050, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:37:29.540] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:37:32.551] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 23998 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_IP.pcap.TCP_192-168-88-22_50050_192-168-88-30_49234.1726043311.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_IP.pcap.TCP_192-168-88-22_50050_192-168-88-30_49234.1726043311.jsonl?X-Amz-Date=20251209T113732Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=c3dc1ac6860b0ea3a1005dcc00849b1b41b7ff481c68bd3d8ebd218fe97b00b0&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:37:32.551] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:37:32.551] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:37:32.551] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:37:32.551] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:37:32.551] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:37:32.552] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:37:32.660] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_IP.pcap.TCP_192-168-88-22_50050_192-168-88-30_49234.1726043311.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309052659, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726043311975271, "etime": 1726043311975271, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49234, "dest_port": 50050, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:37:32.660] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:37:35.664] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 23999 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-129_68_192-168-52-254_67.1726192250.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-129_68_192-168-52-254_67.1726192250.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T113735Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=ee914b9e86b36199220d0b86d944486e8a5be2e3a79d588879b96d05c834d4b9&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 19:37:35.665] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:37:35.665] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:37:35.665] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:37:35.665] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:37:35.665] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:37:35.666] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:37:35.674] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-129_68_192-168-52-254_67.1726192250.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309055673, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:37:35.674] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:37:38.775] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24000 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_0-0-0-0_68_255-255-255-255_67.1726192250.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_0-0-0-0_68_255-255-255-255_67.1726192250.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T113738Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=65b70c6608c2450dcab8eea09594036078141639473768a845d760f2eea48b3e"}
[2025-12-09 19:37:38.775] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:37:38.775] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:37:38.775] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:37:38.776] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:37:38.776] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:37:38.776] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:37:38.785] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_0-0-0-0_68_255-255-255-255_67.1726192250.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309058784, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:37:38.785] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:37:41.885] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24369 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_http_cat.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726193428.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_http_cat.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726193428.jsonl?X-Amz-Expires=604800&X-Amz-Signature=09451af807d76ea4a7d5cfbd858cf16f29dcb78ac3943e841cca9c65cd46d982&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T113741Z&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:37:41.885] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:37:41.885] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:37:41.885] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:37:41.885] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:37:41.885] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:37:41.886] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:37:41.894] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_http_cat.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726193428.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309061893, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:37:41.894] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:37:45.002] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25619 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_http_ls.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726193404.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_http_ls.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726193404.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=651de260d419d2dd66d3a89e785b739b42727f02975dbdcca4bd434ccb63d70d&X-Amz-Date=20251209T113744Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:37:45.003] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:37:45.003] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:37:45.004] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:37:45.004] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:37:45.004] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:37:45.005] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:37:45.013] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_http_ls.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726193404.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309065012, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:37:45.013] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:37:48.140] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24370 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_https_cat.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726018271.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_https_cat.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726018271.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T113747Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=31772669147e030b1bb170bd3005bbd3d10b550c4b2e11e102c6338ba8579018"}
[2025-12-09 19:37:48.140] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:37:48.140] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:37:48.141] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:37:48.141] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:37:48.141] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:37:48.141] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:37:48.149] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_https_cat.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726018271.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309068148, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:37:48.149] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:37:51.250] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24371 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai1_http_cat.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726193257.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai1_http_cat.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726193257.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T113750Z&X-Amz-Expires=604800&X-Amz-Signature=4c4890c38840c936b0a6fa8dc716a9b94e3d990bfb892af51b1eadd399ddc06d"}
[2025-12-09 19:37:51.250] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:37:51.250] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:37:51.250] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:37:51.250] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:37:51.250] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:37:51.251] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:37:51.259] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai1_http_cat.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726193257.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309071259, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:37:51.259] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:37:54.370] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24372 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai1_https_cat.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726041739.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai1_https_cat.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726041739.jsonl?X-Amz-Signature=ddffef7172f6e96f8a44eeeb2dcc8e49d3469955537ad8f2073cb022c37f99ac&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T113753Z"}
[2025-12-09 19:37:54.370] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:37:54.370] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:37:54.370] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:37:54.370] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:37:54.370] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:37:54.371] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:37:54.379] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai1_https_cat.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726041739.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309074378, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:37:54.379] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:37:57.484] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25620 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai_http_cat.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726192509.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai_http_cat.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726192509.jsonl?X-Amz-Date=20251209T113756Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=f0399a4d3de548e30c7731caec7964d4c137a21bb67e0686ed8c65becdf014a3&X-Amz-SignedHeaders=host"}
[2025-12-09 19:37:57.484] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:37:57.484] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:37:57.484] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:37:57.484] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:37:57.484] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:37:57.485] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:37:57.493] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai_http_cat.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726192509.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309077493, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:37:57.493] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:38:00.596] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24373 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogaitls1.2_cat.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726041863.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogaitls1.2_cat.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726041863.jsonl?X-Amz-Date=20251209T113800Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=36cc676e969ccb981be9501c8502dc6163add64a9ba44d12766939ebf3f171d2"}
[2025-12-09 19:38:00.597] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:38:00.597] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:38:00.597] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:38:00.597] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:38:00.597] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:38:00.598] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:38:00.606] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogaitls1.2_cat.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726041863.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309080605, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:38:00.606] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:38:03.710] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24001 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai_tls1.2_cat.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726042777.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai_tls1.2_cat.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726042777.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T113803Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=f61fc2c826295cfc72e0411282c4794f5020e631f417abf26d24243d2832ad68"}
[2025-12-09 19:38:03.710] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:38:03.710] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:38:03.710] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:38:03.710] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:38:03.710] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:38:03.711] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:38:03.720] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai_tls1.2_cat.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726042777.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309083719, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:38:03.720] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:38:06.824] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24374 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogaitls1.2_ls.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726041838.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogaitls1.2_ls.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726041838.jsonl?X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=e25f5e010512b3bd61a057fadd1edff07e307c21e885843f324659c811669504&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T113806Z"}
[2025-12-09 19:38:06.824] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:38:06.824] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:38:06.825] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:38:06.825] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:38:06.825] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:38:06.826] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:38:06.834] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogaitls1.2_ls.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726041838.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309086833, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:38:06.834] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:38:09.943] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24002 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_ls.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726192278.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_ls.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726192278.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T113809Z&X-Amz-SignedHeaders=host&X-Amz-Signature=2026d31eab39c11b204f7e18c6eceec5573b66a887a28a499a1c4851194ccc86"}
[2025-12-09 19:38:09.943] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:38:09.943] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:38:09.943] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:38:09.943] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:38:09.943] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:38:09.944] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:38:09.952] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_ls.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726192278.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309089951, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:38:09.952] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:38:13.059] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24003 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726192245.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726192245.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=096cb95c79a0f6ebd881a49cdbef0f5ae6bf91549f587b66d93e918d9e1a2553&X-Amz-Expires=604800&X-Amz-Date=20251209T113812Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:38:13.059] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:38:13.059] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:38:13.059] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:38:13.059] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:38:13.059] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:38:13.060] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:38:13.068] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726192245.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309093067, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:38:13.068] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:38:16.171] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24004 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_http_ls.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726192066.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_http_ls.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726192066.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T113815Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=374337807bd78df99dc59beb07f824edc94cfb08a226b7e30643a8dd72a9635f"}
[2025-12-09 19:38:16.171] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:38:16.171] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:38:16.171] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:38:16.171] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:38:16.171] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:38:16.172] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:38:16.181] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_http_ls.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726192066.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309096180, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:38:16.181] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:38:19.280] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25621 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_https_ls.pcap.TCP_192-168-52-1_11584_192-168-52-129_443.1726018234.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_https_ls.pcap.TCP_192-168-52-1_11584_192-168-52-129_443.1726018234.jsonl?X-Amz-Signature=d08dfe4347510fa426c13cc10c744b30e90cd55e5142e65605ed886bc1c4b485&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T113818Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host"}
[2025-12-09 19:38:19.280] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:38:19.280] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:38:19.280] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:38:19.280] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:38:19.280] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:38:19.281] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:38:19.383] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_https_ls.pcap.TCP_192-168-52-1_11584_192-168-52-129_443.1726018234.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309099383, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726018234032888, "etime": 1726018234032888, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 11584, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:38:19.383] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:38:22.398] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25622 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http.pcap.TCP_192-168-112-1_54340_192-168-112-135_20846.1727254863.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http.pcap.TCP_192-168-112-1_54340_192-168-112-135_20846.1727254863.jsonl?X-Amz-Expires=604800&X-Amz-Signature=1eb08c2a5175af2230c74c20e682538cffd2b91e78c7bc1c9f41728a18addc8d&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T113821Z"}
[2025-12-09 19:38:22.398] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:38:22.398] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:38:22.399] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:38:22.399] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:38:22.399] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:38:22.400] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:38:22.512] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http.pcap.TCP_192-168-112-1_54340_192-168-112-135_20846.1727254863.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309102511, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727254863413480, "etime": 1727254863413480, "src_ip": "192.168.112.135", "dest_ip": "192.168.112.1", "src_port": 20846, "dest_port": 54340, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:38:22.512] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:38:25.499] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24375 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_54435.1726192250.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_54435.1726192250.jsonl?X-Amz-Date=20251209T113824Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=cf52fadee9d745921b27d314d81377e8f85b83130a4cf875eae21c55a469704c&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:38:25.499] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:38:25.499] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:38:25.500] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:38:25.500] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:38:25.500] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:38:25.501] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:38:25.508] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_54435.1726192250.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309105507, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:38:25.508] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:38:28.610] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25623 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_38760.1726192250.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_38760.1726192250.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T113828Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=11003c7589ead6803309140c890888f15544752f37b02f4f95350aef68840133&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:38:28.610] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:38:28.610] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:38:28.610] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:38:28.610] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:38:28.610] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:38:28.611] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:38:28.618] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-2_53_192-168-52-129_38760.1726192250.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309108617, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:38:28.618] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:38:31.718] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25624 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_ls.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726042646.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_ls.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726042646.jsonl?X-Amz-Signature=c1806f2ba10bacd5f757f07bde377099a33518ec61da44e79ab3e66f666a1a96&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T113831Z"}
[2025-12-09 19:38:31.719] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:38:31.719] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:38:31.719] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:38:31.719] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:38:31.719] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:38:31.720] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:38:31.728] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_ls.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726042646.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309111727, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:38:31.728] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:38:34.839] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25625 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.TCP_192-168-52-1_11473_192-168-52-129_38483.1726192244.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.TCP_192-168-52-1_11473_192-168-52-129_38483.1726192244.jsonl?X-Amz-Date=20251209T113834Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=2b35b3e6d3c9f68a62194b10fe69d455d1a5082626f7fbb5c245ce627563a5e5"}
[2025-12-09 19:38:34.839] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:38:34.839] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:38:34.839] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:38:34.839] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:38:34.839] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:38:34.840] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:38:34.946] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.TCP_192-168-52-1_11473_192-168-52-129_38483.1726192244.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309114946, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726192244656637, "etime": 1726192244656637, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 11473, "dest_port": 38483, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:38:34.946] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:38:37.956] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24376 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_91-189-91-157_123_192-168-52-129_51324.1726192250.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_91-189-91-157_123_192-168-52-129_51324.1726192250.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T113837Z&X-Amz-Signature=3b7468f9c0fa4f7d3e4c77ff9090dae915adf18c0066a3d28718ab44b8e9d8e0&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host"}
[2025-12-09 19:38:37.956] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:38:37.956] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:38:37.956] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:38:37.956] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:38:37.956] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:38:37.957] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:38:37.965] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_91-189-91-157_123_192-168-52-129_51324.1726192250.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309117964, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:38:37.965] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:38:41.078] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24377 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-1_54490_239-255-255-250_1900.1726192244.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-1_54490_239-255-255-250_1900.1726192244.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T113840Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=232b665efd4c6e894dc49e09772989b6626a7612eb8a99fa363d850ea67e53db"}
[2025-12-09 19:38:41.078] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:38:41.078] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:38:41.078] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:38:41.078] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:38:41.079] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:38:41.079] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:38:41.088] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-1_54490_239-255-255-250_1900.1726192244.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309121087, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:38:41.088] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:38:44.180] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25626 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_http_ls.pcap.TCP_192-168-52-1_13283_192-168-52-129_38483.1726193408.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_http_ls.pcap.TCP_192-168-52-1_13283_192-168-52-129_38483.1726193408.jsonl?X-Amz-Date=20251209T113843Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=ed0fed9ca23c9046eea13b1c65232a8da968ab8ff7cc4466fa4427a0d1f4bd71&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:38:44.180] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:38:44.180] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:38:44.180] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:38:44.180] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:38:44.180] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:38:44.181] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:38:44.292] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_http_ls.pcap.TCP_192-168-52-1_13283_192-168-52-129_38483.1726193408.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309124291, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726193408707486, "etime": 1726193408707486, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 13283, "dest_port": 38483, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:38:44.292] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:38:47.294] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24378 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_tls1.2_cat.pcap.TCP_192-168-52-1_12200_192-168-52-129_38483.1726018581.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_tls1.2_cat.pcap.TCP_192-168-52-1_12200_192-168-52-129_38483.1726018581.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=d331e3d50bf9463253bf7852563c1d89463f59ddfe37da313fa42acc53d757e6&X-Amz-Date=20251209T113846Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 19:38:47.294] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:38:47.294] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:38:47.294] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:38:47.294] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:38:47.294] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:38:47.295] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:38:47.407] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_tls1.2_cat.pcap.TCP_192-168-52-1_12200_192-168-52-129_38483.1726018581.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309127406, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726018581059153, "etime": 1726018581059153, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 12200, "dest_port": 38483, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:38:47.407] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:38:50.411] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24379 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_tls1.2_ls.pcap.TCP_192-168-52-1_12200_192-168-52-129_38483.1726018536.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_tls1.2_ls.pcap.TCP_192-168-52-1_12200_192-168-52-129_38483.1726018536.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T113849Z&X-Amz-Signature=5388f4e9ff34e2cad1dfab73201dad6367be0db8c93f9cc04df2b6d0e37802c6"}
[2025-12-09 19:38:50.411] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:38:50.411] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:38:50.411] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:38:50.411] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:38:50.411] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:38:50.412] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:38:50.521] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_tls1.2_ls.pcap.TCP_192-168-52-1_12200_192-168-52-129_38483.1726018536.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309130520, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726018536049428, "etime": 1726018536049428, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 12200, "dest_port": 38483, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:38:50.521] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:38:53.526] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24005 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__http_ls.pcap.TCP_192-168-52-1_11853_192-168-52-129_38483.1726192481.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__http_ls.pcap.TCP_192-168-52-1_11853_192-168-52-129_38483.1726192481.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=95c28de0383322578315e15a180188adbfe7f0a79570fb628640b9090a7962b5&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T113853Z&X-Amz-Expires=604800"}
[2025-12-09 19:38:53.526] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:38:53.526] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:38:53.526] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:38:53.526] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:38:53.526] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:38:53.527] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:38:53.640] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__http_ls.pcap.TCP_192-168-52-1_11853_192-168-52-129_38483.1726192481.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309133640, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726192481442874, "etime": 1726192481442874, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 11853, "dest_port": 38483, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:38:53.641] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:38:56.636] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25627 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_cat.pcap.TCP_192-168-52-1_42674_192-168-52-129_38483.1726042673.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_cat.pcap.TCP_192-168-52-1_42674_192-168-52-129_38483.1726042673.jsonl?X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=f6898d9820d8e694ff5c82c62a4975d07e3f005f87f080c2f261eb49a31053eb&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T113856Z&X-Amz-Expires=604800"}
[2025-12-09 19:38:56.636] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:38:56.636] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:38:56.636] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:38:56.636] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:38:56.636] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:38:56.637] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:38:56.745] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_cat.pcap.TCP_192-168-52-1_42674_192-168-52-129_38483.1726042673.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309136744, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726042673445463, "etime": 1726042673445463, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 42674, "dest_port": 38483, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:38:56.745] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:38:59.748] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24006 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_cat.pcap.TCP_192-168-52-1_42675_192-168-52-129_38483.1726042673.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_cat.pcap.TCP_192-168-52-1_42675_192-168-52-129_38483.1726042673.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T113859Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=7003fc5b4be39333844e845433a4582e7b2d397c9ebef0b7a0cd093edc54b9fa"}
[2025-12-09 19:38:59.749] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:38:59.749] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:38:59.749] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:38:59.749] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:38:59.749] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:38:59.750] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:38:59.859] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_cat.pcap.TCP_192-168-52-1_42675_192-168-52-129_38483.1726042673.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309139859, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726042673460671, "etime": 1726042673460671, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 42675, "dest_port": 38483, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:38:59.859] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:39:02.864] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25628 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_cat.pcap.TCP_192-168-52-1_42677_192-168-52-129_38483.1726042673.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_cat.pcap.TCP_192-168-52-1_42677_192-168-52-129_38483.1726042673.jsonl?X-Amz-Date=20251209T113902Z&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=60cc6b3897e44fab00e8b0460733f6e02dfb96baaa64c4c4e74fd0fe0d12b3c1&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:39:02.864] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:39:02.864] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:39:02.864] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:39:02.865] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:39:02.865] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:39:02.865] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:39:02.972] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_cat.pcap.TCP_192-168-52-1_42677_192-168-52-129_38483.1726042673.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309142972, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726042673445463, "etime": 1726042673445463, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 42677, "dest_port": 38483, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:39:02.972] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:39:05.976] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25629 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai_tls1.2_whoami.pcap.TCP_192-168-52-1_42676_192-168-52-129_38483.1726042729.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai_tls1.2_whoami.pcap.TCP_192-168-52-1_42676_192-168-52-129_38483.1726042729.jsonl?X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=5ebe8e35c2f3d7bb619c8ea927938436ba8ea42e5b1a66f5b47d96e4604faa25&X-Amz-Date=20251209T113905Z&X-Amz-Expires=604800"}
[2025-12-09 19:39:05.977] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:39:05.977] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:39:05.977] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:39:05.977] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:39:05.977] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:39:05.978] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:39:06.090] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai_tls1.2_whoami.pcap.TCP_192-168-52-1_42676_192-168-52-129_38483.1726042729.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309146089, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726042729792111, "etime": 1726042729792111, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 42676, "dest_port": 38483, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:39:06.090] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:39:09.092] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24380 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_https_whoami.pcap.TCP_192-168-52-1_19948_192-168-52-129_38483.1725954691.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_https_whoami.pcap.TCP_192-168-52-1_19948_192-168-52-129_38483.1725954691.jsonl?X-Amz-Date=20251209T113908Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=b5b14265fec14d791c7ee8357982dab83955188ee4f7904e4e736c4b80b2ccbc"}
[2025-12-09 19:39:09.092] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:39:09.093] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:39:09.093] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:39:09.093] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:39:09.093] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:39:09.094] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:39:09.202] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_https_whoami.pcap.TCP_192-168-52-1_19948_192-168-52-129_38483.1725954691.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309149202, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1725954691054507, "etime": 1725954691054507, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 19948, "dest_port": 38483, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:39:09.202] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:39:12.204] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24381 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https.pcap.TCP_192-168-112-1_54340_192-168-112-135_20846.1727254938.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https.pcap.TCP_192-168-112-1_54340_192-168-112-135_20846.1727254938.jsonl?X-Amz-Signature=c938fa8ca43cd68cfce549b3d3681c3a0e9ad57f37860f51d6a11d44ad170772&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T113911Z&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:39:12.204] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:39:12.204] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:39:12.204] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:39:12.204] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:39:12.204] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:39:12.205] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:39:12.314] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https.pcap.TCP_192-168-112-1_54340_192-168-112-135_20846.1727254938.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309152314, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727254938161916, "etime": 1727254938161916, "src_ip": "192.168.112.135", "dest_ip": "192.168.112.1", "src_port": 20846, "dest_port": 54340, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:39:12.314] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:39:15.319] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24382 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_https.pcap.TCP_192-168-112-1_54842_192-168-112-135_8080.1726627265.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_https.pcap.TCP_192-168-112-1_54842_192-168-112-135_8080.1726627265.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=4c9298f5e5d7b04b2a29fc3dfbe6205ebd6f6b37f341c61bc453b251cfc15b07&X-Amz-Date=20251209T113914Z"}
[2025-12-09 19:39:15.319] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:39:15.319] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:39:15.319] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:39:15.319] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:39:15.319] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:39:15.320] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:39:15.429] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_https.pcap.TCP_192-168-112-1_54842_192-168-112-135_8080.1726627265.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309155428, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726627265769114, "etime": 1726627265769114, "src_ip": "192.168.112.135", "dest_ip": "192.168.112.1", "src_port": 8080, "dest_port": 54842, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:39:15.429] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:39:18.430] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25630 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_https.pcap.TCP_192-168-112-1_54843_192-168-112-135_8080.1726627265.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_https.pcap.TCP_192-168-112-1_54843_192-168-112-135_8080.1726627265.jsonl?X-Amz-Date=20251209T113917Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=d4128275d1d59d31a7c4948fd928f0034e24d9fe74c64b819d33bc374585b8c3&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 19:39:18.430] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:39:18.430] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:39:18.431] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:39:18.431] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:39:18.431] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:39:18.432] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:39:18.540] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_https.pcap.TCP_192-168-112-1_54843_192-168-112-135_8080.1726627265.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309158540, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726627265768974, "etime": 1726627265768974, "src_ip": "192.168.112.135", "dest_ip": "192.168.112.1", "src_port": 8080, "dest_port": 54843, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:39:18.540] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:39:21.532] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24383 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_cat.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726042672.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_cat.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726042672.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=0d21f377f4ca462425da14c50bb12b425cc2ab02d0e484e048b18e8a4b88401c&X-Amz-Date=20251209T113921Z&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:39:21.532] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:39:21.532] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:39:21.532] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:39:21.532] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:39:21.532] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:39:21.533] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:39:21.541] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_cat.pcap.UDP_192-168-52-1_137_192-168-52-255_137.1726042672.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309161540, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:39:21.541] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:39:24.646] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25631 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_fe80--59b3-66e0-f7a8-70f8_61594_ff02--1-3_5355.1726192245.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_fe80--59b3-66e0-f7a8-70f8_61594_ff02--1-3_5355.1726192245.jsonl?X-Amz-Date=20251209T113924Z&X-Amz-Signature=4431c75c67d92a8182924e6fe44d8c6f84a5721733acf386e068e69584f213df&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 19:39:24.646] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:39:24.646] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:39:24.646] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:39:24.646] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:39:24.646] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:39:24.647] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:39:24.655] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_fe80--59b3-66e0-f7a8-70f8_61594_ff02--1-3_5355.1726192245.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309164654, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:39:24.655] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:39:27.760] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24384 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_fe80--59b3-66e0-f7a8-70f8_63753_ff02--1-3_5355.1726192245.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_fe80--59b3-66e0-f7a8-70f8_63753_ff02--1-3_5355.1726192245.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T113927Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=03377465a91cba5e5296bd5d4fe7b034d31b2873bea855c5eecf8ac535489c13"}
[2025-12-09 19:39:27.760] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:39:27.760] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:39:27.760] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:39:27.760] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:39:27.760] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:39:27.761] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:39:27.769] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_fe80--59b3-66e0-f7a8-70f8_63753_ff02--1-3_5355.1726192245.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309167769, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:39:27.770] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:39:30.869] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24007 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-1_61594_224-0-0-252_5355.1726192245.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-1_61594_224-0-0-252_5355.1726192245.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T113930Z&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=e20055d454358c4577a4239b68fa68459077452ce606e40dd1bb681809e16cbb"}
[2025-12-09 19:39:30.869] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:39:30.869] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:39:30.869] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:39:30.869] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:39:30.869] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:39:30.870] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:39:30.878] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-1_61594_224-0-0-252_5355.1726192245.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309170878, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:39:30.878] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:39:33.978] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25632 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-1_63753_224-0-0-252_5355.1726192245.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-1_63753_224-0-0-252_5355.1726192245.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=3d0653ddbb18c58921beee9c4267deb900ea8853d7f800e73c008a710e2efa39&X-Amz-Date=20251209T113933Z&X-Amz-Expires=604800"}
[2025-12-09 19:39:33.978] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:39:33.978] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:39:33.978] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:39:33.978] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:39:33.978] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:39:33.979] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:39:33.987] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-1_63753_224-0-0-252_5355.1726192245.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309173987, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:39:33.987] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:41:50.853] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24385 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51265.1726800660.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51265.1726800660.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=12ea5047449da5da6dfc8f91701ba021f3c4c58b7008d9932a226a054a27818d&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114150Z"}
[2025-12-09 19:41:50.854] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:41:50.854] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:41:50.854] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:41:50.854] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:41:50.854] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:41:50.855] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:41:50.968] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51265.1726800660.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309310967, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726800660944253, "etime": 1726800660944253, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51265, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:41:50.968] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:41:50.968] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:41:50.968] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:41:53.968] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24008 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51762.1726813550.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51762.1726813550.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Date=20251209T114153Z&X-Amz-SignedHeaders=host&X-Amz-Signature=a22fbec18fa261f3905f75118f2f072a0532114c5523b58c38562af8a20db57d&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:41:53.968] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:41:53.968] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:41:53.969] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:41:53.969] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:41:53.969] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:41:53.970] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:41:54.078] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51762.1726813550.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309314078, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726813550942625, "etime": 1726813550942625, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51762, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:41:54.078] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:41:54.078] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:41:54.078] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:41:57.085] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25633 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51865.1726816544.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51865.1726816544.jsonl?X-Amz-Expires=604800&X-Amz-Signature=4eedffc16ab484b3ca1421ec37841026bda27c7f942c0275cadcd08a25247701&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114156Z&X-Amz-SignedHeaders=host"}
[2025-12-09 19:41:57.085] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:41:57.085] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:41:57.085] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:41:57.085] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:41:57.085] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:41:57.086] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:41:57.195] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51865.1726816544.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309317195, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726816544146461, "etime": 1726816544146461, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51865, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:41:57.195] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:41:57.195] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:41:57.195] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:42:00.198] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25634 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51871.1726816695.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51871.1726816695.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=e66e0877b4f8e654d88deac6990d15111acd66e1753436ab4eb594acdf2f9f83&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114159Z&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:42:00.198] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:42:00.198] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:42:00.198] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:42:00.198] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:42:00.198] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:42:00.199] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:42:00.314] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51871.1726816695.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309320313, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726816695962690, "etime": 1726816695962690, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51871, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:42:00.314] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:42:00.314] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:42:00.314] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:42:03.314] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25635 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51109.1726795427.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51109.1726795427.jsonl?X-Amz-Date=20251209T114202Z&X-Amz-Signature=a9ea5037fdd88a54f569ef4ae43ec3a05f56b6cb5e79dd33e35b8dd2c3748f57&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:42:03.314] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:42:03.314] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:42:03.314] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:42:03.314] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:42:03.314] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:42:03.315] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:42:03.420] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51109.1726795427.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309323420, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726795427218369, "etime": 1726795427218369, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51109, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:42:03.421] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:42:03.421] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:42:03.421] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:42:06.431] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24386 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51115.1726795578.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51115.1726795578.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=43e3aeb64b2701364a1950292e951a0162c870613ed3052da76ed5fe3524e30f&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114205Z&X-Amz-Expires=604800"}
[2025-12-09 19:42:06.432] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:42:06.432] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:42:06.432] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:42:06.432] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:42:06.432] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:42:06.433] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:42:06.548] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51115.1726795578.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309326548, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726795578971037, "etime": 1726795578971037, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51115, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:42:06.548] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:42:06.548] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:42:06.548] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:42:09.572] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25636 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51817.1726815043.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51817.1726815043.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=1eec96020285efdf706b9190dd83d9e1d87a86c6f8b8f526c12c2a86d34a002d&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T114209Z"}
[2025-12-09 19:42:09.573] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:42:09.573] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:42:09.573] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:42:09.573] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:42:09.573] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:42:09.574] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:42:09.685] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51817.1726815043.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309329684, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726815043086014, "etime": 1726815043086014, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51817, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:42:09.685] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:42:09.685] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:42:09.685] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:42:12.686] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24387 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51765.1726813641.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51765.1726813641.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=678b1491b45730e0964ea776c6e5ea1ec61fa86c431ed5fd91365a95f3d418ef&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T114212Z&X-Amz-Expires=604800"}
[2025-12-09 19:42:12.686] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:42:12.686] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:42:12.687] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:42:12.687] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:42:12.687] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:42:12.687] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:42:12.798] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51765.1726813641.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309332797, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726813641874483, "etime": 1726813641874483, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51765, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:42:12.798] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:42:12.798] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:42:12.798] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:42:15.796] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24009 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51771.1726813793.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51771.1726813793.jsonl?X-Amz-Signature=a9a86c3ba687c8d6cc3afd77958e036e5be826d48279c38a7b803f2fe077a615&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114215Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 19:42:15.796] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:42:15.796] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:42:15.797] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:42:15.797] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:42:15.797] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:42:15.797] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:42:15.894] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51771.1726813793.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309335894, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726813793688295, "etime": 1726813793688295, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51771, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:42:15.894] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:42:15.894] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:42:15.894] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:42:18.914] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25637 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51219.1726799511.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51219.1726799511.jsonl?X-Amz-Signature=3d852e7039763173974f94202e2c60b9cc2475c7fea38aee0271fe9b18547f6a&X-Amz-Date=20251209T114218Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:42:18.914] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:42:18.914] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:42:18.914] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:42:18.914] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:42:18.914] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:42:18.915] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:42:19.025] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51219.1726799511.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309339024, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726799511389872, "etime": 1726799511389872, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51219, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:42:19.025] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:42:19.025] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:42:19.025] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:42:22.017] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24010 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51225.1726799663.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51225.1726799663.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=7c5cf1e64df68b1dc05c61cbe05f7476939227b0fb86b08f3524a077fd2dab14&X-Amz-Date=20251209T114221Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 19:42:22.017] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:42:22.017] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:42:22.017] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:42:22.017] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:42:22.017] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:42:22.018] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:42:22.123] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51225.1726799663.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309342122, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726799663177744, "etime": 1726799663177744, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51225, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:42:22.123] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:42:22.123] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:42:22.123] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:42:25.130] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25638 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_https.pcap.TCP_192-168-112-1_54847_192-168-112-135_8443.1726627266.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_https.pcap.TCP_192-168-112-1_54847_192-168-112-135_8443.1726627266.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=aa51c7ac181bbdaef08958dd9f61841f42451abfedf8af46a3e65bdc16107863&X-Amz-Date=20251209T114224Z"}
[2025-12-09 19:42:25.131] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:42:25.131] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:42:25.131] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:42:25.131] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:42:25.131] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:42:25.132] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:42:25.244] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_https.pcap.TCP_192-168-112-1_54847_192-168-112-135_8443.1726627266.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309345244, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726627266097915, "etime": 1726627266097915, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 54847, "dest_port": 8443, "protocol": "tls", "result": "Godzilla"}]}
[2025-12-09 19:42:25.244] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:42:25.244] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:42:25.244] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:42:28.253] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25639 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-tls1.3.pcap.TCP_10-0-4-15_443_218-26-55-102_43320.1726308954.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-tls1.3.pcap.TCP_10-0-4-15_443_218-26-55-102_43320.1726308954.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=ef729db322e859d763a0ae98e0d808222e032314494b57647aca273814f647ab&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T114227Z"}
[2025-12-09 19:42:28.254] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:42:28.254] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:42:28.254] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:42:28.254] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:42:28.254] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:42:28.255] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:42:28.362] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-tls1.3.pcap.TCP_10-0-4-15_443_218-26-55-102_43320.1726308954.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309348361, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726308954434671, "etime": 1726308954434671, "src_ip": "218.26.55.102", "dest_ip": "10.0.4.15", "src_port": 43320, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:42:28.362] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:42:31.367] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25640 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_http-1.pcap.TCP_192-168-163-21_41406_192-168-163-23_80.1726204637.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_http-1.pcap.TCP_192-168-163-21_41406_192-168-163-23_80.1726204637.jsonl?X-Amz-Date=20251209T114230Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=ec8410ece206c4d7c320fc55ee1f5a2ade77c2095789e345f1649cb273218a2b&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:42:31.367] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:42:31.367] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:42:31.368] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:42:31.368] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:42:31.368] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:42:31.368] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:42:31.478] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_http-1.pcap.TCP_192-168-163-21_41406_192-168-163-23_80.1726204637.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309351478, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726204637187979, "etime": 1726204637187979, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 41406, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:42:31.478] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:42:34.477] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24011 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_http-1.pcap.TCP_192-168-163-21_41741_192-168-163-23_80.1726206262.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_http-1.pcap.TCP_192-168-163-21_41741_192-168-163-23_80.1726206262.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T114233Z&X-Amz-Expires=604800&X-Amz-Signature=4e5ef256ad716446a965c1f1f72a59d35f272e01b69e5e1657420c86c8c221c6"}
[2025-12-09 19:42:34.477] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:42:34.477] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:42:34.477] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:42:34.477] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:42:34.477] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:42:34.478] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:42:34.576] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_http-1.pcap.TCP_192-168-163-21_41741_192-168-163-23_80.1726206262.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309354576, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726206262355792, "etime": 1726206262355792, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 41741, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:42:34.576] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:42:37.589] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24388 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_http-1.pcap.TCP_192-168-163-21_41359_192-168-163-23_80.1726204301.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_http-1.pcap.TCP_192-168-163-21_41359_192-168-163-23_80.1726204301.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114237Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=d645e54294e1e8456e8bf42698d0ba56812de17f474656da91d3cb8e8559fa88"}
[2025-12-09 19:42:37.589] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:42:37.589] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:42:37.589] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:42:37.589] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:42:37.589] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:42:37.590] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:42:37.702] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_http-1.pcap.TCP_192-168-163-21_41359_192-168-163-23_80.1726204301.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309357701, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726204301478595, "etime": 1726204301478595, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 41359, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:42:37.702] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:42:40.711] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24389 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_http-1.pcap.TCP_192-168-163-21_41729_192-168-163-23_80.1726206210.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_http-1.pcap.TCP_192-168-163-21_41729_192-168-163-23_80.1726206210.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=140b2ff2e15195eb65e7d1ae1016619c5dd65ab9887453b1b21ba76d9d8332c0&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114240Z&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:42:40.712] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:42:40.712] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:42:40.712] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:42:40.712] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:42:40.712] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:42:40.713] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:42:40.824] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_http-1.pcap.TCP_192-168-163-21_41729_192-168-163-23_80.1726206210.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309360823, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726206210302763, "etime": 1726206210302763, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 41729, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:42:40.824] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:42:43.831] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24012 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_http-1.pcap.TCP_192-168-163-21_41419_192-168-163-23_80.1726204676.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_http-1.pcap.TCP_192-168-163-21_41419_192-168-163-23_80.1726204676.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T114243Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=9e951e33c0ce41d176648019ed0c123e98a8c72908721817081d2f9de724ea6e&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:42:43.831] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:42:43.831] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:42:43.831] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:42:43.831] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:42:43.831] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:42:43.832] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:42:43.942] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_http-1.pcap.TCP_192-168-163-21_41419_192-168-163-23_80.1726204676.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309363941, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726204676155207, "etime": 1726204676155207, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 41419, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:42:43.942] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:42:46.943] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24013 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_http-1.pcap.TCP_192-168-163-21_41744_192-168-163-23_80.1726206276.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_http-1.pcap.TCP_192-168-163-21_41744_192-168-163-23_80.1726206276.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114246Z&X-Amz-Signature=b369e4a8cf2deb20d32ce376f02ab5cbc533502ed8de858c19646b93b3affaed"}
[2025-12-09 19:42:46.943] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:42:46.943] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:42:46.943] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:42:46.943] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:42:46.943] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:42:46.944] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:42:47.053] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_http-1.pcap.TCP_192-168-163-21_41744_192-168-163-23_80.1726206276.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309367053, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726206276513202, "etime": 1726206276513202, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 41744, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:42:47.053] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:42:50.055] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25641 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID74_godzilla_2.96_aspx_windowsserver2008r2.pcap.UDP_fe80--44cc-94ba-3a1b-84ca_5353_ff02--fb_5353.1726129620.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID74_godzilla_2.96_aspx_windowsserver2008r2.pcap.UDP_fe80--44cc-94ba-3a1b-84ca_5353_ff02--fb_5353.1726129620.jsonl?X-Amz-Date=20251209T114249Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=8159544d87768ace0074183faba2240c95a35fbc2147f05561fe3e8a0b3fd917&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:42:50.056] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:42:50.056] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:42:50.056] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:42:50.056] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:42:50.056] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:42:50.057] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:42:50.065] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID74_godzilla_2.96_aspx_windowsserver2008r2.pcap.UDP_fe80--44cc-94ba-3a1b-84ca_5353_ff02--fb_5353.1726129620.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309370064, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:42:50.065] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:42:53.170] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25642 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID75_godzilla_3.0.3_aspx_windowsserver2008r2.pcap.UDP_fe80--44cc-94ba-3a1b-84ca_5353_ff02--fb_5353.1726129499.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID75_godzilla_3.0.3_aspx_windowsserver2008r2.pcap.UDP_fe80--44cc-94ba-3a1b-84ca_5353_ff02--fb_5353.1726129499.jsonl?X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T114252Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=b170a8e03a0a3d4a5bf0cf1324e7f5c07b82a3b135d9b2a88b47146ed5594f67"}
[2025-12-09 19:42:53.170] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:42:53.170] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:42:53.170] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:42:53.170] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:42:53.170] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:42:53.171] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:42:53.179] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID75_godzilla_3.0.3_aspx_windowsserver2008r2.pcap.UDP_fe80--44cc-94ba-3a1b-84ca_5353_ff02--fb_5353.1726129499.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309373178, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:42:53.179] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:42:56.287] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24390 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-https.pcap.UDP_10-0-4-15_3389_111-53-218-171_51842.1726283914.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-https.pcap.UDP_10-0-4-15_3389_111-53-218-171_51842.1726283914.jsonl?X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T114255Z&X-Amz-Expires=604800&X-Amz-Signature=15bb8e2f55e7b18dd7aa1d30491b42e7fb2b0042ab5d7a6fa975ec13b6e0907e"}
[2025-12-09 19:42:56.288] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:42:56.288] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:42:56.288] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:42:56.288] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:42:56.288] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:42:56.289] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:42:56.297] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-https.pcap.UDP_10-0-4-15_3389_111-53-218-171_51842.1726283914.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309376296, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:42:56.297] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:42:59.400] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25643 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID74_godzilla_2.96_aspx_windowsserver2008r2.pcap.UDP_192-168-17-1_5353_224-0-0-251_5353.1726129620.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID74_godzilla_2.96_aspx_windowsserver2008r2.pcap.UDP_192-168-17-1_5353_224-0-0-251_5353.1726129620.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114258Z&X-Amz-Signature=7b8aca52e619a67a7e97ca01e65f8d2d3a5a1b3d3e8340a1b25d5dd7118e232d"}
[2025-12-09 19:42:59.400] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:42:59.400] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:42:59.400] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:42:59.400] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:42:59.400] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:42:59.401] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:42:59.409] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID74_godzilla_2.96_aspx_windowsserver2008r2.pcap.UDP_192-168-17-1_5353_224-0-0-251_5353.1726129620.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309379408, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:42:59.409] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:43:02.513] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24391 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID75_godzilla_3.0.3_aspx_windowsserver2008r2.pcap.UDP_192-168-17-1_5353_224-0-0-251_5353.1726129499.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID75_godzilla_3.0.3_aspx_windowsserver2008r2.pcap.UDP_192-168-17-1_5353_224-0-0-251_5353.1726129499.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T114301Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=78bbdac7f011d6fe64822453161d7a3f5826c665c221b8ccdc1a2f40bc61339b"}
[2025-12-09 19:43:02.513] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:43:02.513] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:43:02.513] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:43:02.513] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:43:02.514] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:43:02.514] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:43:02.522] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID75_godzilla_3.0.3_aspx_windowsserver2008r2.pcap.UDP_192-168-17-1_5353_224-0-0-251_5353.1726129499.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309382522, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:43:02.523] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:43:05.629] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25644 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_http.pcap.TCP_192-168-32-1_57515_192-168-32-40_80.1726196706.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_http.pcap.TCP_192-168-32-1_57515_192-168-32-40_80.1726196706.jsonl?X-Amz-Expires=604800&X-Amz-Date=20251209T114305Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=8fd74bb6f5759a04cd530501b0d65e6c78a950ebb0811b0c0ce78e4e1ce6d7e6&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:43:05.630] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:43:05.630] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:43:05.630] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:43:05.630] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:43:05.630] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:43:05.631] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:43:05.740] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_http.pcap.TCP_192-168-32-1_57515_192-168-32-40_80.1726196706.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309385739, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726196706964692, "etime": 1726196706964692, "src_ip": "192.168.32.1", "dest_ip": "192.168.32.40", "src_port": 57515, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:43:05.740] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:43:08.743] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24014 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_https.pcap.TCP_192-168-37-1_43330_192-168-37-136_8443.1727255874.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_https.pcap.TCP_192-168-37-1_43330_192-168-37-136_8443.1727255874.jsonl?X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114308Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=0542e1a157304d159d3ffd7fce7007dea5cd379dd5203158785e42e3fc1436d8"}
[2025-12-09 19:43:08.743] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:43:08.743] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:43:08.743] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:43:08.743] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:43:08.743] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:43:08.744] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:43:08.857] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_https.pcap.TCP_192-168-37-1_43330_192-168-37-136_8443.1727255874.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309388856, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727255874743881, "etime": 1727255874743881, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 43330, "dest_port": 8443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:43:08.857] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:43:11.856] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25645 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID88_antsword_2.1.8.1_jsp_http.pcap.TCP_192-168-112-1_64657_192-168-112-135_8080.1726218782.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID88_antsword_2.1.8.1_jsp_http.pcap.TCP_192-168-112-1_64657_192-168-112-135_8080.1726218782.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=6760d8c0d9fa322cedcccd7c15477f96b859a25f2d7e9e860f1ad386b95fbe25&X-Amz-Date=20251209T114311Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 19:43:11.856] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:43:11.856] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:43:11.856] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:43:11.856] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:43:11.856] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:43:11.857] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:43:11.959] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID88_antsword_2.1.8.1_jsp_http.pcap.TCP_192-168-112-1_64657_192-168-112-135_8080.1726218782.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309391959, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726218782567053, "etime": 1726218782567053, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 64657, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:43:11.959] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:43:14.964] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25646 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49195.1727228342.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49195.1727228342.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114314Z&X-Amz-SignedHeaders=host&X-Amz-Signature=ab928ea093d0610142875613966d88819775fc9d8bcdcfc838b70f19fcb4ad2b&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 19:43:14.964] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:43:14.964] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:43:14.964] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:43:14.964] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:43:14.964] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:43:14.965] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:43:15.073] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49195.1727228342.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309395073, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228342545875, "etime": 1727228342545875, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49195, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:43:15.073] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:43:18.079] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24015 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49205.1727228345.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49205.1727228345.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114317Z&X-Amz-Expires=604800&X-Amz-Signature=bf7133c39144a691e563dcb7082cb7524f621ffbf2745471ecbd3828470dd9ee&X-Amz-SignedHeaders=host"}
[2025-12-09 19:43:18.080] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:43:18.080] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:43:18.080] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:43:18.080] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:43:18.080] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:43:18.081] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:43:18.189] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49205.1727228345.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309398189, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228345150791, "etime": 1727228345150791, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49205, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:43:18.189] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:43:21.189] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24016 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49214.1727228347.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49214.1727228347.jsonl?X-Amz-Signature=3292ce977186cc7b085c75103086b3db3e05ceb74434d4bcf36c4ec170bf6544&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114320Z&X-Amz-SignedHeaders=host"}
[2025-12-09 19:43:21.189] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:43:21.189] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:43:21.190] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:43:21.190] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:43:21.190] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:43:21.191] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:43:21.295] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49214.1727228347.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309401294, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228347491356, "etime": 1727228347491356, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49214, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:43:21.295] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:43:24.298] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24392 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49163.1727228334.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49163.1727228334.jsonl?X-Amz-Date=20251209T114323Z&X-Amz-Signature=5026c986af59ef1dd75dd67f708ba109bfd445f44b5b35c63bd710814c8c549e&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Expires=604800"}
[2025-12-09 19:43:24.298] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:43:24.298] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:43:24.298] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:43:24.298] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:43:24.298] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:43:24.299] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:43:24.408] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49163.1727228334.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309404408, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228334044596, "etime": 1727228334044596, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49163, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:43:24.408] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:43:27.417] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24393 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54671_192-168-112-135_8080.1726627028.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54671_192-168-112-135_8080.1726627028.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=285ec943935a992c8c0a24107eca55002c9aff7a719d268303826b78f80d1b88&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T114326Z"}
[2025-12-09 19:43:27.418] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:43:27.418] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:43:27.418] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:43:27.418] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:43:27.418] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:43:27.419] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:43:27.529] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54671_192-168-112-135_8080.1726627028.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309407528, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726627028192878, "etime": 1726627028192878, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 54671, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:43:27.529] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:43:30.533] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25647 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_fe80--59b3-66e0-f7a8-70f8_5353_ff02--fb_5353.1726192244.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_fe80--59b3-66e0-f7a8-70f8_5353_ff02--fb_5353.1726192244.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=85957fb7c62416a6d032b012ef5ebd445c9b2f7b6b4942ab851c3784596d67c2&X-Amz-Date=20251209T114330Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host"}
[2025-12-09 19:43:30.533] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:43:30.533] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:43:30.534] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:43:30.534] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:43:30.534] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:43:30.535] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:43:30.543] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_fe80--59b3-66e0-f7a8-70f8_5353_ff02--fb_5353.1726192244.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309410542, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:43:30.543] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:43:33.635] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24394 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49162.1727228273.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49162.1727228273.jsonl?X-Amz-Date=20251209T114333Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=4c858c140c96257857d79ac645f209b9b11787fa4a203047dd44ad2a679da80c&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Expires=604800"}
[2025-12-09 19:43:33.635] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:43:33.635] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:43:33.635] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:43:33.635] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:43:33.635] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:43:33.636] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:43:33.749] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49162.1727228273.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309413749, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228273791286, "etime": 1727228273791286, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49162, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:43:33.750] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:43:36.760] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24395 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49164.1727228334.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49164.1727228334.jsonl?X-Amz-Date=20251209T114336Z&X-Amz-Expires=604800&X-Amz-Signature=c98db7417d7ee527bf95369ea0bcf0f8fea7150d728099ec47357a38f277c523&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:43:36.760] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:43:36.760] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:43:36.760] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:43:36.760] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:43:36.760] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:43:36.761] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:43:36.874] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49164.1727228334.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309416873, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228334371239, "etime": 1727228334371239, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49164, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:43:36.874] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:43:39.875] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24396 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49165.1727228334.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49165.1727228334.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=698f47b071595a8af104477ec79ce497b0b88ae0260e5dde5240b2662212857a&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114339Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:43:39.876] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:43:39.876] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:43:39.876] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:43:39.876] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:43:39.876] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:43:39.877] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:43:39.988] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49165.1727228334.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309419988, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228334667490, "etime": 1727228334667490, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49165, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:43:39.988] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:43:42.991] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24397 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49166.1727228334.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49166.1727228334.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=8c34ac5fd3579860c8ea19a27150efc30cc77d04b8aefa979dbe33f7c63a2fb8&X-Amz-Date=20251209T114342Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 19:43:42.992] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:43:42.992] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:43:42.992] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:43:42.992] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:43:42.992] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:43:42.993] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:43:43.103] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49166.1727228334.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309423103, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228334886361, "etime": 1727228334886361, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49166, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:43:43.103] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:43:46.105] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25648 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49167.1727228335.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49167.1727228335.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=94ba436e81a2887d949eae049ea76890dce722e7a662bdb19f05dfeda0ac0960&X-Amz-Date=20251209T114345Z&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:43:46.106] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:43:46.106] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:43:46.106] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:43:46.106] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:43:46.106] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:43:46.107] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:43:46.219] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49167.1727228335.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309426219, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228335119982, "etime": 1727228335119982, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49167, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:43:46.219] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:43:49.212] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24398 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49178.1727228337.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49178.1727228337.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114348Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=a274414b67d4b1304657c08efa78d19036c14d8f45e4d44877fbac7641e34714"}
[2025-12-09 19:43:49.212] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:43:49.212] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:43:49.213] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:43:49.213] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:43:49.213] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:43:49.214] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:43:49.306] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49178.1727228337.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309429306, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228337897332, "etime": 1727228337897332, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49178, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:43:49.306] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:43:52.329] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25649 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49179.1727228338.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49179.1727228338.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114351Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=ba86c43443877705f0421f063da9b198ab7971ab382800262720417549a99676&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:43:52.329] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:43:52.329] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:43:52.329] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:43:52.329] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:43:52.329] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:43:52.330] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:43:52.441] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49179.1727228338.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309432440, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228338146227, "etime": 1727228338146227, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49179, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:43:52.441] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:43:55.440] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24399 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49180.1727228338.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49180.1727228338.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=13feb9a16b91bb0c41a63c1533f588f190bf8fbf9fab3b11d9f6c6276191d5e7&X-Amz-Date=20251209T114354Z"}
[2025-12-09 19:43:55.440] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:43:55.440] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:43:55.440] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:43:55.440] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:43:55.440] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:43:55.441] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:43:55.546] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49180.1727228338.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309435546, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228338396306, "etime": 1727228338396306, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49180, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:43:55.546] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:43:58.553] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25650 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49181.1727228338.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49181.1727228338.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=e20ba16bf48b3062293d80b70bafad62e4205e918d0ec917562f818e5a4d76f1&X-Amz-Date=20251209T114358Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800"}
[2025-12-09 19:43:58.554] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:43:58.554] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:43:58.554] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:43:58.554] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:43:58.554] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:43:58.555] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:43:58.667] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49181.1727228338.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309438666, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228338677021, "etime": 1727228338677021, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49181, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:43:58.667] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:44:01.667] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24400 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49182.1727228338.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49182.1727228338.jsonl?X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=cbec0b299aaee62be4f922e1fbfb5005b6700c21dcf1c5988e42f6097140028d&X-Amz-Date=20251209T114401Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 19:44:01.667] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:44:01.667] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:44:01.667] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:44:01.667] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:44:01.667] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:44:01.668] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:44:01.768] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49182.1727228338.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309441767, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228338926801, "etime": 1727228338926801, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49182, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:44:01.768] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:44:04.782] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24017 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49183.1727228339.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49183.1727228339.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T114404Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=a540bd02939da65d4e9ca01ff1fcc0c21955cef8a684e6c380dfcf6a1e767189"}
[2025-12-09 19:44:04.782] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:44:04.782] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:44:04.783] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:44:04.783] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:44:04.783] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:44:04.783] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:44:04.894] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49183.1727228339.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309444893, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228339207953, "etime": 1727228339207953, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49183, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:44:04.894] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:44:07.894] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24401 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49184.1727228339.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49184.1727228339.jsonl?X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Date=20251209T114407Z&X-Amz-Signature=5dd0e78a786a4e386423e243acca9543c95c8afba347c90fd3a28a59296f56b6&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:44:07.894] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:44:07.895] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:44:07.895] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:44:07.895] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:44:07.895] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:44:07.896] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:44:08.005] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49184.1727228339.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309448004, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228339535628, "etime": 1727228339535628, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49184, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:44:08.005] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:44:11.020] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24402 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49185.1727228339.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49185.1727228339.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=e7431129a91ec541df33195bb0be7d2fe3fa3bc3b98bca53e4a6c4661fdd7459&X-Amz-Date=20251209T114410Z"}
[2025-12-09 19:44:11.020] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:44:11.020] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:44:11.021] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:44:11.021] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:44:11.021] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:44:11.022] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:44:11.134] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49185.1727228339.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309451133, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228339831525, "etime": 1727228339831525, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49185, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:44:11.134] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:44:14.141] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24403 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49187.1727228340.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49187.1727228340.jsonl?X-Amz-Signature=eb47f88a15a2836189db268df09076887b21f5253617de66e9a58aff7097c94f&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T114413Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 19:44:14.142] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:44:14.142] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:44:14.142] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:44:14.142] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:44:14.142] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:44:14.143] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:44:14.254] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49187.1727228340.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309454254, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228340424653, "etime": 1727228340424653, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49187, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:44:14.254] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:44:17.262] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24404 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49188.1727228340.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49188.1727228340.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T114416Z&X-Amz-SignedHeaders=host&X-Amz-Signature=b77c02748c2f87fc90455488d62754de3e1d135d4dbb69e950759217b837c13a&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:44:17.263] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:44:17.263] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:44:17.263] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:44:17.263] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:44:17.263] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:44:17.264] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:44:17.374] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49188.1727228340.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309457373, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228340673637, "etime": 1727228340673637, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49188, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:44:17.374] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:44:20.384] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25651 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49189.1727228340.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49189.1727228340.jsonl?X-Amz-Signature=9340af02a088d8fff66fae10ff785623c359ff4b43b1d540129fd25d728a4d41&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T114419Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 19:44:20.384] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:44:20.384] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:44:20.384] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:44:20.384] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:44:20.384] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:44:20.385] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:44:20.494] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49189.1727228340.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309460494, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228340938701, "etime": 1727228340938701, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49189, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:44:20.494] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:44:23.494] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24405 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49190.1727228341.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49190.1727228341.jsonl?X-Amz-Date=20251209T114422Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=0a2684677ba3fac6f5b795af9f4914dd2dc3ed4a9d9c143538bc485bf38cd011"}
[2025-12-09 19:44:23.494] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:44:23.494] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:44:23.495] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:44:23.495] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:44:23.495] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:44:23.495] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:44:23.600] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49190.1727228341.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309463600, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228341250575, "etime": 1727228341250575, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49190, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:44:23.600] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:44:26.630] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24406 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49191.1727228341.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49191.1727228341.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=e2d8ea15a9f311168f105b38aa23aaabc837a9b6015b36a8294e878320e19d4d&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Date=20251209T114426Z"}
[2025-12-09 19:44:26.630] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:44:26.630] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:44:26.630] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:44:26.630] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:44:26.630] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:44:26.631] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:44:26.733] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49191.1727228341.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309466733, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228341531774, "etime": 1727228341531774, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49191, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:44:26.733] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:44:29.733] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25652 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49192.1727228341.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49192.1727228341.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=4aff05ebce30b6c790f392b14deb8b111f61ad6c7cc393f562be3c4ecaad3876&X-Amz-Date=20251209T114429Z&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:44:29.733] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:44:29.733] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:44:29.733] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:44:29.733] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:44:29.733] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:44:29.734] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:44:29.832] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49192.1727228341.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309469832, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228341797077, "etime": 1727228341797077, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49192, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:44:29.832] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:44:32.841] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25653 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49193.1727228342.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49193.1727228342.jsonl?X-Amz-Signature=9d188c92dbdb04664f35937ae15055be5885dc6d1a53869a17e2b87de64ee7c1&X-Amz-Date=20251209T114432Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 19:44:32.841] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:44:32.841] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:44:32.841] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:44:32.841] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:44:32.841] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:44:32.842] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:44:32.945] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49193.1727228342.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309472945, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228342030775, "etime": 1727228342030775, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49193, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:44:32.945] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:44:35.959] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24407 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49194.1727228342.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49194.1727228342.jsonl?X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114435Z&X-Amz-Signature=bbf6353b28dbf0a244f7b1d4879365f6c2e5d782fc4aa12f080dfaf1d4ab3972&X-Amz-Expires=604800"}
[2025-12-09 19:44:35.959] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:44:35.959] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:44:35.959] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:44:35.959] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:44:35.959] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:44:35.960] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:44:36.072] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49194.1727228342.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309476071, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228342266820, "etime": 1727228342266820, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49194, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:44:36.072] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:44:39.074] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24018 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49197.1727228343.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49197.1727228343.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=f78a9fb3dc5a41e1bb11381cec317f0d238997158437546517ce4a47481ac528&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T114438Z"}
[2025-12-09 19:44:39.075] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:44:39.075] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:44:39.075] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:44:39.075] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:44:39.075] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:44:39.076] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:44:39.185] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49197.1727228343.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309479185, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228343139302, "etime": 1727228343139302, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49197, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:44:39.185] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:44:42.187] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24408 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49198.1727228343.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49198.1727228343.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T114441Z&X-Amz-Expires=604800&X-Amz-Signature=109d258572bb9990c3c9a28622342b4e71201797d4eb8f1d289bd608adc7f166&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:44:42.187] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:44:42.187] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:44:42.187] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:44:42.187] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:44:42.187] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:44:42.188] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:44:42.296] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49198.1727228343.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309482296, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228343387909, "etime": 1727228343387909, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49198, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:44:42.296] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:44:45.303] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24019 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49199.1727228343.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49199.1727228343.jsonl?X-Amz-Signature=722a4ff437f4bd3429b5b3d86d9589a0f0b2d3394c23a5e2cee7f684d96d8988&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T114444Z&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:44:45.303] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:44:45.303] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:44:45.304] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:44:45.304] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:44:45.304] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:44:45.305] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:44:45.415] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49199.1727228343.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309485414, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228343622427, "etime": 1727228343622427, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49199, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:44:45.415] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:44:48.424] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24409 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49200.1727228343.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49200.1727228343.jsonl?X-Amz-Date=20251209T114447Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=4e36052be3fd49f6097003e8f362b270e7f538d2353e48bae782f83f0382bec6&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:44:48.424] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:44:48.424] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:44:48.424] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:44:48.424] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:44:48.424] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:44:48.425] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:44:48.537] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49200.1727228343.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309488536, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228343856020, "etime": 1727228343856020, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49200, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:44:48.537] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:44:51.538] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25654 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49201.1727228344.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49201.1727228344.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T114451Z&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=ba6536ee805392366e29653ffd6737146198e8e21bd09ffbd19cf1fad870056e"}
[2025-12-09 19:44:51.538] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:44:51.538] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:44:51.538] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:44:51.539] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:44:51.539] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:44:51.539] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:44:51.649] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49201.1727228344.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309491648, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228344074466, "etime": 1727228344074466, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49201, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:44:51.649] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:44:54.640] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25655 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49202.1727228344.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49202.1727228344.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Date=20251209T114454Z&X-Amz-SignedHeaders=host&X-Amz-Signature=7eae2986377b07e6a547dc9545a30020ff363369ea1108234be8b0d8197c34b1&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:44:54.640] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:44:54.640] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:44:54.640] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:44:54.641] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:44:54.641] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:44:54.641] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:44:54.738] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49202.1727228344.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309494738, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228344340363, "etime": 1727228344340363, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49202, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:44:54.738] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:44:57.760] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24410 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49203.1727228344.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49203.1727228344.jsonl?X-Amz-Signature=2e8fd8c7670f5ae9931937b4d7a3983fa917114f9c6223dc03943c4dfb48e0b8&X-Amz-Date=20251209T114457Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:44:57.760] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:44:57.760] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:44:57.760] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:44:57.760] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:44:57.760] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:44:57.761] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:44:57.872] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49203.1727228344.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309497871, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228344621070, "etime": 1727228344621070, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49203, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:44:57.872] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:45:00.862] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25656 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49204.1727228344.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49204.1727228344.jsonl?X-Amz-Date=20251209T114500Z&X-Amz-Signature=4223d121ba14c7059be2f6ed8a626b7bd0b087bf0b4b8bd4b19f7f2df5b09ff7&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:45:00.863] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:45:00.863] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:45:00.863] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:45:00.863] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:45:00.863] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:45:00.864] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:45:00.973] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49204.1727228344.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309500973, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228344854861, "etime": 1727228344854861, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49204, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:45:00.973] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:45:03.971] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24411 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49207.1727228345.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49207.1727228345.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=7cc9c21485cd03f9e0dd3b2566a0dc9adcf978e328e7370f13eca0110edf5315&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114503Z"}
[2025-12-09 19:45:03.972] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:45:03.972] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:45:03.972] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:45:03.972] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:45:03.972] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:45:03.973] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:45:04.077] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49207.1727228345.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309504076, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228345691604, "etime": 1727228345691604, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49207, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:45:04.077] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:45:07.088] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24412 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49208.1727228345.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49208.1727228345.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T114506Z&X-Amz-Expires=604800&X-Amz-Signature=813b7e7380171d6e7176e3898d5abff83fe18ec602edfd1a3bcbaf533c4ab4ef"}
[2025-12-09 19:45:07.088] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:45:07.088] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:45:07.088] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:45:07.088] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:45:07.088] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:45:07.089] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:45:07.193] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49208.1727228345.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309507193, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228345930668, "etime": 1727228345930668, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49208, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:45:07.193] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:45:10.201] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24020 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49209.1727228346.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49209.1727228346.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=f6cfc2065de2ac5c3b06feb5ba110d1f19495071d28624639f5b749eec872cfb&X-Amz-Date=20251209T114509Z&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:45:10.201] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:45:10.201] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:45:10.201] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:45:10.201] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:45:10.201] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:45:10.202] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:45:10.311] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49209.1727228346.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309510311, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228346211338, "etime": 1727228346211338, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49209, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:45:10.311] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:45:13.312] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24021 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49210.1727228346.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49210.1727228346.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=ef54fcb3323cbfe9491811dc0a4f3f6577427756674ba537538b3544dadeca48&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114512Z&X-Amz-Expires=604800"}
[2025-12-09 19:45:13.313] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:45:13.313] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:45:13.313] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:45:13.313] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:45:13.313] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:45:13.314] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:45:13.422] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49210.1727228346.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309513422, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228346429981, "etime": 1727228346429981, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49210, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:45:13.422] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:45:16.429] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24413 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49211.1727228346.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49211.1727228346.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T114515Z&X-Amz-Signature=abfcb40dbcff821afbbec8ee5e4df4308bb171c5c9fa1d23492837855c44e981&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:45:16.430] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:45:16.430] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:45:16.430] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:45:16.430] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:45:16.430] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:45:16.431] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:45:16.538] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49211.1727228346.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309516538, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228346695402, "etime": 1727228346695402, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49211, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:45:16.538] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:45:19.542] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24022 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49212.1727228346.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49212.1727228346.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Date=20251209T114519Z&X-Amz-Signature=b134392e7bf33c60cb1b974b6c2d7d3ca9da8963d9c6d5c7659528969b3197ec&X-Amz-SignedHeaders=host"}
[2025-12-09 19:45:19.542] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:45:19.542] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:45:19.542] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:45:19.542] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:45:19.542] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:45:19.543] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:45:19.653] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49212.1727228346.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309519653, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228346945087, "etime": 1727228346945087, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49212, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:45:19.653] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:45:22.650] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24023 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49213.1727228347.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49213.1727228347.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=b665f26d41dca05047bb1cc686088e870f951c9330b94cb9e89ea20c936ec973&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T114522Z"}
[2025-12-09 19:45:22.650] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:45:22.650] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:45:22.650] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:45:22.650] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:45:22.650] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:45:22.651] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:45:22.758] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49213.1727228347.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309522757, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228347242283, "etime": 1727228347242283, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49213, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:45:22.758] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:45:25.763] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24414 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49206.1727228345.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49206.1727228345.jsonl?X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T114525Z&X-Amz-Signature=09cce3e8cc7bafcd5f1d6068f311defb261785a33e9542497b2a179907a286e2&X-Amz-Expires=604800"}
[2025-12-09 19:45:25.763] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:45:25.763] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:45:25.763] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:45:25.763] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:45:25.763] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:45:25.764] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:45:25.878] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49206.1727228345.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309525877, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228345419563, "etime": 1727228345419563, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49206, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:45:25.878] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:45:28.882] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24415 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49196.1727228342.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49196.1727228342.jsonl?X-Amz-Date=20251209T114528Z&X-Amz-SignedHeaders=host&X-Amz-Signature=6617a82d84fddfda10618052928e24e56dbbae59de044437eb09094a17d6a639&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:45:28.882] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:45:28.882] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:45:28.882] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:45:28.882] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:45:28.882] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:45:28.883] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:45:28.995] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49196.1727228342.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309528995, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228342897145, "etime": 1727228342897145, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49196, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:45:28.995] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:45:31.995] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24024 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID60_behinderv4.1_aspx_winserver2012r2-tls1.2_1.pcap.UDP_10-0-4-15_3389_111-53-218-171_51842.1726284545.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID60_behinderv4.1_aspx_winserver2012r2-tls1.2_1.pcap.UDP_10-0-4-15_3389_111-53-218-171_51842.1726284545.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=0f72bf2c74341fea9d6ad626a2f473e7bc411b09f1aff62096fe83add4f4a4fd&X-Amz-Date=20251209T114531Z&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 19:45:31.996] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:45:31.996] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:45:31.996] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:45:31.996] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:45:31.996] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:45:31.997] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:45:32.004] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID60_behinderv4.1_aspx_winserver2012r2-tls1.2_1.pcap.UDP_10-0-4-15_3389_111-53-218-171_51842.1726284545.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309532003, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:45:32.004] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:45:35.110] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24416 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-1_5353_224-0-0-251_5353.1726192244.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-1_5353_224-0-0-251_5353.1726192244.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T114534Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=532d102fad47215e9c0f5b008eecf21a7fda0202652c5624389fa3977adb0aee"}
[2025-12-09 19:45:35.110] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:45:35.110] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:45:35.111] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:45:35.111] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:45:35.111] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:45:35.112] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:45:35.119] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.UDP_192-168-52-1_5353_224-0-0-251_5353.1726192244.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309535119, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:45:35.119] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:45:38.221] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24025 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54663_192-168-112-135_8080.1726627010.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54663_192-168-112-135_8080.1726627010.jsonl?X-Amz-Signature=3b6d959b01ebfdeb0c9103f4d4b1226ee6de0072a90d3925f6f02e1f69779b3b&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T114537Z&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:45:38.221] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:45:38.221] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:45:38.221] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:45:38.221] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:45:38.221] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:45:38.222] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:45:38.332] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54663_192-168-112-135_8080.1726627010.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309538331, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726627010583731, "etime": 1726627010583731, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 54663, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:45:38.332] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:45:41.341] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25657 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID88_antsword_2.1.8.1_jsp_http.pcap.TCP_192-168-112-1_64656_192-168-112-135_8080.1726218780.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID88_antsword_2.1.8.1_jsp_http.pcap.TCP_192-168-112-1_64656_192-168-112-135_8080.1726218780.jsonl?X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T114540Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=fcbff9e9c7339fbea0aed4ce16d03e3c54de8bbb6a9c180cba85460f57cba3c2&X-Amz-Expires=604800"}
[2025-12-09 19:45:41.341] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:45:41.341] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:45:41.341] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:45:41.341] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:45:41.341] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:45:41.342] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:45:41.452] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID88_antsword_2.1.8.1_jsp_http.pcap.TCP_192-168-112-1_64656_192-168-112-135_8080.1726218780.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309541451, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726218780480434, "etime": 1726218780480434, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 64656, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:45:41.452] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:45:44.459] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24026 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54669_192-168-112-135_8080.1726627025.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54669_192-168-112-135_8080.1726627025.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=85ee1b5938af99885c832ad17f91d6c58614f3e7157cb3f51bce87cf3ca99738&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114543Z"}
[2025-12-09 19:45:44.459] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:45:44.459] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:45:44.459] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:45:44.459] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:45:44.459] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:45:44.460] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:45:44.572] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54669_192-168-112-135_8080.1726627025.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309544571, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726627025160089, "etime": 1726627025160089, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 54669, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:45:44.572] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:45:47.576] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24417 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54673_192-168-112-135_8080.1726627033.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54673_192-168-112-135_8080.1726627033.jsonl?X-Amz-Expires=604800&X-Amz-Date=20251209T114547Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=4f5d34404d8c785970e8b7f7551980e5af8458bafdf2cedc40e386c4da454918&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:45:47.576] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:45:47.576] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:45:47.576] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:45:47.576] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:45:47.576] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:45:47.577] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:45:47.685] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54673_192-168-112-135_8080.1726627033.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309547684, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726627033156759, "etime": 1726627033156759, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 54673, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:45:47.685] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:45:50.686] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24418 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54672_192-168-112-135_8080.1726627032.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54672_192-168-112-135_8080.1726627032.jsonl?X-Amz-Signature=15188403162d1fc134da7a5c95169611a5d8a76711ef76034e980a6dd3567461&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114550Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host"}
[2025-12-09 19:45:50.686] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:45:50.686] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:45:50.686] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:45:50.686] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:45:50.686] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:45:50.687] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:45:50.795] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54672_192-168-112-135_8080.1726627032.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309550795, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726627032104758, "etime": 1726627032104758, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 54672, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:45:50.796] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:45:53.800] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24419 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54666_192-168-112-135_8080.1726627022.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54666_192-168-112-135_8080.1726627022.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=f3bd3745db324069aa011594163a8d78e202912f3eb7bc520b8193c3c28dfd99&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T114553Z&X-Amz-Expires=604800"}
[2025-12-09 19:45:53.801] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:45:53.801] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:45:53.801] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:45:53.801] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:45:53.801] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:45:53.802] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:45:53.911] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54666_192-168-112-135_8080.1726627022.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309553911, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726627022748067, "etime": 1726627022748067, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 54666, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:45:53.911] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:45:56.917] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25658 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID88_antsword_2.1.8.1_jsp_http.pcap.TCP_192-168-112-1_64655_192-168-112-135_8080.1726218779.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID88_antsword_2.1.8.1_jsp_http.pcap.TCP_192-168-112-1_64655_192-168-112-135_8080.1726218779.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=64d5eec77660bc456cd682cd8bba48244e9f8ceb8bd2d107f7c805bc13e94be9&X-Amz-Date=20251209T114556Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Expires=604800"}
[2025-12-09 19:45:56.917] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:45:56.917] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:45:56.917] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:45:56.917] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:45:56.917] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:45:56.918] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:45:57.019] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID88_antsword_2.1.8.1_jsp_http.pcap.TCP_192-168-112-1_64655_192-168-112-135_8080.1726218779.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309557018, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726218779846254, "etime": 1726218779846254, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 64655, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:45:57.019] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:46:00.026] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24027 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54676_192-168-112-135_8080.1726627037.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54676_192-168-112-135_8080.1726627037.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=5e975a0007402bf8f834267641dae45e7823dbb71dbfb383e60e72f5617ba720&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T114559Z"}
[2025-12-09 19:46:00.026] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:46:00.026] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:46:00.026] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:46:00.026] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:46:00.026] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:46:00.027] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:46:00.137] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54676_192-168-112-135_8080.1726627037.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309560136, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726627037425106, "etime": 1726627037425106, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 54676, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:46:00.137] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:46:03.140] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24028 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54674_192-168-112-135_8080.1726627034.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54674_192-168-112-135_8080.1726627034.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=75e11b1c18053f30a661df458faf15088fac0d0ef801f4eab2aa3cd9e0e7a2f7&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114602Z&X-Amz-Expires=604800"}
[2025-12-09 19:46:03.140] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:46:03.140] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:46:03.140] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:46:03.140] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:46:03.140] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:46:03.141] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:46:03.252] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54674_192-168-112-135_8080.1726627034.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309563252, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726627034421922, "etime": 1726627034421922, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 54674, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:46:03.252] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:46:06.248] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24029 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54668_192-168-112-135_8080.1726627024.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54668_192-168-112-135_8080.1726627024.jsonl?X-Amz-Date=20251209T114605Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=8df6611b9b0ee4d828e52759b6a94b40a4042fd7d39c19c24231feefaa99f9ba&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 19:46:06.248] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:46:06.248] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:46:06.249] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:46:06.249] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:46:06.249] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:46:06.250] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:46:06.354] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54668_192-168-112-135_8080.1726627024.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309566354, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726627024476981, "etime": 1726627024476981, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 54668, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:46:06.354] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:46:09.353] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24030 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai3_http_whoami.pcap.UDP_fe80--59b3-66e0-f7a8-70f8_5353_ff02--fb_5353.1726193202.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai3_http_whoami.pcap.UDP_fe80--59b3-66e0-f7a8-70f8_5353_ff02--fb_5353.1726193202.jsonl?X-Amz-Signature=df2a5bcfdc40af78a53839fae03639ddc0572b7ab9da1bc8edba94f4ebaa1344&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T114608Z&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 19:46:09.353] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:46:09.353] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:46:09.353] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:46:09.353] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:46:09.353] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:46:09.354] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:46:09.362] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai3_http_whoami.pcap.UDP_fe80--59b3-66e0-f7a8-70f8_5353_ff02--fb_5353.1726193202.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309569361, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:46:09.362] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:46:12.462] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24031 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54677_192-168-112-135_8080.1726627038.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54677_192-168-112-135_8080.1726627038.jsonl?X-Amz-Signature=79c88a15b71e287c52e6833c1d26717f1ceadfc09c5210b25febdccdad957344&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Date=20251209T114611Z&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:46:12.462] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:46:12.462] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:46:12.462] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:46:12.463] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:46:12.463] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:46:12.463] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:46:12.578] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54677_192-168-112-135_8080.1726627038.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309572578, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726627038215753, "etime": 1726627038215753, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 54677, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:46:12.578] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:46:15.571] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25659 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID88_antsword_2.1.8.1_jsp_http.pcap.TCP_192-168-112-1_64654_192-168-112-135_8080.1726218768.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID88_antsword_2.1.8.1_jsp_http.pcap.TCP_192-168-112-1_64654_192-168-112-135_8080.1726218768.jsonl?X-Amz-Signature=1d59ff02e4155590b421ecddf5af4b47bc671418778e554e0f9cbae17242fee6&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T114615Z"}
[2025-12-09 19:46:15.572] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:46:15.572] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:46:15.572] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:46:15.572] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:46:15.572] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:46:15.573] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:46:15.677] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID88_antsword_2.1.8.1_jsp_http.pcap.TCP_192-168-112-1_64654_192-168-112-135_8080.1726218768.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309575676, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726218768517406, "etime": 1726218768517406, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 64654, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:46:15.677] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:46:18.690] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25660 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai3_http_whoami.pcap.UDP_192-168-52-1_5353_224-0-0-251_5353.1726193202.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai3_http_whoami.pcap.UDP_192-168-52-1_5353_224-0-0-251_5353.1726193202.jsonl?X-Amz-Date=20251209T114618Z&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=ac4040e3612085f656bc468ee4459852230c4a4e707e88b1988acc6fc4bb832a"}
[2025-12-09 19:46:18.691] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:46:18.691] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:46:18.691] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:46:18.691] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:46:18.691] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:46:18.692] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:46:18.700] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai3_http_whoami.pcap.UDP_192-168-52-1_5353_224-0-0-251_5353.1726193202.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309578699, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:46:18.700] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:46:21.806] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25661 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID60_behinderv4.1_aspx_winserver2012r2-tls1.2_1.pcap.TCP_10-0-4-15_4433_111-53-218-171_11580.1726284531.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID60_behinderv4.1_aspx_winserver2012r2-tls1.2_1.pcap.TCP_10-0-4-15_4433_111-53-218-171_11580.1726284531.jsonl?X-Amz-Date=20251209T114621Z&X-Amz-Signature=0198fe836320780ead2cbd63e213ccedeb56d0d551a57026a69bff9f243dadc1&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host"}
[2025-12-09 19:46:21.806] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:46:21.806] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:46:21.806] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:46:21.806] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:46:21.806] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:46:21.807] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:46:21.917] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID60_behinderv4.1_aspx_winserver2012r2-tls1.2_1.pcap.TCP_10-0-4-15_4433_111-53-218-171_11580.1726284531.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309581917, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726284531877010, "etime": 1726284531877010, "src_ip": "111.53.218.171", "dest_ip": "10.0.4.15", "src_port": 11580, "dest_port": 4433, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:46:21.917] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:46:24.918] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25662 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_https_cat.pcap.UDP_fe80--59b3-66e0-f7a8-70f8_5353_ff02--fb_5353.1726018275.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_https_cat.pcap.UDP_fe80--59b3-66e0-f7a8-70f8_5353_ff02--fb_5353.1726018275.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T114624Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=04b48e9f5bf172357f20b889839d2fde11a85a725ef42678108005bb72e8a699"}
[2025-12-09 19:46:24.918] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:46:24.918] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:46:24.918] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:46:24.918] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:46:24.918] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:46:24.919] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:46:24.926] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_https_cat.pcap.UDP_fe80--59b3-66e0-f7a8-70f8_5353_ff02--fb_5353.1726018275.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309584925, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:46:24.926] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:46:28.030] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24032 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_tls1.2_whoami.pcap.UDP_fe80--59b3-66e0-f7a8-70f8_5353_ff02--fb_5353.1726018396.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_tls1.2_whoami.pcap.UDP_fe80--59b3-66e0-f7a8-70f8_5353_ff02--fb_5353.1726018396.jsonl?X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114627Z&X-Amz-Signature=e6c52c747008415d84dd5404badbf99ea9c9597797cd4e04a417a1fa7295f9e4&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:46:28.030] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:46:28.030] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:46:28.030] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:46:28.030] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:46:28.030] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:46:28.031] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:46:28.040] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_tls1.2_whoami.pcap.UDP_fe80--59b3-66e0-f7a8-70f8_5353_ff02--fb_5353.1726018396.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309588039, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:46:28.040] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:46:31.140] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24420 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai2_https_ls.pcap.UDP_fe80--59b3-66e0-f7a8-70f8_5353_ff02--fb_5353.1726041711.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai2_https_ls.pcap.UDP_fe80--59b3-66e0-f7a8-70f8_5353_ff02--fb_5353.1726041711.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=c7b31a729ad938b4f34f37ee744dd49c02a0bcf18d7efe828fc9b45a6c20bec8&X-Amz-Date=20251209T114630Z"}
[2025-12-09 19:46:31.140] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:46:31.140] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:46:31.141] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:46:31.141] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:46:31.141] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:46:31.142] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:46:31.150] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai2_https_ls.pcap.UDP_fe80--59b3-66e0-f7a8-70f8_5353_ff02--fb_5353.1726041711.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309591149, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:46:31.150] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:46:34.258] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24033 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_cat.pcap.UDP_fe80--59b3-66e0-f7a8-70f8_5353_ff02--fb_5353.1726042677.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_cat.pcap.UDP_fe80--59b3-66e0-f7a8-70f8_5353_ff02--fb_5353.1726042677.jsonl?X-Amz-Date=20251209T114633Z&X-Amz-Signature=8d6b070314656505740bad7f242813781ae60855c8273c7815f7ff3df15310e7&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 19:46:34.259] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:46:34.259] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:46:34.259] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:46:34.259] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:46:34.259] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:46:34.260] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:46:34.268] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_cat.pcap.UDP_fe80--59b3-66e0-f7a8-70f8_5353_ff02--fb_5353.1726042677.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309594267, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:46:34.268] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:46:37.360] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25663 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54661_192-168-112-135_8080.1726627004.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54661_192-168-112-135_8080.1726627004.jsonl?X-Amz-Date=20251209T114636Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=0d946baef14904761634200e0112c1362fb758bef1f177233612287b1f9052ba&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 19:46:37.361] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:46:37.361] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:46:37.361] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:46:37.361] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:46:37.361] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:46:37.362] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:46:37.472] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54661_192-168-112-135_8080.1726627004.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309597471, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726627004926327, "etime": 1726627004926327, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 54661, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:46:37.472] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:46:40.463] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24034 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54662_192-168-112-135_8080.1726627010.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54662_192-168-112-135_8080.1726627010.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=c80cf2c3e06a05cf12d494ec60917a5bab794847c5047dd781e49d465268a45c&X-Amz-Date=20251209T114639Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:46:40.463] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:46:40.463] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:46:40.463] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:46:40.463] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:46:40.463] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:46:40.464] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:46:40.564] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54662_192-168-112-135_8080.1726627010.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309600564, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726627010524930, "etime": 1726627010524930, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 54662, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:46:40.565] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:46:43.575] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25664 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54665_192-168-112-135_8080.1726627022.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54665_192-168-112-135_8080.1726627022.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114643Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=ea90c40eccd4d89ad867bb28878a74a1b00f094e45e566f56edba89afde3cc81"}
[2025-12-09 19:46:43.575] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:46:43.575] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:46:43.575] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:46:43.575] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:46:43.576] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:46:43.576] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:46:43.687] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_http.pcap.TCP_192-168-112-1_54665_192-168-112-135_8080.1726627022.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309603687, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726627022638602, "etime": 1726627022638602, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 54665, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:46:43.687] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:46:46.677] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24421 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_https_cat.pcap.UDP_192-168-52-1_5353_224-0-0-251_5353.1726018275.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_https_cat.pcap.UDP_192-168-52-1_5353_224-0-0-251_5353.1726018275.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114646Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=abaf082f89f0b03810ca7570342e0a539edfd7eec8bad3c245707c958ef56149"}
[2025-12-09 19:46:46.677] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:46:46.677] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:46:46.677] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:46:46.677] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:46:46.677] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:46:46.678] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:46:46.686] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_https_cat.pcap.UDP_192-168-52-1_5353_224-0-0-251_5353.1726018275.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309606685, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:46:46.686] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:46:49.787] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24422 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_tls1.2_whoami.pcap.UDP_192-168-52-1_5353_224-0-0-251_5353.1726018396.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_tls1.2_whoami.pcap.UDP_192-168-52-1_5353_224-0-0-251_5353.1726018396.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114649Z&X-Amz-SignedHeaders=host&X-Amz-Signature=d8cad3ccd1d8e8480ea80eabf3336e1fa96c8ef0a7e13f4526a87fdb623e75a7"}
[2025-12-09 19:46:49.787] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:46:49.787] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:46:49.787] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:46:49.787] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:46:49.787] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:46:49.788] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:46:49.797] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_tls1.2_whoami.pcap.UDP_192-168-52-1_5353_224-0-0-251_5353.1726018396.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309609796, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:46:49.797] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:46:52.888] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24035 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai2_https_ls.pcap.UDP_192-168-52-1_5353_224-0-0-251_5353.1726041711.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai2_https_ls.pcap.UDP_192-168-52-1_5353_224-0-0-251_5353.1726041711.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T114652Z&X-Amz-Signature=e2400e826877674a730ee6d3a6f1aa60973d33673ccf97c3072fc025606c005e&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 19:46:52.889] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:46:52.889] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:46:52.889] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:46:52.889] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:46:52.889] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:46:52.890] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:46:52.898] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai2_https_ls.pcap.UDP_192-168-52-1_5353_224-0-0-251_5353.1726041711.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309612897, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:46:52.898] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:46:56.005] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24036 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_cat.pcap.UDP_192-168-52-1_5353_224-0-0-251_5353.1726042677.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_cat.pcap.UDP_192-168-52-1_5353_224-0-0-251_5353.1726042677.jsonl?X-Amz-Date=20251209T114655Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=b17bec49b67ae6c65d87efd0e494f43c224991fd752449c37f6a63a554df4df3&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 19:46:56.005] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:46:56.005] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:46:56.005] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:46:56.005] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:46:56.005] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:46:56.006] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:46:56.014] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_cat.pcap.UDP_192-168-52-1_5353_224-0-0-251_5353.1726042677.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765309616013, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 19:46:56.014] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:46:59.123] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24423 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID71_Z_Godzilla_ekp1.1_jsp_linux-http.pcap.TCP_192-168-0-3_50834_192-168-0-202_20012.1726715829.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID71_Z_Godzilla_ekp1.1_jsp_linux-http.pcap.TCP_192-168-0-3_50834_192-168-0-202_20012.1726715829.jsonl?X-Amz-Date=20251209T114658Z&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=439ed5ab5680a5011eeae598e14e88f55d9a4d31805c03a4fc84b246ffee65b9"}
[2025-12-09 19:46:59.123] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:46:59.123] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:46:59.123] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:46:59.123] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:46:59.123] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:46:59.124] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:46:59.233] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID71_Z_Godzilla_ekp1.1_jsp_linux-http.pcap.TCP_192-168-0-3_50834_192-168-0-202_20012.1726715829.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309619233, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726715829725293, "etime": 1726715829725293, "src_ip": "192.168.0.3", "dest_ip": "192.168.0.202", "src_port": 50834, "dest_port": 20012, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:46:59.234] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:47:44.627] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24424 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_52976_192-168-32-40_443.1726127486.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_52976_192-168-32-40_443.1726127486.jsonl?X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=78e2d2af24e9b2eb32b52ad770f553bc7badf7da1f9718847b571ce0c026314e&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T114744Z"}
[2025-12-09 19:47:44.627] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:47:44.627] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:47:44.628] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:47:44.628] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:47:44.628] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:47:44.629] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:47:44.739] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_52976_192-168-32-40_443.1726127486.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309664738, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726127486444771, "etime": 1726127486444771, "src_ip": "192.168.32.1", "dest_ip": "192.168.32.40", "src_port": 52976, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:47:44.739] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:47:47.742] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25665 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_52812_192-168-32-40_443.1726127476.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_52812_192-168-32-40_443.1726127476.jsonl?X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=31665ba8a7c705362771664b4e0b4650f33b4db097cb7d5abc5592d3339b3a23&X-Amz-Date=20251209T114747Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host"}
[2025-12-09 19:47:47.742] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:47:47.742] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:47:47.743] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:47:47.743] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:47:47.743] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:47:47.744] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:47:47.853] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_52812_192-168-32-40_443.1726127476.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309667852, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726127476396815, "etime": 1726127476396815, "src_ip": "192.168.32.1", "dest_ip": "192.168.32.40", "src_port": 52812, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:47:47.853] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:47:50.859] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24037 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_52813_192-168-32-40_443.1726127477.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_52813_192-168-32-40_443.1726127477.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=7b21b1f624c6f878de92cfdf7c467b439532a8f6c3b141dee40d2ec751c0a01a&X-Amz-Date=20251209T114750Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 19:47:50.859] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:47:50.859] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:47:50.860] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:47:50.860] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:47:50.860] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:47:50.860] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:47:50.970] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_52813_192-168-32-40_443.1726127477.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309670970, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726127477489392, "etime": 1726127477489392, "src_ip": "192.168.32.1", "dest_ip": "192.168.32.40", "src_port": 52813, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:47:50.970] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:47:53.976] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24038 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_48270.1726130582.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_48270.1726130582.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=83e60a8b0361da7c2c76872e91aaf33f21a4dcb7031636c2346efe5e8ef16511&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114753Z&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:47:53.977] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:47:53.977] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:47:53.977] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:47:53.977] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:47:53.977] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:47:53.978] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:47:54.089] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_48270.1726130582.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309674089, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130582597989, "etime": 1726130582597989, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 48270, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:47:54.089] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:47:57.095] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24039 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_52966_192-168-32-40_443.1726127478.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_52966_192-168-32-40_443.1726127478.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=d08ee32fc44d4841f0fb46f368d7fbe2c0a899ac1f175dbe764ca2d848c634a8&X-Amz-Date=20251209T114756Z"}
[2025-12-09 19:47:57.096] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:47:57.096] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:47:57.096] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:47:57.096] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:47:57.096] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:47:57.097] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:47:57.205] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_52966_192-168-32-40_443.1726127478.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309677205, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726127478281937, "etime": 1726127478281937, "src_ip": "192.168.32.1", "dest_ip": "192.168.32.40", "src_port": 52966, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:47:57.205] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:48:00.207] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25666 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http6.pcap.TCP_192-168-112-1_53648_192-168-112-135_443.1726625102.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http6.pcap.TCP_192-168-112-1_53648_192-168-112-135_443.1726625102.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=ac8a266a22e7034a4658f5563fbbeefd39e732e737d5cfcfba47b6ec733703ab&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T114759Z"}
[2025-12-09 19:48:00.207] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:48:00.207] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:48:00.207] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:48:00.207] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:48:00.207] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:48:00.208] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:48:00.321] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http6.pcap.TCP_192-168-112-1_53648_192-168-112-135_443.1726625102.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309680320, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726625102095546, "etime": 1726625102095546, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 53648, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 19:48:00.321] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:48:00.321] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:48:00.321] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:48:03.311] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24040 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_52645_192-168-32-40_443.1726127466.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_52645_192-168-32-40_443.1726127466.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T114802Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=29075642346c1adf4dcb587e61ba6422fe2c05ca488e564c191adb497a2fe3dc&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:48:03.311] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:48:03.311] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:48:03.311] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:48:03.311] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:48:03.311] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:48:03.312] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:48:03.418] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_52645_192-168-32-40_443.1726127466.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309683417, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726127466616469, "etime": 1726127466616469, "src_ip": "192.168.32.1", "dest_ip": "192.168.32.40", "src_port": 52645, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:48:03.418] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:48:06.423] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24425 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_52798_192-168-32-40_443.1726127473.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_52798_192-168-32-40_443.1726127473.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=e7efef5f6330074d950b98db18a8fda08156d650fc644ada19e24315db08ca12&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114805Z&X-Amz-Expires=604800"}
[2025-12-09 19:48:06.424] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:48:06.424] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:48:06.424] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:48:06.424] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:48:06.424] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:48:06.425] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:48:06.532] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_52798_192-168-32-40_443.1726127473.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309686531, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726127473160506, "etime": 1726127473160506, "src_ip": "192.168.32.1", "dest_ip": "192.168.32.40", "src_port": 52798, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:48:06.532] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:48:09.549] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24041 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_53137_192-168-32-40_443.1726127492.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_53137_192-168-32-40_443.1726127492.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T114808Z&X-Amz-Expires=604800&X-Amz-Signature=db9ccca1e2840c41ad8c692b75cf5243ec2e5836814cf0f37cf894440e5db1cf&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:48:09.549] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:48:09.549] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:48:09.549] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:48:09.549] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:48:09.549] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:48:09.550] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:48:09.660] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_53137_192-168-32-40_443.1726127492.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309689660, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726127492304463, "etime": 1726127492304463, "src_ip": "192.168.32.1", "dest_ip": "192.168.32.40", "src_port": 53137, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:48:09.660] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:48:12.671] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25667 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID88_antsword_2.1.8.1_jsp_https.pcap.TCP_192-168-112-1_64742_192-168-112-135_8443.1726219077.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID88_antsword_2.1.8.1_jsp_https.pcap.TCP_192-168-112-1_64742_192-168-112-135_8443.1726219077.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T114812Z&X-Amz-Expires=604800&X-Amz-Signature=8493e7cfd67ea1306d599c4b348e3caf3dfd3a262645ac95a58b102d8c19beb7&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:48:12.671] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:48:12.671] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:48:12.671] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:48:12.671] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:48:12.671] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:48:12.672] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:48:12.784] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID88_antsword_2.1.8.1_jsp_https.pcap.TCP_192-168-112-1_64742_192-168-112-135_8443.1726219077.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309692783, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726219077337769, "etime": 1726219077337769, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 64742, "dest_port": 8443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:48:12.784] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:48:15.791] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24426 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_https.pcap.TCP_192-168-112-1_54855_192-168-112-135_8443.1726627278.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_https.pcap.TCP_192-168-112-1_54855_192-168-112-135_8443.1726627278.jsonl?X-Amz-Signature=3a67add6151b2127eddff63d288ecf123291fac27b457133ef76578779098210&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T114815Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:48:15.792] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:48:15.792] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:48:15.792] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:48:15.792] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:48:15.792] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:48:15.793] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:48:15.902] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_https.pcap.TCP_192-168-112-1_54855_192-168-112-135_8443.1726627278.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309695901, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726627278280295, "etime": 1726627278280295, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 54855, "dest_port": 8443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:48:15.902] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:48:18.902] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24427 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51868.1726816620.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51868.1726816620.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T114818Z&X-Amz-Signature=8bc1316861576fb58b2b29a254ffad34e56cb9440eb49e45c960859ca92d6bf4&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host"}
[2025-12-09 19:48:18.903] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:48:18.903] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:48:18.903] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:48:18.903] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:48:18.903] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:48:18.904] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:48:19.013] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51868.1726816620.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309699013, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726816620073716, "etime": 1726816620073716, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51868, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 19:48:19.013] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:48:19.013] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:48:19.013] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:48:22.029] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24042 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51112.1726795503.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51112.1726795503.jsonl?X-Amz-Signature=fc3bd0576da6047733f0ec15c937d9d81b52a985d5971098ec703c758941dd84&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T114821Z&X-Amz-Expires=604800"}
[2025-12-09 19:48:22.029] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:48:22.029] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:48:22.029] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:48:22.029] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:48:22.029] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:48:22.030] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:48:22.139] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51112.1726795503.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309702139, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726795503111499, "etime": 1726795503111499, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51112, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 19:48:22.139] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:48:22.139] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:48:22.139] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:48:25.143] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25668 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51768.1726813717.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51768.1726813717.jsonl?X-Amz-Signature=2c85ea79b4a01881e9c967da36e356a4db7af37cef0ffca0071d057618bb44c3&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114824Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 19:48:25.143] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:48:25.143] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:48:25.144] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:48:25.144] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:48:25.144] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:48:25.144] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:48:25.255] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51768.1726813717.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309705255, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726813717803763, "etime": 1726813717803763, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51768, "dest_port": 446, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 19:48:25.255] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:48:25.255] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:48:25.255] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:48:28.247] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24043 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51222.1726799587.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51222.1726799587.jsonl?X-Amz-Date=20251209T114827Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=9d3c6dbf3ca099f608ae380aad38642bcd2efe88e1217a640043e6ecf2fd01fd&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 19:48:28.247] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:48:28.247] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:48:28.247] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:48:28.247] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:48:28.247] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:48:28.248] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:48:28.353] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51222.1726799587.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309708352, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726799587285373, "etime": 1726799587285373, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51222, "dest_port": 446, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 19:48:28.353] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:48:28.353] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:48:28.353] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:48:31.362] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24428 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_https.pcap.TCP_192-168-112-1_54858_192-168-112-135_8443.1726627285.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_https.pcap.TCP_192-168-112-1_54858_192-168-112-135_8443.1726627285.jsonl?X-Amz-Date=20251209T114830Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=977656be101f3b804165fceed3675fb04c75fba6a5e6e95bd8e000ae9fa50d46&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:48:31.362] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:48:31.362] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:48:31.362] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:48:31.362] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:48:31.362] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:48:31.363] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:48:31.467] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_https.pcap.TCP_192-168-112-1_54858_192-168-112-135_8443.1726627285.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309711467, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726627285371137, "etime": 1726627285371137, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 54858, "dest_port": 8443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:48:31.467] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:48:34.475] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25669 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51156.1726796707.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51156.1726796707.jsonl?X-Amz-Date=20251209T114833Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=121af04ec1d9e366fa46310d97d97278c4675a3fae1ac6f00d921c0a4eef4a30&X-Amz-Expires=604800"}
[2025-12-09 19:48:34.475] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:48:34.476] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:48:34.476] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:48:34.476] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:48:34.476] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:48:34.477] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:48:34.586] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51156.1726796707.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309714586, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726796707365874, "etime": 1726796707365874, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51156, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 19:48:34.586] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:48:34.586] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:48:34.586] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:48:37.590] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24044 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51911.1726817777.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51911.1726817777.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T114837Z&X-Amz-Signature=dceda3b068bbaf4bac8215911c2cbca0b4eb8530a4a012b3bbef2d45186a3722&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:48:37.590] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:48:37.590] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:48:37.591] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:48:37.591] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:48:37.591] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:48:37.592] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:48:37.701] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51911.1726817777.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309717700, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726817777020698, "etime": 1726817777020698, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51911, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 19:48:37.701] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:48:37.701] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:48:37.701] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:48:40.708] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24429 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51814.1726814967.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51814.1726814967.jsonl?X-Amz-Date=20251209T114840Z&X-Amz-Signature=e0d099ab9802fe1ad7adeab889cee99fc0d8d1cb21f95edd31ef0c6fa9f5f023&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 19:48:40.709] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:48:40.709] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:48:40.709] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:48:40.709] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:48:40.709] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:48:40.710] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:48:40.819] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51814.1726814967.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309720819, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726814967196763, "etime": 1726814967196763, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51814, "dest_port": 446, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 19:48:40.819] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:48:40.819] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:48:40.820] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:48:43.821] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24430 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51274.1726800903.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51274.1726800903.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=2a7ba1c22fcdf36ada60ff6fe6e6857a0730cd29839167bad3302a8cc8d0ff30&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114843Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 19:48:43.821] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:48:43.821] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:48:43.821] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:48:43.821] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:48:43.821] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:48:43.822] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:48:43.932] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51274.1726800903.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309723932, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726800903601288, "etime": 1726800903601288, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51274, "dest_port": 446, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 19:48:43.932] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:48:43.932] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:48:43.932] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:48:46.937] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24431 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_http.pcap.TCP_192-168-32-1_58083_192-168-32-40_80.1726196742.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_http.pcap.TCP_192-168-32-1_58083_192-168-32-40_80.1726196742.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114846Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=4d45863fda7d2dc6da19cf9dbc13dd5892bca3b4120eedbb9a3b9d27f329a1a3"}
[2025-12-09 19:48:46.938] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:48:46.938] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:48:46.938] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:48:46.938] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:48:46.938] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:48:46.939] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:48:47.048] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_http.pcap.TCP_192-168-32-1_58083_192-168-32-40_80.1726196742.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309727048, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726196742410208, "etime": 1726196742410208, "src_ip": "192.168.32.1", "dest_ip": "192.168.32.40", "src_port": 58083, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:48:47.048] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:48:50.044] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24432 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50445.1727159624.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50445.1727159624.jsonl?X-Amz-Expires=604800&X-Amz-Date=20251209T114849Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=6b9a10d43fcd1f03ec0cbb62e251d96d24107d9687a15d3c1ea08c80b9c95314&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:48:50.044] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:48:50.044] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:48:50.044] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:48:50.044] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:48:50.044] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:48:50.045] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:48:50.142] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50445.1727159624.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309730141, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159624196346, "etime": 1727159624196346, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50445, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:48:50.142] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:48:53.147] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24045 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID88_antsword_2.1.8.1_jsp_https.pcap.TCP_192-168-112-1_64741_192-168-112-135_8443.1726219075.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID88_antsword_2.1.8.1_jsp_https.pcap.TCP_192-168-112-1_64741_192-168-112-135_8443.1726219075.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=499e799581a8b4e7dca77204729f10380804e51a0047f700174b6dcf4e8b4f77&X-Amz-Date=20251209T114852Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 19:48:53.148] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:48:53.148] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:48:53.148] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:48:53.148] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:48:53.148] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:48:53.149] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:48:53.258] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID88_antsword_2.1.8.1_jsp_https.pcap.TCP_192-168-112-1_64741_192-168-112-135_8443.1726219075.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309733258, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726219075076593, "etime": 1726219075076593, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 64741, "dest_port": 8443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:48:53.258] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:48:56.261] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24046 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID88_antsword_2.1.8.1_jsp_https.pcap.TCP_192-168-112-1_64743_192-168-112-135_8443.1726219078.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID88_antsword_2.1.8.1_jsp_https.pcap.TCP_192-168-112-1_64743_192-168-112-135_8443.1726219078.jsonl?X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114855Z&X-Amz-Expires=604800&X-Amz-Signature=c2a80cf71fdcff38ba4aa4ab83a48c03b6535730d645a7a06c38b4d07223b2b7"}
[2025-12-09 19:48:56.261] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:48:56.261] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:48:56.262] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:48:56.262] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:48:56.262] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:48:56.263] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:48:56.374] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID88_antsword_2.1.8.1_jsp_https.pcap.TCP_192-168-112-1_64743_192-168-112-135_8443.1726219078.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309736373, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726219078612992, "etime": 1726219078612992, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 64743, "dest_port": 8443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:48:56.374] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:48:59.387] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24433 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID88_antsword_2.1.8.1_jsp_https.pcap.TCP_192-168-112-1_64745_192-168-112-135_8443.1726219080.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID88_antsword_2.1.8.1_jsp_https.pcap.TCP_192-168-112-1_64745_192-168-112-135_8443.1726219080.jsonl?X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T114858Z&X-Amz-Signature=50f4094b1866cdf13428f19e65ed009a0204ddf85517548df8d9154b76ddacef"}
[2025-12-09 19:48:59.387] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:48:59.387] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:48:59.387] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:48:59.387] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:48:59.387] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:48:59.388] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:48:59.499] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID88_antsword_2.1.8.1_jsp_https.pcap.TCP_192-168-112-1_64745_192-168-112-135_8443.1726219080.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309739498, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726219080314630, "etime": 1726219080314630, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 64745, "dest_port": 8443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:48:59.499] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:49:02.499] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24434 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-http-1.pcap.TCP_192-168-163-21_42213_192-168-163-23_80.1726208596.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-http-1.pcap.TCP_192-168-163-21_42213_192-168-163-23_80.1726208596.jsonl?X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T114902Z&X-Amz-Expires=604800&X-Amz-Signature=510dd92e1ab1ea1774c6fd70d4c735b36911e4730300a0c288d3f68cb200d870"}
[2025-12-09 19:49:02.500] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:49:02.500] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:49:02.500] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:49:02.500] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:49:02.500] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:49:02.501] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:49:02.606] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-http-1.pcap.TCP_192-168-163-21_42213_192-168-163-23_80.1726208596.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309742606, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726208596079519, "etime": 1726208596079519, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 42213, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:49:02.606] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:49:05.613] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24047 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID88_antsword_2.1.8.1_jsp_https.pcap.TCP_192-168-112-1_64739_192-168-112-135_8443.1726219071.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID88_antsword_2.1.8.1_jsp_https.pcap.TCP_192-168-112-1_64739_192-168-112-135_8443.1726219071.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T114905Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=d24d06e2d0276cf1439198da7162d4b05b318fdc204558ff77e092c0ac127ad4"}
[2025-12-09 19:49:05.614] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:49:05.614] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:49:05.614] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:49:05.614] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:49:05.614] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:49:05.615] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:49:05.722] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID88_antsword_2.1.8.1_jsp_https.pcap.TCP_192-168-112-1_64739_192-168-112-135_8443.1726219071.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309745722, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726219071364625, "etime": 1726219071364625, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 64739, "dest_port": 8443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:49:05.722] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:49:08.728] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25670 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-http-1.pcap.TCP_192-168-163-21_42204_192-168-163-23_80.1726208554.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-http-1.pcap.TCP_192-168-163-21_42204_192-168-163-23_80.1726208554.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=72198c515fad6badcb2103917e0bd868283fe71884be10e5e4a1bf2ddf196945&X-Amz-Date=20251209T114908Z"}
[2025-12-09 19:49:08.728] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:49:08.728] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:49:08.728] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:49:08.728] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:49:08.728] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:49:08.729] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:49:08.838] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-http-1.pcap.TCP_192-168-163-21_42204_192-168-163-23_80.1726208554.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309748838, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726208554302753, "etime": 1726208554302753, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 42204, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:49:08.838] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:49:11.830] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24048 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_https.pcap.TCP_192-168-112-1_54850_192-168-112-135_8443.1726627273.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_https.pcap.TCP_192-168-112-1_54850_192-168-112-135_8443.1726627273.jsonl?X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=88fda05aa689a6be1b033f76aad1a374c7cf2eb98cbd809081833cd31b49533c&X-Amz-Date=20251209T114911Z&X-Amz-Expires=604800"}
[2025-12-09 19:49:11.830] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:49:11.830] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:49:11.830] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:49:11.830] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:49:11.830] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:49:11.831] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:49:11.936] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_https.pcap.TCP_192-168-112-1_54850_192-168-112-135_8443.1726627273.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309751935, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726627273686627, "etime": 1726627273686627, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 54850, "dest_port": 8443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:49:11.936] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:49:14.945] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25671 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-http-1.pcap.TCP_192-168-163-21_42226_192-168-163-23_80.1726208633.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-http-1.pcap.TCP_192-168-163-21_42226_192-168-163-23_80.1726208633.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T114914Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=e101564f1241b143835a567bc77b822288bf1324504fb1c5ab4c9121544e0f76"}
[2025-12-09 19:49:14.945] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:49:14.945] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:49:14.946] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:49:14.946] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:49:14.946] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:49:14.946] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:49:15.058] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-http-1.pcap.TCP_192-168-163-21_42226_192-168-163-23_80.1726208633.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309755058, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726208633991204, "etime": 1726208633991204, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 42226, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:49:15.058] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:49:18.048] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25672 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux-http-1.pcap.TCP_192-168-163-21_42016_192-168-163-23_80.1726207543.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux-http-1.pcap.TCP_192-168-163-21_42016_192-168-163-23_80.1726207543.jsonl?X-Amz-Signature=ce9efc731fc3b16bd0906d747ca4a2e4326a9f0723b448da54511e8030fa5f04&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T114917Z"}
[2025-12-09 19:49:18.049] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:49:18.049] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:49:18.049] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:49:18.049] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:49:18.049] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:49:18.050] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:49:18.151] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux-http-1.pcap.TCP_192-168-163-21_42016_192-168-163-23_80.1726207543.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309758150, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726207543892355, "etime": 1726207543892355, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 42016, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:49:18.151] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:49:21.171] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24049 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-http-1.pcap.TCP_192-168-163-21_42214_192-168-163-23_80.1726208605.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-http-1.pcap.TCP_192-168-163-21_42214_192-168-163-23_80.1726208605.jsonl?X-Amz-Date=20251209T114920Z&X-Amz-Expires=604800&X-Amz-Signature=30aee28f58bbe425b9f887ebcfcd63b899a67846341d1ade97df785d21da671d&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 19:49:21.171] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:49:21.171] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:49:21.171] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:49:21.171] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:49:21.171] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:49:21.172] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:49:21.282] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-http-1.pcap.TCP_192-168-163-21_42214_192-168-163-23_80.1726208605.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309761281, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726208605926067, "etime": 1726208605926067, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 42214, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:49:21.282] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:49:24.285] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24435 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-http-1.pcap.TCP_192-168-163-21_42219_192-168-163-23_80.1726208620.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-http-1.pcap.TCP_192-168-163-21_42219_192-168-163-23_80.1726208620.jsonl?X-Amz-Date=20251209T114923Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=67ed8d4e68c29f8893a01d407e3a9e368b0255f3a59b6c3436defe77f47a6f8e"}
[2025-12-09 19:49:24.285] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:49:24.285] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:49:24.285] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:49:24.285] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:49:24.285] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:49:24.286] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:49:24.398] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-http-1.pcap.TCP_192-168-163-21_42219_192-168-163-23_80.1726208620.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309764397, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726208620379359, "etime": 1726208620379359, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 42219, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:49:24.398] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:49:27.395] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24050 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_https.pcap.TCP_192-168-112-1_54856_192-168-112-135_8443.1726627280.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_https.pcap.TCP_192-168-112-1_54856_192-168-112-135_8443.1726627280.jsonl?X-Amz-Signature=a4f66744ce69c75c48023991595c66fd596a3ccf5ee67fcdb9325b775125fd2d&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114926Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 19:49:27.396] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:49:27.396] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:49:27.396] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:49:27.396] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:49:27.396] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:49:27.397] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:49:27.498] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_https.pcap.TCP_192-168-112-1_54856_192-168-112-135_8443.1726627280.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309767498, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726627280815216, "etime": 1726627280815216, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 54856, "dest_port": 8443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:49:27.498] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:49:30.502] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24436 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID88_antsword_2.1.8.1_jsp_https.pcap.TCP_192-168-112-1_64740_192-168-112-135_8443.1726219074.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID88_antsword_2.1.8.1_jsp_https.pcap.TCP_192-168-112-1_64740_192-168-112-135_8443.1726219074.jsonl?X-Amz-Date=20251209T114930Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=53c3868cb184e10522cd27894f57bb815f4aa05f4341472b9e6a487bd54e417c"}
[2025-12-09 19:49:30.502] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:49:30.502] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:49:30.503] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:49:30.503] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:49:30.503] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:49:30.504] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:49:30.613] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID88_antsword_2.1.8.1_jsp_https.pcap.TCP_192-168-112-1_64740_192-168-112-135_8443.1726219074.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309770612, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726219074509616, "etime": 1726219074509616, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 64740, "dest_port": 8443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:49:30.613] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:49:33.604] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24437 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux-http-1.pcap.TCP_192-168-163-21_41983_192-168-163-23_80.1726207404.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux-http-1.pcap.TCP_192-168-163-21_41983_192-168-163-23_80.1726207404.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T114933Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=3861b77d7d7a6174594bc76d692816a610e7e7f5428e958cdd1bae88fb866bda&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:49:33.604] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:49:33.604] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:49:33.605] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:49:33.605] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:49:33.605] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:49:33.605] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:49:33.709] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux-http-1.pcap.TCP_192-168-163-21_41983_192-168-163-23_80.1726207404.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309773708, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726207404658134, "etime": 1726207404658134, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 41983, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:49:33.709] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:49:36.716] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24051 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-http-1.pcap.TCP_192-168-163-21_42209_192-168-163-23_80.1726208573.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-http-1.pcap.TCP_192-168-163-21_42209_192-168-163-23_80.1726208573.jsonl?X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=252989b4c525c3fb51a2e8e0bb5773072fa191aaa860b325b92ec82d9ae27dff&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T114936Z"}
[2025-12-09 19:49:36.716] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:49:36.716] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:49:36.716] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:49:36.717] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:49:36.717] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:49:36.717] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:49:36.827] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-http-1.pcap.TCP_192-168-163-21_42209_192-168-163-23_80.1726208573.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309776826, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726208573986042, "etime": 1726208573986042, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 42209, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:49:36.827] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:49:39.820] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24052 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_https.pcap.TCP_192-168-112-1_54851_192-168-112-135_8443.1726627275.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_https.pcap.TCP_192-168-112-1_54851_192-168-112-135_8443.1726627275.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114939Z&X-Amz-SignedHeaders=host&X-Amz-Signature=4a68351518fa5be72a8ce65df502112cf5831bbba49edc00b90bc57f837d5340"}
[2025-12-09 19:49:39.820] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:49:39.820] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:49:39.820] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:49:39.820] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:49:39.820] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:49:39.821] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:49:39.927] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_https.pcap.TCP_192-168-112-1_54851_192-168-112-135_8443.1726627275.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309779926, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726627275251157, "etime": 1726627275251157, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 54851, "dest_port": 8443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:49:39.927] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:49:42.939] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24053 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51907.1726817685.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51907.1726817685.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=2b0df5531c0d8eabe1c069a158469e1b35ac53331577278bd4d189ef4ebe11b1&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114942Z"}
[2025-12-09 19:49:42.939] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:49:42.939] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:49:42.939] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:49:42.940] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:49:42.940] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:49:42.941] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:49:43.055] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51907.1726817685.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309783055, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726817685669791, "etime": 1726817685669791, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51907, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:49:43.055] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:49:43.055] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:49:43.055] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:49:46.042] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25673 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51910.1726817761.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51910.1726817761.jsonl?X-Amz-Expires=604800&X-Amz-Date=20251209T114945Z&X-Amz-Signature=8d866e9ed870aabc516b2959460439e53d02fa75999a6e8254dd56ff20585f5f&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:49:46.042] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:49:46.042] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:49:46.042] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:49:46.042] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:49:46.042] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:49:46.043] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:49:46.143] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51910.1726817761.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309786143, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726817761587139, "etime": 1726817761587139, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51910, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:49:46.143] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:49:46.143] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:49:46.143] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:49:49.169] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25674 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51913.1726817837.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51913.1726817837.jsonl?X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T114948Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=88d037eb146e361ba447d89664b0f8e982250723a11a9635e0a25603c27d9cf8"}
[2025-12-09 19:49:49.169] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:49:49.170] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:49:49.170] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:49:49.170] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:49:49.170] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:49:49.171] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:49:49.280] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51913.1726817837.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309789279, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726817837490769, "etime": 1726817837490769, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51913, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:49:49.280] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:49:49.280] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:49:49.280] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:49:52.283] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24054 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51152.1726796616.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51152.1726796616.jsonl?X-Amz-Signature=36d086ddde3c1c47e16e174793d6cc004fbc8e27695550e27671870de5f503ec&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T114951Z&X-Amz-Expires=604800"}
[2025-12-09 19:49:52.283] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:49:52.283] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:49:52.283] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:49:52.284] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:49:52.284] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:49:52.284] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:49:52.400] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51152.1726796616.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309792399, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726796616036795, "etime": 1726796616036795, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51152, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:49:52.400] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:49:52.400] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:49:52.400] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:49:55.397] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24438 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51155.1726796691.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51155.1726796691.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=a79990fb065cc900f7c49c2a007a9742fadc59a1358cb0435381cc000f754b80&X-Amz-Date=20251209T114954Z"}
[2025-12-09 19:49:55.397] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:49:55.397] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:49:55.397] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:49:55.398] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:49:55.398] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:49:55.398] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:49:55.503] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51155.1726796691.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309795502, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726796691923763, "etime": 1726796691923763, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51155, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:49:55.503] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:49:55.503] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:49:55.503] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:49:58.510] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24055 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51158.1726796767.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51158.1726796767.jsonl?X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T114958Z&X-Amz-Expires=604800&X-Amz-Signature=2f24be896550e7f76d29e924e3622be5020293ac014fb6a71284e86f0753062b&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:49:58.511] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:49:58.511] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:49:58.511] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:49:58.511] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:49:58.511] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:49:58.512] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:49:58.622] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51158.1726796767.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309798621, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726796767859603, "etime": 1726796767859603, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51158, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:49:58.622] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:49:58.622] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:49:58.622] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:50:01.628] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24056 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_https.pcap.TCP_192-168-112-1_54848_192-168-112-135_8443.1726627269.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_https.pcap.TCP_192-168-112-1_54848_192-168-112-135_8443.1726627269.jsonl?X-Amz-Date=20251209T115001Z&X-Amz-SignedHeaders=host&X-Amz-Signature=1680694ad639678ddb68f0412ae5c770a8101dd2c396cc88954700145d815459&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:50:01.628] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:50:01.628] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:50:01.628] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:50:01.628] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:50:01.628] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:50:01.629] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:50:01.741] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_https.pcap.TCP_192-168-112-1_54848_192-168-112-135_8443.1726627269.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309801740, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726627269746756, "etime": 1726627269746756, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 54848, "dest_port": 8443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:50:01.741] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:50:04.740] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25675 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux-http-1.pcap.TCP_192-168-163-21_42018_192-168-163-23_80.1726207584.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux-http-1.pcap.TCP_192-168-163-21_42018_192-168-163-23_80.1726207584.jsonl?X-Amz-Expires=604800&X-Amz-Date=20251209T115004Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=d4549e635ae22606d6f1c27af7b67b1de592657e26897187f80e109bdf1b6422"}
[2025-12-09 19:50:04.740] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:50:04.740] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:50:04.740] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:50:04.740] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:50:04.740] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:50:04.741] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:50:04.849] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux-http-1.pcap.TCP_192-168-163-21_42018_192-168-163-23_80.1726207584.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309804848, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726207584218767, "etime": 1726207584218767, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 42018, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:50:04.849] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:50:07.851] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24057 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_https.pcap.TCP_192-168-112-1_54857_192-168-112-135_8443.1726627282.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_https.pcap.TCP_192-168-112-1_54857_192-168-112-135_8443.1726627282.jsonl?X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Date=20251209T115007Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=51ed5808f64ad6a63ff5b49ee8dfa5fb675fb283cb2add5a4147f2e2ebc96206&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:50:07.852] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:50:07.852] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:50:07.852] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:50:07.852] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:50:07.852] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:50:07.853] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:50:07.963] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_https.pcap.TCP_192-168-112-1_54857_192-168-112-135_8443.1726627282.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309807963, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726627282789029, "etime": 1726627282789029, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 54857, "dest_port": 8443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:50:07.963] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:50:10.962] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25676 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_http.pcap.TCP_192-168-32-1_57835_192-168-32-40_80.1726196728.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_http.pcap.TCP_192-168-32-1_57835_192-168-32-40_80.1726196728.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=060e25a897d25ec983115c1f6f16b19ee58043ff288ad0180509e1bea887a18e&X-Amz-Date=20251209T115010Z&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:50:10.962] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:50:10.962] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:50:10.962] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:50:10.962] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:50:10.962] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:50:10.963] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:50:11.069] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_http.pcap.TCP_192-168-32-1_57835_192-168-32-40_80.1726196728.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309811069, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726196728239369, "etime": 1726196728239369, "src_ip": "192.168.32.1", "dest_ip": "192.168.32.40", "src_port": 57835, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:50:11.069] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:50:14.076] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25677 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51810.1726814875.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51810.1726814875.jsonl?X-Amz-Signature=5ad01a3e6f878d0965cdfe66dfc542fbb968e791baad9f84f8bf8c40bae16f73&X-Amz-Date=20251209T115013Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Expires=604800"}
[2025-12-09 19:50:14.076] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:50:14.076] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:50:14.076] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:50:14.076] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:50:14.076] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:50:14.077] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:50:14.188] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51810.1726814875.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309814188, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726814875856371, "etime": 1726814875856371, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51810, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:50:14.189] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:50:14.189] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:50:14.189] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:50:17.192] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24439 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51813.1726814951.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51813.1726814951.jsonl?X-Amz-Expires=604800&X-Amz-Date=20251209T115016Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=97f0b4a1e0e7447ffc4b1c4f331d6328fab9eca90de83f633b0ff17f0dcd1211"}
[2025-12-09 19:50:17.192] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:50:17.192] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:50:17.192] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:50:17.192] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:50:17.192] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:50:17.193] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:50:17.303] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51813.1726814951.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309817303, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726814951753833, "etime": 1726814951753833, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51813, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:50:17.303] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:50:17.303] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:50:17.303] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:50:20.309] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24440 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51816.1726815027.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51816.1726815027.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T115019Z&X-Amz-Expires=604800&X-Amz-Signature=b80af36950dc57556eabb5c5b61c21bba6c9b1547329a707a4d6e6cf06057ec2&X-Amz-SignedHeaders=host"}
[2025-12-09 19:50:20.309] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:50:20.309] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:50:20.309] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:50:20.309] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:50:20.309] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:50:20.310] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:50:20.419] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51816.1726815027.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309820419, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726815027628973, "etime": 1726815027628973, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51816, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:50:20.419] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:50:20.419] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:50:20.419] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:50:23.419] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24441 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51270.1726800812.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51270.1726800812.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=0b0ffe6e7afd4092b7e73ecedb3e73c4df2ad90a65d6dc96409e43ad8b82c78f&X-Amz-Expires=604800&X-Amz-Date=20251209T115022Z&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:50:23.419] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:50:23.419] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:50:23.419] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:50:23.419] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:50:23.419] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:50:23.420] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:50:23.521] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51270.1726800812.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309823520, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726800812294590, "etime": 1726800812294590, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51270, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:50:23.521] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:50:23.521] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:50:23.521] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:50:26.537] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24058 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51273.1726800888.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51273.1726800888.jsonl?X-Amz-Signature=b4c2a5f98a27ee31529c6ceadff45883241b1884d7869d8799ee54d8c99824eb&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T115026Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 19:50:26.538] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:50:26.538] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:50:26.538] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:50:26.538] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:50:26.538] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:50:26.539] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:50:26.648] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51273.1726800888.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309826647, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726800888157473, "etime": 1726800888157473, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51273, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:50:26.648] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:50:26.648] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:50:26.648] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:50:29.651] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24059 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51276.1726800964.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51276.1726800964.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T115029Z&X-Amz-Signature=b51a97d0acefecbcf2c89a7ad88a0c2cf326b4c1f16bcefa7248f58086177940&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:50:29.651] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:50:29.651] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:50:29.651] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:50:29.651] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:50:29.651] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:50:29.652] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:50:29.765] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51276.1726800964.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309829764, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726800964034758, "etime": 1726800964034758, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51276, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:50:29.765] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:50:29.765] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:50:29.765] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:50:32.759] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25678 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux-http-1.pcap.TCP_192-168-163-21_42017_192-168-163-23_80.1726207569.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux-http-1.pcap.TCP_192-168-163-21_42017_192-168-163-23_80.1726207569.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T115032Z&X-Amz-Signature=319a89d0a52ae98eaac1ad0c3f42865d964371f8cdda63cd715943274c1b9ba8"}
[2025-12-09 19:50:32.760] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:50:32.760] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:50:32.760] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:50:32.760] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:50:32.760] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:50:32.761] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:50:32.854] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux-http-1.pcap.TCP_192-168-163-21_42017_192-168-163-23_80.1726207569.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309832853, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726207569358938, "etime": 1726207569358938, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 42017, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:50:32.854] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:50:35.862] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25679 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51904.1726817609.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51904.1726817609.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T115035Z&X-Amz-Signature=8e9b9fc509c36a1df6e60d1a6b6d67d86a785362d8b0a0eebd88504b125ef262"}
[2025-12-09 19:50:35.862] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:50:35.862] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:50:35.863] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:50:35.863] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:50:35.863] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:50:35.864] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:50:35.975] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51904.1726817609.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309835975, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726817609754651, "etime": 1726817609754651, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51904, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:50:35.975] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:50:35.975] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:50:35.976] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:50:38.967] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24060 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51149.1726796540.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51149.1726796540.jsonl?X-Amz-Date=20251209T115038Z&X-Amz-Expires=604800&X-Amz-Signature=5daf0c5d38d198fe17a5f3a5666c49be21b90e5a9e52b4bb527af70a95027b3e&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 19:50:38.967] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:50:38.967] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:50:38.967] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:50:38.967] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:50:38.967] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:50:38.968] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:50:39.071] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51149.1726796540.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309839071, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726796540166380, "etime": 1726796540166380, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51149, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:50:39.071] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:50:39.071] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:50:39.071] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:50:42.081] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24442 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51867.1726816604.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51867.1726816604.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T115041Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=a2a160074cf42c74fa9c0886f62d941cd4010a2a017685bca8028b362da9b4a2"}
[2025-12-09 19:50:42.081] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:50:42.081] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:50:42.081] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:50:42.082] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:50:42.082] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:50:42.082] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:50:42.192] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51867.1726816604.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309842192, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726816604578792, "etime": 1726816604578792, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51867, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:50:42.192] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:50:42.192] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:50:42.192] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:50:45.194] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24443 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51870.1726816680.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51870.1726816680.jsonl?X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=8a48e1031a2b6df39c045f01e0f0455c3ae764ef462b96d7755a021469f2a412&X-Amz-Date=20251209T115044Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:50:45.194] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:50:45.194] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:50:45.194] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:50:45.194] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:50:45.194] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:50:45.195] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:50:45.306] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51870.1726816680.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309845305, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726816680523235, "etime": 1726816680523235, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51870, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:50:45.306] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:50:45.306] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:50:45.306] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:50:48.297] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24444 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51111.1726795487.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51111.1726795487.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T115047Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=0220d7c3532eee7c451d277f4f4711908cb52a5a2e4449359110cb2ad44696b1"}
[2025-12-09 19:50:48.297] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:50:48.297] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:50:48.297] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:50:48.297] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:50:48.297] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:50:48.298] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:50:48.411] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51111.1726795487.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309848410, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726795487649673, "etime": 1726795487649673, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51111, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:50:48.411] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:50:48.411] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:50:48.411] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:50:51.409] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25680 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51114.1726795563.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51114.1726795563.jsonl?X-Amz-Expires=604800&X-Amz-Signature=38834c8e5788f161dcd70c09db6dd810577a8eea59ddfb981bbe5829e823055f&X-Amz-Date=20251209T115050Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 19:50:51.409] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:50:51.409] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:50:51.409] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:50:51.409] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:50:51.409] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:50:51.410] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:50:51.514] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51114.1726795563.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309851513, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726795563520347, "etime": 1726795563520347, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51114, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:50:51.514] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:50:51.514] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:50:51.514] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:50:54.512] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24061 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_https.pcap.TCP_192-168-112-1_54849_192-168-112-135_8443.1726627273.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_https.pcap.TCP_192-168-112-1_54849_192-168-112-135_8443.1726627273.jsonl?X-Amz-Date=20251209T115054Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=459693ea8d64746fbda18c4ac94603a8f09ebe92fe5df62fb4a323d0abcab403&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:50:54.512] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:50:54.512] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:50:54.512] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:50:54.512] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:50:54.512] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:50:54.513] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:50:54.617] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID87_antsword_2.1.0_jsp_https.pcap.TCP_192-168-112-1_54849_192-168-112-135_8443.1726627273.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309854617, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726627273198151, "etime": 1726627273198151, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 54849, "dest_port": 8443, "protocol": "tls", "result": "Godzilla"}]}
[2025-12-09 19:50:54.617] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:50:54.617] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:50:54.617] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:50:57.613] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24062 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux-http-1.pcap.TCP_192-168-163-21_42003_192-168-163-23_80.1726207471.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux-http-1.pcap.TCP_192-168-163-21_42003_192-168-163-23_80.1726207471.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T115057Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=d2900aa209426f36d62534585460e2a3236aa64ce40822020aab44e0ae434014"}
[2025-12-09 19:50:57.613] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:50:57.613] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:50:57.614] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:50:57.614] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:50:57.614] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:50:57.614] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:50:57.716] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux-http-1.pcap.TCP_192-168-163-21_42003_192-168-163-23_80.1726207471.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309857715, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726207471023172, "etime": 1726207471023172, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 42003, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:50:57.716] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:51:00.723] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24063 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51807.1726814799.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51807.1726814799.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=754389ba569c8eb4d4daec6bef3d43e5874be0aa09ab6f469a11c589d61c1c23&X-Amz-Date=20251209T115100Z&X-Amz-Expires=604800"}
[2025-12-09 19:51:00.723] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:51:00.723] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:51:00.723] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:51:00.723] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:51:00.723] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:51:00.724] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:51:00.834] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51807.1726814799.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309860833, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726814799990987, "etime": 1726814799990987, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51807, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:51:00.834] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:51:00.834] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:51:00.834] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:51:03.837] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24445 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51267.1726800736.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51267.1726800736.jsonl?X-Amz-Date=20251209T115103Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=a27894f936bd8c70caae81396d2f65a2025f467998e4534cdc009f1970bdd1a5"}
[2025-12-09 19:51:03.838] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:51:03.838] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:51:03.838] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:51:03.838] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:51:03.838] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:51:03.839] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:51:03.948] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51267.1726800736.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309863947, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726800736369572, "etime": 1726800736369572, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51267, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:51:03.948] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:51:03.948] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:51:03.948] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:51:06.941] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25681 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51767.1726813702.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51767.1726813702.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Date=20251209T115106Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=7e7ffc3cbc0e281998f9849bfb4178d271d8cf62e237ccc773df23dbed6c860c"}
[2025-12-09 19:51:06.941] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:51:06.941] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:51:06.941] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:51:06.941] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:51:06.941] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:51:06.943] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:51:07.057] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51767.1726813702.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309867056, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726813702346496, "etime": 1726813702346496, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51767, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:51:07.057] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:51:07.057] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:51:07.057] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:51:10.053] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24446 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51770.1726813778.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51770.1726813778.jsonl?X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=c9e15d2c3e88f1c1b15aa89d201b309587cc665198237ddf7690e55e53ca42d7&X-Amz-Date=20251209T115109Z"}
[2025-12-09 19:51:10.053] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:51:10.053] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:51:10.053] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:51:10.053] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:51:10.053] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:51:10.054] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:51:10.168] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51770.1726813778.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309870167, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726813778251253, "etime": 1726813778251253, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51770, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:51:10.168] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:51:10.168] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:51:10.168] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:51:13.168] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25682 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51864.1726816528.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51864.1726816528.jsonl?X-Amz-Signature=405b61796b944dc7fd8bddbdb0c8478550ee4aa4bbea1418c103ec6def4c363d&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T115112Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:51:13.168] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:51:13.168] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:51:13.169] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:51:13.169] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:51:13.169] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:51:13.170] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:51:13.279] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51864.1726816528.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309873279, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726816528714237, "etime": 1726816528714237, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51864, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:51:13.279] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:51:13.279] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:51:13.279] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:51:16.273] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25683 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51221.1726799571.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51221.1726799571.jsonl?X-Amz-Signature=35974adaab3c2a62dc519c39e38f42972ab7664b6bac96c71a7cf7987f413e30&X-Amz-Date=20251209T115115Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:51:16.273] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:51:16.273] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:51:16.273] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:51:16.273] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:51:16.273] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:51:16.274] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:51:16.375] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51221.1726799571.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309876375, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726799571828221, "etime": 1726799571828221, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51221, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:51:16.375] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:51:16.375] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:51:16.375] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:51:19.380] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24447 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51224.1726799647.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51224.1726799647.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=d5e9fc1d7edffa2df887e1bdf48e10da16983db6c93e9dc11449eef8f637d5c7&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T115118Z"}
[2025-12-09 19:51:19.380] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:51:19.380] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:51:19.380] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:51:19.380] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:51:19.380] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:51:19.381] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:51:19.491] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51224.1726799647.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309879490, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726799647723038, "etime": 1726799647723038, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51224, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:51:19.491] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:51:19.491] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:51:19.491] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:51:22.495] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25684 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51108.1726795411.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51108.1726795411.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T115122Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=4bef9c00f5bc515c65223536d911906ba91593e715bc8ff74fcd011550ea8e13"}
[2025-12-09 19:51:22.495] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:51:22.495] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:51:22.495] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:51:22.495] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:51:22.495] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:51:22.496] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:51:22.605] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51108.1726795411.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309882605, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726795411785346, "etime": 1726795411785346, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51108, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:51:22.605] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:51:22.605] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:51:22.605] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:51:25.615] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24448 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51764.1726813626.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51764.1726813626.jsonl?X-Amz-Expires=604800&X-Amz-Signature=f50ebed0a4f7508d5a658fbfe245091f240946ca3e3b5dda937c5ca691c444fa&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T115125Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 19:51:25.616] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:51:25.616] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:51:25.616] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:51:25.616] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:51:25.616] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:51:25.617] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:51:25.726] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51764.1726813626.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309885725, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726813626421720, "etime": 1726813626421720, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51764, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:51:25.726] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:51:25.726] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:51:25.726] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:51:28.729] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24064 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51218.1726799495.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51218.1726799495.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T115128Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=2c891a4b1f8140ef66f8421c3dc9e40d5b731686f1d95c229c8a3891e5dec108&X-Amz-SignedHeaders=host"}
[2025-12-09 19:51:28.730] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:51:28.730] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:51:28.730] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:51:28.730] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:51:28.730] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:51:28.731] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:51:28.839] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51218.1726799495.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309888838, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726799495966027, "etime": 1726799495966027, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51218, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:51:28.839] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:51:28.839] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:51:28.839] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:51:31.842] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24449 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_http-1.pcap.TCP_192-168-163-21_41737_192-168-163-23_80.1726206235.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_http-1.pcap.TCP_192-168-163-21_41737_192-168-163-23_80.1726206235.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=0c80df7a1d16b6cee7a589251227a4b35eae447477ae09b99e2241dc80af2306&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T115131Z"}
[2025-12-09 19:51:31.842] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:51:31.842] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:51:31.842] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:51:31.842] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:51:31.842] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:51:31.843] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:51:31.951] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_http-1.pcap.TCP_192-168-163-21_41737_192-168-163-23_80.1726206235.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309891950, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726206235373298, "etime": 1726206235373298, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 41737, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:51:31.951] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:51:34.954] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24065 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51905.1726817625.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51905.1726817625.jsonl?X-Amz-Signature=c83014e42607db5ae318acf728f430e84df391af8eedea310dc87136228f47df&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T115134Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:51:34.954] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:51:34.954] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:51:34.954] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:51:34.954] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:51:34.954] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:51:34.955] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:51:35.065] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51905.1726817625.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309895065, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726817625182947, "etime": 1726817625182947, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51905, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:51:35.066] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:51:35.066] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:51:35.066] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:51:38.063] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24450 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51150.1726796555.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51150.1726796555.jsonl?X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=151600ed17dfad97a77258b227ed4265723b40d1d7d2ac0c271a36e86354cbd9&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T115137Z"}
[2025-12-09 19:51:38.063] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:51:38.063] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:51:38.064] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:51:38.064] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:51:38.064] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:51:38.064] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:51:38.161] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51150.1726796555.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309898161, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726796555607769, "etime": 1726796555607769, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51150, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:51:38.161] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:51:38.161] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:51:38.161] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:51:41.183] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24066 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51808.1726814815.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51808.1726814815.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=dfd3406df682cf3c65d775723b3bcf4774cbce6b19674901443acfe0091b4d85&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T115140Z&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:51:41.183] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:51:41.183] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:51:41.183] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:51:41.183] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:51:41.184] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:51:41.184] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:51:41.294] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51808.1726814815.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309901294, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726814815421540, "etime": 1726814815421540, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51808, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:51:41.294] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:51:41.294] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:51:41.294] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:51:44.296] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25685 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51268.1726800751.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51268.1726800751.jsonl?X-Amz-Date=20251209T115143Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=05249f4a6563bed2ea467a9fca9a4eaba638885c6c662acbe05f3eb7efa0f477&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 19:51:44.296] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:51:44.296] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:51:44.296] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:51:44.296] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:51:44.296] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:51:44.297] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:51:44.409] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51268.1726800751.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309904409, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726800751837711, "etime": 1726800751837711, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51268, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:51:44.409] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:51:44.409] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:51:44.409] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:51:47.405] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24067 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http.pcap.TCP_192-168-112-1_55484_192-168-112-135_80.1727254857.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http.pcap.TCP_192-168-112-1_55484_192-168-112-135_80.1727254857.jsonl?X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T115146Z&X-Amz-Signature=a1df956e7b04c279bc4a930ba831025607c818ff961f0d38c770b1633301c7a5&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host"}
[2025-12-09 19:51:47.405] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:51:47.405] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:51:47.406] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:51:47.406] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:51:47.406] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:51:47.406] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:51:47.475] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http.pcap.TCP_192-168-112-1_55484_192-168-112-135_80.1727254857.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309907474, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727254857212933, "etime": 1727254857212933, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 55484, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:51:47.475] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:51:50.527] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25686 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID88_antsword_2.1.8.1_jsp_https.pcap.TCP_192-168-112-1_64738_192-168-112-135_8443.1726219066.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID88_antsword_2.1.8.1_jsp_https.pcap.TCP_192-168-112-1_64738_192-168-112-135_8443.1726219066.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=6877c664ec541796a3ea6e4ed64818c0ae9c5164f10b544e7c50b2f1454d6e88&X-Amz-Date=20251209T115150Z&X-Amz-Expires=604800"}
[2025-12-09 19:51:50.527] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:51:50.527] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:51:50.527] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:51:50.528] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:51:50.528] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:51:50.528] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:51:50.633] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID88_antsword_2.1.8.1_jsp_https.pcap.TCP_192-168-112-1_64738_192-168-112-135_8443.1726219066.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309910633, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726219066161189, "etime": 1726219066161189, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 64738, "dest_port": 8443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:51:50.633] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:51:53.629] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25687 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51147.1726796464.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51147.1726796464.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=2db7047aa767606f8fa2ce7b51847af0f61bd4c54e349b8ab04845c87993f46e&X-Amz-Date=20251209T115153Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 19:51:53.630] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:51:53.630] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:51:53.630] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:51:53.630] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:51:53.630] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:51:53.631] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:51:53.738] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51147.1726796464.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309913737, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726796464731835, "etime": 1726796464731835, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51147, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:51:53.738] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:51:53.738] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:51:53.738] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:51:56.749] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24068 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51908.1726817701.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51908.1726817701.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T115156Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=cb2f20ff2ce874aead9ae91325ebbfb562ba8157ec23ac9e2b0a8b34a059cd29"}
[2025-12-09 19:51:56.749] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:51:56.749] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:51:56.749] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:51:56.749] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:51:56.749] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:51:56.750] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:51:56.860] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51908.1726817701.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309916860, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726817701131928, "etime": 1726817701131928, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51908, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:51:56.860] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:51:56.860] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:51:56.860] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:51:59.859] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24069 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51914.1726817852.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51914.1726817852.jsonl?X-Amz-Expires=604800&X-Amz-Signature=cb398fc29a44114a257d4700e5b8ddf5701cf393578374138c85f128b1c17dc7&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T115159Z&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:51:59.859] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:51:59.859] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:51:59.859] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:51:59.859] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:51:59.859] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:51:59.860] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:51:59.961] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51914.1726817852.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309919961, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726817852939448, "etime": 1726817852939448, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51914, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:51:59.961] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:51:59.961] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:51:59.961] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:52:02.973] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24451 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51153.1726796631.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51153.1726796631.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=d79a59b7879eb2cb2c9c231e446f9bec653484c14732cc7f81b02b89d5333497&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T115202Z"}
[2025-12-09 19:52:02.973] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:52:02.973] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:52:02.973] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:52:02.973] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:52:02.973] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:52:02.974] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:52:03.084] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51153.1726796631.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309923083, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726796631511396, "etime": 1726796631511396, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51153, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:52:03.084] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:52:03.084] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:52:03.084] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:52:06.088] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24452 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51159.1726796783.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51159.1726796783.jsonl?X-Amz-Signature=bfff8b2d24cdba57a4a6012bf223c87f441913c9c157db369b9db8ece03f805e&X-Amz-Expires=604800&X-Amz-Date=20251209T115205Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host"}
[2025-12-09 19:52:06.088] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:52:06.088] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:52:06.088] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:52:06.088] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:52:06.088] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:52:06.089] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:52:06.198] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51159.1726796783.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309926198, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726796783315699, "etime": 1726796783315699, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51159, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:52:06.198] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:52:06.198] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:52:06.199] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:52:09.206] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24070 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51805.1726814724.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51805.1726814724.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T115208Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=6c80b6fe5301eeda50ceb550a5811717e8c39358eb05fa64ab8934077af3c7b7"}
[2025-12-09 19:52:09.206] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:52:09.206] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:52:09.207] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:52:09.207] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:52:09.207] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:52:09.208] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:52:09.316] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51805.1726814724.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309929316, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726814724556757, "etime": 1726814724556757, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51805, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:52:09.316] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:52:09.316] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:52:09.316] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:52:12.317] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24071 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51898.1726817457.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51898.1726817457.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T115211Z&X-Amz-Expires=604800&X-Amz-Signature=5c18720a157b3f1992937973bac76b9aadd46e4d343606f0e0812ab1f6780558"}
[2025-12-09 19:52:12.317] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:52:12.317] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:52:12.317] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:52:12.318] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:52:12.318] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:52:12.318] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:52:12.430] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51898.1726817457.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309932430, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726817457283627, "etime": 1726817457283627, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51898, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:52:12.430] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:52:12.430] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:52:12.430] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:52:15.421] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24453 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51142.1726796372.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51142.1726796372.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T115214Z&X-Amz-Signature=77ee0a67edf498557ef0c571e12a4b0bb3bc3ef3e59929dad9edcef87d5d19a0&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:52:15.421] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:52:15.421] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:52:15.421] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:52:15.421] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:52:15.421] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:52:15.422] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:52:15.534] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51142.1726796372.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309935533, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726796372166386, "etime": 1726796372166386, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51142, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:52:15.534] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:52:15.534] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:52:15.534] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:52:18.536] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25688 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51862.1726816453.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51862.1726816453.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T115218Z&X-Amz-Signature=d771ff6480e246f24d840fa0f54f036e8ab957cdf8651329fa49699e4fef072b&X-Amz-Expires=604800"}
[2025-12-09 19:52:18.536] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:52:18.536] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:52:18.537] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:52:18.537] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:52:18.537] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:52:18.538] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:52:18.646] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51862.1726816453.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309938645, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726816453262985, "etime": 1726816453262985, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51862, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:52:18.646] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:52:18.646] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:52:18.646] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:52:21.655] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24454 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51106.1726795336.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51106.1726795336.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=ec354c1eab8dffa62795e6737f6e164c5e15def0ade1fcdbcac6eedc563314a1&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T115221Z"}
[2025-12-09 19:52:21.655] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:52:21.655] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:52:21.655] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:52:21.655] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:52:21.655] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:52:21.656] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:52:21.764] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51106.1726795336.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309941764, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726795336342989, "etime": 1726795336342989, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51106, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:52:21.764] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:52:21.764] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:52:21.764] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:52:24.765] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25689 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51800.1726814632.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51800.1726814632.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=45d24c0c37ee07d1d4435e26253e6fd9128f7f2461f7752cd3b654bb39d00bc2&X-Amz-Date=20251209T115224Z&X-Amz-Expires=604800"}
[2025-12-09 19:52:24.766] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:52:24.766] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:52:24.766] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:52:24.766] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:52:24.766] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:52:24.767] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:52:24.880] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51800.1726814632.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309944879, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726814632001396, "etime": 1726814632001396, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51800, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:52:24.880] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:52:24.880] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:52:24.880] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:52:27.868] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24455 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51260.1726800568.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51260.1726800568.jsonl?X-Amz-Signature=691964ed523b209d0ce8e65dda3ae5a5ad46998ed95b9886913ece4d2f59aa66&X-Amz-Date=20251209T115227Z&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host"}
[2025-12-09 19:52:27.869] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:52:27.869] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:52:27.869] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:52:27.869] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:52:27.869] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:52:27.870] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:52:27.979] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51260.1726800568.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309947979, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726800568894429, "etime": 1726800568894429, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51260, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:52:27.980] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:52:27.980] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:52:27.980] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:52:30.988] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25690 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51216.1726799420.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51216.1726799420.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T115230Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=9ec1dd83f346f5d92e83edaedf7db3df68135d547d684052b464bfa5aa8e7636"}
[2025-12-09 19:52:30.988] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:52:30.988] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:52:30.989] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:52:30.989] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:52:30.989] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:52:30.990] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:52:31.100] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51216.1726799420.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309951099, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726799420509946, "etime": 1726799420509946, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51216, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:52:31.100] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:52:31.100] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:52:31.100] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:52:34.092] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25691 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51811.1726814891.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51811.1726814891.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=8f6f0f49ffbaf3219f2a5d77c843f99b278beddda4e8172b6469e9320a0a82f7&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T115233Z"}
[2025-12-09 19:52:34.092] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:52:34.092] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:52:34.092] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:52:34.092] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:52:34.092] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:52:34.093] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:52:34.198] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51811.1726814891.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309954197, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726814891301072, "etime": 1726814891301072, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51811, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:52:34.198] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:52:34.198] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:52:34.198] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:52:37.205] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25692 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51271.1726800827.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51271.1726800827.jsonl?X-Amz-Date=20251209T115236Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=a6bcc5231ef0b316b980a2bd943c7a1a9c653d42425ff7f0bf7327d97437bbe0"}
[2025-12-09 19:52:37.205] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:52:37.205] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:52:37.206] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:52:37.206] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:52:37.206] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:52:37.207] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:52:37.316] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51271.1726800827.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309957316, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726800827740005, "etime": 1726800827740005, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51271, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:52:37.316] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:52:37.316] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:52:37.316] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:52:40.330] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24072 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51277.1726800979.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51277.1726800979.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=7fac7d73347881eb419d7732531b26b1d04cafd502fe38600c91e00d9e70d7b0&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Date=20251209T115239Z"}
[2025-12-09 19:52:40.330] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:52:40.330] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:52:40.331] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:52:40.331] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:52:40.331] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:52:40.331] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:52:40.444] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51277.1726800979.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309960443, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726800979479221, "etime": 1726800979479221, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51277, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:52:40.444] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:52:40.444] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:52:40.444] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:52:43.431] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25693 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_http-1.pcap.TCP_192-168-163-21_41383_192-168-163-23_80.1726204486.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_http-1.pcap.TCP_192-168-163-21_41383_192-168-163-23_80.1726204486.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Date=20251209T115242Z&X-Amz-SignedHeaders=host&X-Amz-Signature=cf649de104851562ae4cc0f09800963739ac54b177cacb34a260fd86b6e7ffe3&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:52:43.432] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:52:43.432] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:52:43.432] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:52:43.432] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:52:43.432] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:52:43.433] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:52:43.538] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_http-1.pcap.TCP_192-168-163-21_41383_192-168-163-23_80.1726204486.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309963538, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726204486629031, "etime": 1726204486629031, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 41383, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:52:43.538] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:52:46.548] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24456 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_http-1.pcap.TCP_192-168-163-21_41342_192-168-163-23_80.1726204181.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_http-1.pcap.TCP_192-168-163-21_41342_192-168-163-23_80.1726204181.jsonl?X-Amz-Date=20251209T115246Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=1c7a2be562aca9fec79e325359dc6d5a93cf47aa03c5aa0e08bc0fe619a2ec91&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:52:46.548] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:52:46.548] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:52:46.548] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:52:46.548] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:52:46.548] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:52:46.549] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:52:46.661] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_http-1.pcap.TCP_192-168-163-21_41342_192-168-163-23_80.1726204181.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309966661, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726204181773669, "etime": 1726204181773669, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 41342, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:52:46.661] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:52:49.650] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25694 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_http-1.pcap.TCP_192-168-163-21_41721_192-168-163-23_80.1726206189.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_http-1.pcap.TCP_192-168-163-21_41721_192-168-163-23_80.1726206189.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T115249Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=fe0c0ebe2095ec07f85737d069b0866df06d39c19c9ba2fecfe26d15ca670c96&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:52:49.650] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:52:49.650] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:52:49.650] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:52:49.650] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:52:49.650] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:52:49.651] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:52:49.756] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_http-1.pcap.TCP_192-168-163-21_41721_192-168-163-23_80.1726206189.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765309969756, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726206189682240, "etime": 1726206189682240, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 41721, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:52:49.756] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:52:52.754] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24457 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51902.1726817549.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51902.1726817549.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=81c306204db7eb3cdc47ea0681200e3b5f84ffa2aa536268c34a1fdfe71612f3&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T115252Z"}
[2025-12-09 19:52:52.754] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:52:52.754] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:52:52.754] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:52:52.754] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:52:52.755] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:52:52.755] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:52:52.841] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51902.1726817549.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765309972841, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726817549330216, "etime": 1726817549330216, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51902, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 19:52:52.841] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:52:52.841] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:52:52.841] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:54:43.408] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25695 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_44018.1726130594.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_44018.1726130594.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T115442Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=e7244978dac9eac1c09b8b291821395d8707a891501d3b383e9fa9d70bd98759"}
[2025-12-09 19:54:43.408] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:54:43.408] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:54:43.408] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:54:43.408] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:54:43.408] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:54:43.409] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:54:43.520] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_44018.1726130594.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310083520, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130594814192, "etime": 1726130594814192, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 44018, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:54:43.520] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:54:46.521] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25696 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_44022.1726130597.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_44022.1726130597.jsonl?X-Amz-Signature=dcc6154c2e3c53c7cc96e6fe12d4dc38c042c61b77e94f16d72c4d176f24b4d8&X-Amz-Date=20251209T115446Z&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 19:54:46.521] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:54:46.521] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:54:46.521] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:54:46.521] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:54:46.521] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:54:46.522] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:54:46.634] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_44022.1726130597.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310086633, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130597888908, "etime": 1726130597888908, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 44022, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:54:46.634] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:54:49.641] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24073 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_44036.1726130600.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_44036.1726130600.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T115449Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=45d559c6f480a8dc3e3278acca5c3f9c004d452e47bdd3ea3b2ac6ef0aad9478"}
[2025-12-09 19:54:49.642] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:54:49.642] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:54:49.642] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:54:49.642] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:54:49.642] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:54:49.643] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:54:49.753] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_44036.1726130600.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310089752, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130600951323, "etime": 1726130600951323, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 44036, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:54:49.753] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:54:52.747] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24074 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_43376.1726129534.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_43376.1726129534.jsonl?X-Amz-Signature=738acd0672bf21fceb9a3de0b46ee5085289c190174d0fbd55f80e7b9d0fac6d&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T115452Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800"}
[2025-12-09 19:54:52.747] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:54:52.747] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:54:52.747] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:54:52.747] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:54:52.747] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:54:52.748] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:54:52.854] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_43376.1726129534.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310092853, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129534385217, "etime": 1726129534385217, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 43376, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:54:52.854] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:54:55.866] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24458 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_43412.1726129540.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_43412.1726129540.jsonl?X-Amz-Date=20251209T115455Z&X-Amz-Signature=f6d6df3bc4d80fd743625e2d8852e118264777c395ca0e589a945d68f2911d16&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 19:54:55.866] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:54:55.866] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:54:55.866] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:54:55.866] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:54:55.866] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:54:55.867] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:54:55.978] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_43412.1726129540.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310095977, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129540525621, "etime": 1726129540525621, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 43412, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:54:55.978] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:54:58.970] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24459 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_50538.1726129531.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_50538.1726129531.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T115458Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=64c77e44256e889b3792f2fea3f0a2289d28d5aff3c4d2f59ec08f5dd340cd75&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:54:58.970] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:54:58.970] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:54:58.970] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:54:58.970] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:54:58.970] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:54:58.971] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:54:59.078] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_50538.1726129531.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310099078, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129531312250, "etime": 1726129531312250, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 50538, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:54:59.078] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:55:02.084] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25697 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_33044.1726129602.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_33044.1726129602.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T115501Z&X-Amz-Signature=7070bca93dc0446f8c42b986f2672bfe785bca1316c3a2f01834844ea3df8f2d&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:55:02.084] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:55:02.084] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:55:02.084] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:55:02.084] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:55:02.084] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:55:02.085] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:55:02.198] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_33044.1726129602.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310102197, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129602495128, "etime": 1726129602495128, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 33044, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:55:02.198] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:55:05.199] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24075 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_33072.1726129605.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_33072.1726129605.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=fde1d9333351dd495f7dc87827bc14cfb3acfaf887be7267dbdbb518fa5ae33f&X-Amz-Date=20251209T115504Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:55:05.200] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:55:05.200] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:55:05.200] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:55:05.200] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:55:05.200] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:55:05.201] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:55:05.310] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_33072.1726129605.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310105310, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129605568976, "etime": 1726129605568976, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 33072, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:55:05.310] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:55:08.309] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25698 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_45844.1726129596.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_45844.1726129596.jsonl?X-Amz-Expires=604800&X-Amz-Date=20251209T115507Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=773f0397a28ec3902ae42dedebdb5ed93ed0dfd3282998451401c10cf1e65ba9&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:55:08.309] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:55:08.309] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:55:08.309] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:55:08.309] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:55:08.309] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:55:08.310] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:55:08.416] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_45844.1726129596.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310108415, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129596344217, "etime": 1726129596344217, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 45844, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:55:08.416] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:55:11.427] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24460 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_36990.1726129656.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_36990.1726129656.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=3b049f3ed205e45460ce57f701ef2ef139c4ed5c82d6beb8fadd234847de7115&X-Amz-Expires=604800&X-Amz-Date=20251209T115510Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:55:11.427] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:55:11.427] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:55:11.427] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:55:11.428] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:55:11.428] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:55:11.428] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:55:11.539] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_36990.1726129656.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310111538, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129656983253, "etime": 1726129656983253, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 36990, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:55:11.539] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:55:14.538] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25699 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_52800_192-168-32-40_443.1726127475.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_52800_192-168-32-40_443.1726127475.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=e13f20d05930c7e8589eecf4dfadc7777ab0482c30219bd23e2afbcaecb56308&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T115514Z"}
[2025-12-09 19:55:14.538] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:55:14.538] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:55:14.538] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:55:14.538] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:55:14.539] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:55:14.539] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:55:14.646] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_52800_192-168-32-40_443.1726127475.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310114646, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726127475160859, "etime": 1726127475160859, "src_ip": "192.168.32.1", "dest_ip": "192.168.32.40", "src_port": 52800, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:55:14.646] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:55:17.657] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25700 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http6.pcap.TCP_192-168-112-1_53638_192-168-112-135_443.1726625075.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http6.pcap.TCP_192-168-112-1_53638_192-168-112-135_443.1726625075.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T115517Z&X-Amz-Expires=604800&X-Amz-Signature=b4aa32f94a85a0ba0efd75e8103cc61c1b3ff3e80c68360751d8e0ccb336cdd6"}
[2025-12-09 19:55:17.657] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:55:17.657] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:55:17.657] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:55:17.657] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:55:17.657] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:55:17.658] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:55:17.765] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http6.pcap.TCP_192-168-112-1_53638_192-168-112-135_443.1726625075.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310117765, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726625075007769, "etime": 1726625075007769, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 53638, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:55:17.765] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:55:20.772] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24076 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https5.pcap.TCP_192-168-112-1_53621_192-168-112-135_443.1726625033.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https5.pcap.TCP_192-168-112-1_53621_192-168-112-135_443.1726625033.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=76d3287b006f55e4b86787c8340f86efed25d633c4e8244f3265cadd973cf741&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T115520Z&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:55:20.772] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:55:20.772] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:55:20.772] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:55:20.772] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:55:20.772] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:55:20.773] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:55:20.878] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https5.pcap.TCP_192-168-112-1_53621_192-168-112-135_443.1726625033.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765310120877, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726625033510867, "etime": 1726625033510867, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 53621, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 19:55:20.878] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:55:20.878] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:55:20.878] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:55:23.885] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25701 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http6.pcap.TCP_192-168-112-1_53649_192-168-112-135_443.1726625102.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http6.pcap.TCP_192-168-112-1_53649_192-168-112-135_443.1726625102.jsonl?X-Amz-Date=20251209T115523Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=cd54239021159993cebf181716a4e987e97a26a3cc612413f2c9428e30d79d19&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 19:55:23.885] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:55:23.885] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:55:23.885] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:55:23.885] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:55:23.885] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:55:23.886] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:55:23.999] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http6.pcap.TCP_192-168-112-1_53649_192-168-112-135_443.1726625102.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765310123999, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726625102281011, "etime": 1726625102281011, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 53649, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 19:55:23.999] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 19:55:23.999] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 19:55:23.999] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 19:55:27.005] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25702 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50496.1727159736.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50496.1727159736.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=61ae7c384d76fa5a30ae7e9aa7aab02849661617a9388297a5bfff65d79a86ab&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T115526Z"}
[2025-12-09 19:55:27.005] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:55:27.005] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:55:27.005] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:55:27.005] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:55:27.005] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:55:27.006] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:55:27.118] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50496.1727159736.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310127117, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159736606126, "etime": 1727159736606126, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50496, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:55:27.118] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:55:30.108] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25703 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_https-1.pcap.TCP_192-168-163-21_41854_192-168-163-23_443.1726206884.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_https-1.pcap.TCP_192-168-163-21_41854_192-168-163-23_443.1726206884.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=ba2b5e20bdccc497f6076bdf56375f66ed67e8a2d385c66e0fe64c68f17963d1&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T115529Z"}
[2025-12-09 19:55:30.108] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:55:30.108] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:55:30.109] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:55:30.109] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:55:30.109] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:55:30.110] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:55:30.221] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_https-1.pcap.TCP_192-168-163-21_41854_192-168-163-23_443.1726206884.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310130220, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726206884424275, "etime": 1726206884424275, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 41854, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:55:30.221] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:55:33.222] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24461 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_http.pcap.TCP_192-168-32-1_57745_192-168-32-40_80.1726196721.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_http.pcap.TCP_192-168-32-1_57745_192-168-32-40_80.1726196721.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T115532Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=17f7f3a0984ff8342844be62230ee7976f1b65e8ea4967182e34343a85a576fa"}
[2025-12-09 19:55:33.222] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:55:33.222] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:55:33.222] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:55:33.222] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:55:33.222] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:55:33.223] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:55:33.334] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_http.pcap.TCP_192-168-32-1_57745_192-168-32-40_80.1726196721.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310133333, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726196721239125, "etime": 1726196721239125, "src_ip": "192.168.32.1", "dest_ip": "192.168.32.40", "src_port": 57745, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:55:33.334] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:55:36.336] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24462 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP2.pcap.TCP_192-168-112-140_51119_192-168-112-141_49198.1727231971.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP2.pcap.TCP_192-168-112-140_51119_192-168-112-141_49198.1727231971.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T115535Z&X-Amz-SignedHeaders=host&X-Amz-Signature=f6002b70efb1f5818033f5dc0b28b2a0600d3d641209300e7fe2cfe8f2d1e8d7"}
[2025-12-09 19:55:36.336] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:55:36.336] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:55:36.336] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:55:36.336] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:55:36.336] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:55:36.337] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:55:36.442] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP2.pcap.TCP_192-168-112-140_51119_192-168-112-141_49198.1727231971.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310136441, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727231971353033, "etime": 1727231971353033, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49198, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:55:36.442] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:55:39.452] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24077 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44878.1726132156.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44878.1726132156.jsonl?X-Amz-Signature=38d8ab38378d90e9a4beb30791e9acc7bbb772bf1543e0b9dd50066b879851b7&X-Amz-Date=20251209T115538Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 19:55:39.452] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:55:39.452] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:55:39.452] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:55:39.452] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:55:39.452] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:55:39.453] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:55:39.566] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44878.1726132156.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310139566, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132156837251, "etime": 1726132156837251, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44878, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:55:39.566] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:55:42.570] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25704 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44880.1726132160.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44880.1726132160.jsonl?X-Amz-Date=20251209T115542Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=c5616ea932f094fe18559c193417388cbfbe7af684838be3fecb6e7c31e0cb4c"}
[2025-12-09 19:55:42.570] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:55:42.570] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:55:42.570] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:55:42.570] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:55:42.570] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:55:42.571] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:55:42.680] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44880.1726132160.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310142680, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132160888987, "etime": 1726132160888987, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44880, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:55:42.680] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:55:45.678] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24078 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44882.1726132164.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44882.1726132164.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T115545Z&X-Amz-Signature=b7daeaeeb86c87e5d033db028dd9141ab2341d94b8954dde306db2ab836ca5ea&X-Amz-SignedHeaders=host"}
[2025-12-09 19:55:45.678] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:55:45.678] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:55:45.678] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:55:45.678] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:55:45.678] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:55:45.679] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:55:45.784] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44882.1726132164.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310145784, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132164940623, "etime": 1726132164940623, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44882, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:55:45.784] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:55:48.782] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24079 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44898.1726132181.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44898.1726132181.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=41970e976d82ab5eb37daab0ff2d3fa520417e086de27b2a7416e96ad951e050&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T115548Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:55:48.782] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:55:48.782] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:55:48.782] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:55:48.782] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:55:48.782] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:55:48.783] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:55:48.888] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44898.1726132181.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310148888, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132181204310, "etime": 1726132181204310, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44898, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:55:48.888] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:55:51.886] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25705 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44902.1726132198.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44902.1726132198.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T115551Z&X-Amz-Signature=5ebd51d263d67a3dd2716b6f724a4aa01cd9765522d9bc61008a785294bddbd2&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 19:55:51.886] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:55:51.886] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:55:51.886] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:55:51.886] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:55:51.886] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:55:51.887] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:55:51.992] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44902.1726132198.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310151991, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132198895715, "etime": 1726132198895715, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44902, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:55:51.992] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:55:55.003] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24080 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44904.1726132202.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44904.1726132202.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=b5a0ea921c329e8513b3c82b9ad1e6ab5ea7fabcfae597a41f28f0ee75f573b0&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T115554Z"}
[2025-12-09 19:55:55.003] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:55:55.003] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:55:55.003] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:55:55.003] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:55:55.003] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:55:55.004] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:55:55.104] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44904.1726132202.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310155104, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132202949996, "etime": 1726132202949996, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44904, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:55:55.104] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:55:58.105] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25706 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44908.1726132210.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44908.1726132210.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=4c470906697570f9711ee277b6473aefc62007d54f737c2ed2fea75fa0947fa8&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Date=20251209T115557Z&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:55:58.105] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:55:58.105] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:55:58.105] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:55:58.105] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:55:58.105] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:55:58.106] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:55:58.215] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44908.1726132210.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310158215, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132210076668, "etime": 1726132210076668, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44908, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:55:58.215] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:56:01.221] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25707 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44922.1726132222.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44922.1726132222.jsonl?X-Amz-Date=20251209T115600Z&X-Amz-Signature=1e1bc77dd0d7264a6fd851d5a750ec330cb8424329d9801b00d67a094a4279f4&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 19:56:01.221] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:56:01.221] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:56:01.221] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:56:01.221] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:56:01.221] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:56:01.222] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:56:01.335] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44922.1726132222.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310161334, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132222298719, "etime": 1726132222298719, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44922, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:56:01.335] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:56:04.336] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24463 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53324.1726132238.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53324.1726132238.jsonl?X-Amz-Signature=51fb8ded576854122ad748e004217d51290c462b70b474a499ce7d7c293977a4&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T115603Z"}
[2025-12-09 19:56:04.337] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:56:04.337] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:56:04.337] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:56:04.337] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:56:04.337] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:56:04.338] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:56:04.447] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53324.1726132238.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310164447, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132238749105, "etime": 1726132238749105, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53324, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:56:04.447] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:56:07.452] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25708 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53326.1726132242.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53326.1726132242.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=30df80fef3252d589e7f3ecda0d9e2b0b28ee07c4ef4c66776ed756f11f010f7&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T115606Z"}
[2025-12-09 19:56:07.452] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:56:07.452] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:56:07.452] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:56:07.452] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:56:07.452] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:56:07.453] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:56:07.554] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53326.1726132242.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310167554, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132242809210, "etime": 1726132242809210, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53326, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:56:07.554] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:56:10.562] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25709 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53342.1726132259.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53342.1726132259.jsonl?X-Amz-Signature=a3db0126a1294588457dfe79ace316d2113c8454eca2d626641e6dfa7ed0a3bd&X-Amz-Expires=604800&X-Amz-Date=20251209T115610Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 19:56:10.562] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:56:10.562] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:56:10.562] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:56:10.562] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:56:10.562] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:56:10.563] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:56:10.672] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53342.1726132259.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310170672, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132259074869, "etime": 1726132259074869, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53342, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:56:10.672] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:56:13.664] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24081 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53344.1726132262.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53344.1726132262.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T115613Z&X-Amz-Expires=604800&X-Amz-Signature=71e3e11e165aa655da327a01b37464a2addc0cae28a24c31928e2c08ef65ee8e&X-Amz-SignedHeaders=host"}
[2025-12-09 19:56:13.665] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:56:13.665] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:56:13.665] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:56:13.665] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:56:13.665] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:56:13.666] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:56:13.766] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53344.1726132262.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310173765, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132262129847, "etime": 1726132262129847, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53344, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:56:13.766] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:56:16.781] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25710 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_33858.1726130418.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_33858.1726130418.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T115616Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=e5dfa705b4f58193450df487d2466871f9680bada3b1d65e3beca0fc20c5022c"}
[2025-12-09 19:56:16.781] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:56:16.781] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:56:16.781] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:56:16.781] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:56:16.782] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:56:16.782] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:56:16.892] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_33858.1726130418.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310176891, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130418008173, "etime": 1726130418008173, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 33858, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:56:16.892] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:56:19.893] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24464 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_52856.1726130403.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_52856.1726130403.jsonl?X-Amz-Date=20251209T115619Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=c3fa8b88445e9f59c26d58d3ad7db93bf0524213009a1ea73a7c76800bc2ffc8&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:56:19.893] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:56:19.893] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:56:19.894] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:56:19.894] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:56:19.894] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:56:19.895] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:56:20.004] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_52856.1726130403.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310180003, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130403707012, "etime": 1726130403707012, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 52856, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:56:20.004] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:56:23.007] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25711 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_52870.1726130407.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_52870.1726130407.jsonl?X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T115622Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=211652a4ef542fd16b07b696c5152aeb43adb6c4fa99ddb64ce1e5de785333b0"}
[2025-12-09 19:56:23.008] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:56:23.008] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:56:23.008] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:56:23.008] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:56:23.008] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:56:23.009] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:56:23.118] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_52870.1726130407.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310183117, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130407773337, "etime": 1726130407773337, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 52870, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:56:23.118] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:56:26.116] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24465 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_36998.1726130495.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_36998.1726130495.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=e20e5cdfb665124fece2fd2832d2acbb6fa59ebda959fc0bf4db4941eda5bcd8&X-Amz-Date=20251209T115625Z&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:56:26.116] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:56:26.116] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:56:26.116] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:56:26.116] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:56:26.116] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:56:26.117] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:56:26.218] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_36998.1726130495.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310186218, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130495999516, "etime": 1726130495999516, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 36998, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:56:26.218] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:56:29.230] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24082 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_38776.1726130487.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_38776.1726130487.jsonl?X-Amz-Date=20251209T115628Z&X-Amz-Signature=4cd489f28bbb1e69817f4d8ce2bade60d1dbcf75c1bdbdfc02e1c87e41555494&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:56:29.230] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:56:29.230] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:56:29.230] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:56:29.230] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:56:29.230] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:56:29.231] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:56:29.341] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_38776.1726130487.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310189340, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130487857094, "etime": 1726130487857094, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 38776, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:56:29.341] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:56:32.350] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25712 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_38790.1726130491.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_38790.1726130491.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=c207cd163defd9e8a75c447218ee34202d6551a08e0cb6bf76a354d61dc4846b&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T115631Z"}
[2025-12-09 19:56:32.350] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:56:32.350] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:56:32.350] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:56:32.350] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:56:32.350] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:56:32.351] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:56:32.460] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_38790.1726130491.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310192460, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130491924477, "etime": 1726130491924477, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 38790, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:56:32.460] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:56:35.468] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24466 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_32800.1726130556.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_32800.1726130556.jsonl?X-Amz-Signature=cee1f45071482c763ba939c6ec65c9abdedf6e2966fb8d624f44193d36b94dc1&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T115634Z&X-Amz-SignedHeaders=host"}
[2025-12-09 19:56:35.468] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:56:35.468] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:56:35.468] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:56:35.468] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:56:35.468] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:56:35.469] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:56:35.581] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_32800.1726130556.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310195581, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130556764604, "etime": 1726130556764604, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 32800, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:56:35.581] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:56:38.579] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24083 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_47822.1726130530.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_47822.1726130530.jsonl?X-Amz-Expires=604800&X-Amz-Date=20251209T115638Z&X-Amz-Signature=8f3f9b93044af5be8b8218df3e99f546249ff6192802bd0e5b67aeb6ed578e3d&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:56:38.579] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:56:38.580] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:56:38.580] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:56:38.580] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:56:38.580] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:56:38.581] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:56:38.693] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_47822.1726130530.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310198692, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130530174603, "etime": 1726130530174603, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 47822, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:56:38.693] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:56:41.692] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25713 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_51514.1726130550.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_51514.1726130550.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=467c49175670c6bd05282f7dcb9880b61fa1fdb655aa8d9662d8bf8083e6119d&X-Amz-Date=20251209T115641Z"}
[2025-12-09 19:56:41.692] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:56:41.692] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:56:41.693] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:56:41.693] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:56:41.693] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:56:41.693] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:56:41.795] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_51514.1726130550.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310201794, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130550614119, "etime": 1726130550614119, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 51514, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:56:41.795] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:56:44.795] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24084 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_51736.1726130534.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_51736.1726130534.jsonl?X-Amz-Date=20251209T115644Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=e6380d51a069157e788a5d1739f56f9cc8711faaf3963f286b319abd378e3c48"}
[2025-12-09 19:56:44.795] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:56:44.795] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:56:44.795] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:56:44.795] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:56:44.795] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:56:44.796] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:56:44.900] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_51736.1726130534.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310204900, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130534242035, "etime": 1726130534242035, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 51736, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:56:44.901] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:56:47.914] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25714 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_36554.1726130578.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_36554.1726130578.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=c98b0da139b7d3b1af669fc235832d68a35c6a872227c9083eec60fe21734e20&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T115647Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:56:47.914] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:56:47.914] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:56:47.914] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:56:47.914] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:56:47.914] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:56:47.915] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:56:48.023] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_36554.1726130578.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310208023, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130578537995, "etime": 1726130578537995, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 36554, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:56:48.023] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:56:51.017] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24467 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_41972.1726130607.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_41972.1726130607.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T115650Z&X-Amz-Expires=604800&X-Amz-Signature=8dc101d24b0ed43d0d79dfd33b884fae2c4817e4663f3f0550b40c9a521368c5&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 19:56:51.018] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:56:51.018] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:56:51.018] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:56:51.018] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:56:51.018] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:56:51.019] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:56:51.124] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_41972.1726130607.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310211123, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130607100947, "etime": 1726130607100947, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 41972, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:56:51.124] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:56:54.137] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25715 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_41988.1726130610.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_41988.1726130610.jsonl?X-Amz-Expires=604800&X-Amz-Signature=51995b56265e6b3807b7459ced0d62b06d10940d148a92ceb647b85864409d9e&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T115653Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:56:54.137] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:56:54.138] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:56:54.138] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:56:54.138] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:56:54.138] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:56:54.139] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:56:54.248] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_41988.1726130610.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310214247, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130610171636, "etime": 1726130610171636, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 41988, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:56:54.248] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:56:57.263] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24468 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_48286.1726130586.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_48286.1726130586.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Date=20251209T115656Z&X-Amz-SignedHeaders=host&X-Amz-Signature=a1957e604ccf83d2c294ded4f93e162c6481d499132a6d4af228dedda11a721e&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:56:57.263] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:56:57.263] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:56:57.263] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:56:57.263] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:56:57.263] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:56:57.264] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:56:57.377] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_48286.1726130586.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310217376, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130586675472, "etime": 1726130586675472, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 48286, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:56:57.377] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:57:00.374] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25716 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_48288.1726130590.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_48288.1726130590.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=deaccebd21e7f97c14c2730c2b7b3fdb45620072b3da78599fc0929f6578934e&X-Amz-Date=20251209T115659Z"}
[2025-12-09 19:57:00.374] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:57:00.374] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:57:00.374] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:57:00.374] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:57:00.374] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:57:00.375] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:57:00.488] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_48288.1726130590.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310220487, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130590746835, "etime": 1726130590746835, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 48288, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:57:00.488] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:57:03.493] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24469 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_34324.1726129515.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_34324.1726129515.jsonl?X-Amz-Date=20251209T115703Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=9dc04d4ffe83300e83f14ed85d8769ac54f082651cca3a63072c5b746d560a94"}
[2025-12-09 19:57:03.493] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:57:03.493] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:57:03.493] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:57:03.493] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:57:03.493] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:57:03.494] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:57:03.604] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_34324.1726129515.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310223603, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129515037057, "etime": 1726129515037057, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 34324, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:57:03.604] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:57:06.596] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24470 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_34338.1726129519.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_34338.1726129519.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T115706Z&X-Amz-Expires=604800&X-Amz-Signature=0c5c8513a7bc163d6e6a6cc92ad072e717b13741707a0bcea844980aa436b2b1&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 19:57:06.596] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:57:06.596] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:57:06.596] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:57:06.596] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:57:06.596] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:57:06.597] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:57:06.692] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_34338.1726129519.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310226692, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129519102820, "etime": 1726129519102820, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 34338, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:57:06.692] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:57:09.716] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24085 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_43408.1726129537.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_43408.1726129537.jsonl?X-Amz-Signature=4507f6680625fdf1893bc869c67fd7d11f016b9666864dd51e2674448d202d45&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T115709Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host"}
[2025-12-09 19:57:09.716] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:57:09.716] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:57:09.716] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:57:09.716] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:57:09.716] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:57:09.717] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:57:09.827] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_43408.1726129537.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310229826, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129537459588, "etime": 1726129537459588, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 43408, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:57:09.827] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:57:12.819] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24086 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_58164.1726129543.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_58164.1726129543.jsonl?X-Amz-Signature=59bacfe933c02db995b66cf19ea6cc62976fce993df8921d97d8053accfcae00&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Date=20251209T115712Z"}
[2025-12-09 19:57:12.819] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:57:12.819] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:57:12.820] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:57:12.820] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:57:12.820] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:57:12.821] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:57:12.928] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_58164.1726129543.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310232927, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129543587846, "etime": 1726129543587846, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 58164, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:57:12.928] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:57:15.932] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24471 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_58182.1726129549.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_58182.1726129549.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T115715Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=ee8983dd25895925967082f8c7ba7cc3b6019c83050465e63ca6f0d3e7484332"}
[2025-12-09 19:57:15.932] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:57:15.933] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:57:15.933] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:57:15.933] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:57:15.933] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:57:15.934] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:57:16.047] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_58182.1726129549.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310236046, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129549746565, "etime": 1726129549746565, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 58182, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:57:16.047] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:57:19.050] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24472 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_45842.1726129592.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_45842.1726129592.jsonl?X-Amz-Date=20251209T115718Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=b39c37530c0e1ed00c156878dac48068e0f0ba3e4b7322e7d7f2a247f422c782&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:57:19.050] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:57:19.050] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:57:19.050] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:57:19.050] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:57:19.050] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:57:19.051] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:57:19.159] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_45842.1726129592.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310239158, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129592277569, "etime": 1726129592277569, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 45842, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:57:19.159] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:57:22.160] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24087 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_52104.1726129584.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_52104.1726129584.jsonl?X-Amz-Date=20251209T115721Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=7b06b3077fb17d044e28e4d8a7830d12e5b753d2ce88cc803522f5225f37aed0"}
[2025-12-09 19:57:22.160] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:57:22.160] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:57:22.161] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:57:22.161] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:57:22.161] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:57:22.162] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:57:22.272] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_52104.1726129584.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310242271, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129584156504, "etime": 1726129584156504, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 52104, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:57:22.272] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:57:25.265] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24473 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_52112.1726129588.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_52112.1726129588.jsonl?X-Amz-Signature=5b4edd7ed9012378d232207aac4006f441c2e66c50892ee7728125bcc4425107&X-Amz-Date=20251209T115724Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:57:25.265] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:57:25.265] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:57:25.265] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:57:25.265] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:57:25.265] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:57:25.266] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:57:25.370] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_52112.1726129588.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310245369, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129588213011, "etime": 1726129588213011, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 52112, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:57:25.370] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:57:28.377] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24088 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_35710.1726129632.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_35710.1726129632.jsonl?X-Amz-Date=20251209T115727Z&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=185dce18435b8b4ee9028b9cf7bfc99dfc457aa2cb7b704f9fa882d4fc244bdd"}
[2025-12-09 19:57:28.377] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:57:28.377] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:57:28.377] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:57:28.377] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:57:28.377] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:57:28.378] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:57:28.490] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_35710.1726129632.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310248490, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129632475937, "etime": 1726129632475937, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 35710, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:57:28.490] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:57:31.485] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24474 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_35724.1726129636.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_35724.1726129636.jsonl?X-Amz-Signature=044619b1e61c39e3445fb8d5b13f8f6403cfee4e691cebd2b5d4c3756a92f8b2&X-Amz-Date=20251209T115730Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 19:57:31.485] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:57:31.485] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:57:31.485] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:57:31.485] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:57:31.485] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:57:31.486] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:57:31.596] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_35724.1726129636.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310251596, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129636547837, "etime": 1726129636547837, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 35724, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:57:31.596] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:57:34.598] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25717 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_37004.1726129660.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_37004.1726129660.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=2ad63518b90318d561040b44d2ef239810516ef79dba30fad3a8b1a58ee75595&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T115734Z"}
[2025-12-09 19:57:34.598] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:57:34.598] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:57:34.599] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:57:34.599] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:57:34.599] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:57:34.600] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:57:34.706] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_37004.1726129660.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310254706, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129660062800, "etime": 1726129660062800, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 37004, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:57:34.706] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:57:37.710] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25718 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_56522.1726129650.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_56522.1726129650.jsonl?X-Amz-Signature=450e6f8ec93f35c0e5e6a1a7e2950ecb41334e51eb265369069535b684ecad48&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T115737Z"}
[2025-12-09 19:57:37.710] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:57:37.710] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:57:37.710] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:57:37.710] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:57:37.710] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:57:37.711] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:57:37.819] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_56522.1726129650.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310257819, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129650834462, "etime": 1726129650834462, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 56522, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:57:37.819] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:57:40.827] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24089 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_IP.1726129146.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_IP.1726129146.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T115740Z&X-Amz-SignedHeaders=host&X-Amz-Signature=be80d5f97d1923194d01a1e51301141f3bbb1f102a6d20332f402b34fe02176f&X-Amz-Expires=604800"}
[2025-12-09 19:57:40.827] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:57:40.827] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:57:40.828] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:57:40.828] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:57:40.828] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:57:40.829] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:57:40.940] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_IP.1726129146.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310260940, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129146973654, "etime": 1726129146973654, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 56136, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:57:40.940] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:57:43.944] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24475 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_56136.1726129146.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_56136.1726129146.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Date=20251209T115743Z&X-Amz-Signature=78f84cf79030ef70277bf468258af15c9761fa7a3ea7b1a44712394d5452086a&X-Amz-SignedHeaders=host"}
[2025-12-09 19:57:43.944] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:57:43.944] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:57:43.945] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:57:43.945] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:57:43.945] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:57:43.946] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:57:44.055] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_56136.1726129146.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310264054, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129146973654, "etime": 1726129146973654, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 56136, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:57:44.055] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:57:47.060] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24476 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_https-1.pcap.TCP_192-168-163-21_41835_192-168-163-23_443.1726206777.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_https-1.pcap.TCP_192-168-163-21_41835_192-168-163-23_443.1726206777.jsonl?X-Amz-Date=20251209T115746Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=3ea4709e36fcc303b8601918ed69aa5e9d771d328fc222035690a26305e8c157&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:57:47.060] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:57:47.060] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:57:47.060] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:57:47.060] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:57:47.060] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:57:47.061] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:57:47.170] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_https-1.pcap.TCP_192-168-163-21_41835_192-168-163-23_443.1726206777.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310267170, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726206777449726, "etime": 1726206777449726, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 41835, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:57:47.170] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:57:50.169] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25719 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux-http-1.pcap.TCP_192-168-163-21_42007_192-168-163-23_80.1726207522.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux-http-1.pcap.TCP_192-168-163-21_42007_192-168-163-23_80.1726207522.jsonl?X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T115749Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=6b886834512b68cb64ca365f5c5aded9cf575ff692241e34eda14eaba8cbe131"}
[2025-12-09 19:57:50.169] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:57:50.169] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:57:50.169] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:57:50.169] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:57:50.169] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:57:50.170] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:57:50.269] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux-http-1.pcap.TCP_192-168-163-21_42007_192-168-163-23_80.1726207522.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310270269, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726207522658653, "etime": 1726207522658653, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 42007, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:57:50.269] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:57:53.285] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24477 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_https-1.pcap.TCP_192-168-163-21_41530_192-168-163-23_443.1726205310.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_https-1.pcap.TCP_192-168-163-21_41530_192-168-163-23_443.1726205310.jsonl?X-Amz-Expires=604800&X-Amz-Date=20251209T115752Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=3cf27140281ca9356fa3fd0ceddca0597673194e50d745cbe63a4cbe7532d848"}
[2025-12-09 19:57:53.285] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:57:53.285] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:57:53.285] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:57:53.285] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:57:53.285] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:57:53.286] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:57:53.400] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_https-1.pcap.TCP_192-168-163-21_41530_192-168-163-23_443.1726205310.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310273400, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726205310664181, "etime": 1726205310664181, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 41530, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:57:53.400] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:57:56.393] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24478 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_https-1.pcap.TCP_192-168-163-21_41855_192-168-163-23_443.1726206901.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_https-1.pcap.TCP_192-168-163-21_41855_192-168-163-23_443.1726206901.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T115755Z&X-Amz-Signature=2c0763ab530c03733517ad5d64dd02ff441ab1bbf85adfc4be896525acc3c164&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:57:56.393] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:57:56.393] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:57:56.393] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:57:56.393] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:57:56.394] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:57:56.394] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:57:56.505] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_https-1.pcap.TCP_192-168-163-21_41855_192-168-163-23_443.1726206901.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310276505, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726206901437530, "etime": 1726206901437530, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 41855, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:57:56.505] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:57:59.503] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25720 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-136_44850.1726132117.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-136_44850.1726132117.jsonl?X-Amz-Expires=604800&X-Amz-Signature=a8df2d9e2b7318d2c9417ad26a414da88ca7155ccbc0bfa22943c6413b241eff&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T115758Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:57:59.504] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:57:59.504] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:57:59.504] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:57:59.504] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:57:59.504] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:57:59.505] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:57:59.613] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-136_44850.1726132117.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310279613, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132117175505, "etime": 1726132117175505, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44850, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:57:59.613] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:58:02.606] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25721 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44896.1726132178.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44896.1726132178.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=74bac7bbd2a97f0254a2fdbfae1fec77e270d960af2f718a60886d261d3fe19f&X-Amz-Date=20251209T115802Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:58:02.606] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:58:02.606] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:58:02.607] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:58:02.607] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:58:02.607] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:58:02.607] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:58:02.716] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44896.1726132178.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310282716, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132178204905, "etime": 1726132178204905, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44896, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:58:02.717] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:58:05.711] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25722 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44920.1726132219.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44920.1726132219.jsonl?X-Amz-Signature=d8126a7cf481cc584e6505af255e9998b8e0ca7e7f5009b1f5ab2c52ccaa89f4&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T115805Z"}
[2025-12-09 19:58:05.711] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:58:05.711] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:58:05.711] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:58:05.711] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:58:05.711] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:58:05.712] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:58:05.812] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44920.1726132219.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310285811, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132219302359, "etime": 1726132219302359, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44920, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:58:05.812] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:58:08.818] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24090 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53336.1726132253.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53336.1726132253.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=65d7dc67255e0c18d5901e6c5830dc2d36681aa82aab92b88c3b32b0c00c9343&X-Amz-Date=20251209T115808Z&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:58:08.818] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:58:08.819] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:58:08.819] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:58:08.819] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:58:08.819] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:58:08.820] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:58:08.933] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53336.1726132253.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310288932, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132253023796, "etime": 1726132253023796, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53336, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:58:08.933] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:58:11.936] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25723 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_54372.1726130503.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_54372.1726130503.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=308fa0859571d0b612c7d49430ee852f7eae1b522fd9cf543a3b1179d43dec44&X-Amz-Date=20251209T115811Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:58:11.936] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:58:11.936] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:58:11.937] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:58:11.937] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:58:11.937] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:58:11.938] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:58:12.049] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_54372.1726130503.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310292049, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130503236949, "etime": 1726130503236949, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 54372, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:58:12.049] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:58:15.051] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24479 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_51482.1726130544.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_51482.1726130544.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T115814Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=e1fd368feb48f9c431f326f78ff94355ba22440de381d856ef1ee51389e63cbf"}
[2025-12-09 19:58:15.052] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:58:15.052] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:58:15.052] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:58:15.052] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:58:15.052] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:58:15.053] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:58:15.157] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_51482.1726130544.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310295156, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130544539578, "etime": 1726130544539578, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 51482, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:58:15.157] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:58:18.162] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24480 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_41956.1726130604.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_41956.1726130604.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=720ead7c2e5416189ad056e8a3eea6ca653c2bdf122ff36d737db310707c8c59&X-Amz-Date=20251209T115817Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 19:58:18.163] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:58:18.163] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:58:18.163] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:58:18.163] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:58:18.163] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:58:18.164] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:58:18.274] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_41956.1726130604.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310298273, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130604086777, "etime": 1726130604086777, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 41956, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:58:18.274] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:58:21.267] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25724 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_33056.1726129602.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_33056.1726129602.jsonl?X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=9783bbc3e7f57f1a8e7fd95ffb540bdd93bfcbde89ee6a7ef7fd82472e715d15&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T115820Z"}
[2025-12-09 19:58:21.267] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:58:21.267] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:58:21.267] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:58:21.267] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:58:21.267] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:58:21.268] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:58:21.365] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_33056.1726129602.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310301365, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129602562634, "etime": 1726129602562634, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 33056, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:58:21.365] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:58:24.382] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24481 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_36982.1726129653.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_36982.1726129653.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T115823Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=974327f6341fd8f455e635e284d333c589745b29e6d54a5bf1668043577316d1&X-Amz-Expires=604800"}
[2025-12-09 19:58:24.382] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:58:24.382] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:58:24.382] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:58:24.382] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:58:24.382] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:58:24.383] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:58:24.493] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_36982.1726129653.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310304493, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129653974338, "etime": 1726129653974338, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 36982, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:58:24.493] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:58:27.499] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25725 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_33856.1726130415.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_33856.1726130415.jsonl?X-Amz-Expires=604800&X-Amz-Date=20251209T115827Z&X-Amz-Signature=babb864cbbc052bdff0db229ca9c6a6ad4442e225cb67dc2d5b9f66b291b36d9&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:58:27.499] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:58:27.499] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:58:27.499] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:58:27.499] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:58:27.499] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:58:27.500] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:58:27.612] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_33856.1726130415.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310307612, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130415005209, "etime": 1726130415005209, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 33856, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:58:27.612] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:58:30.601] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24482 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_35934.1726130424.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_35934.1726130424.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=8eed34c634b537a40f1891325065afd0ec6654d976970cbc7d1b818ca2c0e6cb&X-Amz-Date=20251209T115830Z"}
[2025-12-09 19:58:30.601] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:58:30.601] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:58:30.601] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:58:30.601] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:58:30.601] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:58:30.602] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:58:30.710] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_35934.1726130424.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310310710, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130424233613, "etime": 1726130424233613, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 35934, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:58:30.710] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:58:33.718] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24091 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44888.1726132172.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44888.1726132172.jsonl?X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T115833Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=2bb4daaf58e9748f96493a7caa45d87db92b849a02f7a240070fc8071d5f1010&X-Amz-SignedHeaders=host"}
[2025-12-09 19:58:33.718] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:58:33.718] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:58:33.718] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:58:33.718] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:58:33.718] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:58:33.719] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:58:33.830] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44888.1726132172.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310313829, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132172099217, "etime": 1726132172099217, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44888, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:58:33.830] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:58:36.833] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24092 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44912.1726132213.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44912.1726132213.jsonl?X-Amz-Expires=604800&X-Amz-Signature=de32c5b20fe0cee3a9f66385af312fd824def363e4f9e8f3719f6c4a7d65d7a5&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T115836Z"}
[2025-12-09 19:58:36.833] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:58:36.833] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:58:36.834] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:58:36.834] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:58:36.834] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:58:36.835] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:58:36.945] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44912.1726132213.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310316944, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132213199706, "etime": 1726132213199706, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44912, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:58:36.945] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:58:39.951] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24483 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53332.1726132249.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53332.1726132249.jsonl?X-Amz-Signature=24256fe848613724f7e7a7d92d8cbd7894528ce67d63f7d6188a6ab3ee4912ea&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T115839Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 19:58:39.951] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:58:39.951] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:58:39.952] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:58:39.952] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:58:39.952] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:58:39.952] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:58:40.062] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53332.1726132249.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310320061, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132249971605, "etime": 1726132249971605, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53332, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:58:40.062] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:58:43.055] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25726 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_51766.1726130541.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_51766.1726130541.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=39a840788e574534d2e77b3e628b898799bc928d6d8930d90f3370b8920b0070&X-Amz-Date=20251209T115842Z"}
[2025-12-09 19:58:43.056] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:58:43.056] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:58:43.056] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:58:43.056] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:58:43.056] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:58:43.057] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:58:43.154] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_51766.1726130541.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310323154, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130541462031, "etime": 1726130541462031, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 51766, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:58:43.154] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:58:46.169] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25727 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_44024.1726130597.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_44024.1726130597.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T115845Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=22cdd8c027da5eb8d30f7aaf84514a3a43f9c071179987400e0e4752077e6f17"}
[2025-12-09 19:58:46.169] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:58:46.169] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:58:46.170] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:58:46.170] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:58:46.170] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:58:46.171] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:58:46.273] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_44024.1726130597.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310326273, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130597951750, "etime": 1726130597951750, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 44024, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:58:46.274] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:58:49.282] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24484 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_43392.1726129534.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_43392.1726129534.jsonl?X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T115848Z&X-Amz-Expires=604800&X-Amz-Signature=d87b07c238120df3aa4984460abad3b8ecbfeffca5b7d79cc293b406d6b622b3"}
[2025-12-09 19:58:49.282] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:58:49.282] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:58:49.282] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:58:49.282] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:58:49.283] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:58:49.283] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:58:49.396] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_43392.1726129534.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310329395, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129534453295, "etime": 1726129534453295, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 43392, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:58:49.396] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:58:52.400] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25728 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_45862.1726129599.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_45862.1726129599.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T115851Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=a29264ebc8f18c5dbddad07ff618de578946214ef11c58b429686e8e0edb09b3"}
[2025-12-09 19:58:52.400] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:58:52.400] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:58:52.400] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:58:52.400] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:58:52.400] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:58:52.401] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:58:52.513] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_45862.1726129599.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310332513, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129599484661, "etime": 1726129599484661, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 45862, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:58:52.514] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:58:55.515] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25729 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_56508.1726129647.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_56508.1726129647.jsonl?X-Amz-Signature=7a386b4945a74c61314380535d0823167b12e47c72526143b69fe70147e31dc7&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T115855Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 19:58:55.515] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:58:55.515] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:58:55.515] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:58:55.515] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:58:55.515] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:58:55.516] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:58:55.629] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_56508.1726129647.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310335628, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129647824887, "etime": 1726129647824887, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 56508, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:58:55.629] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:58:58.633] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25730 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_33868.1726130421.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_33868.1726130421.jsonl?X-Amz-Signature=2ed845ec204556ecff3f2010b682fe1a2a6d8efc36319a3df5a1e8c8e4621ef3&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T115858Z&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 19:58:58.634] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:58:58.634] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:58:58.634] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:58:58.634] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:58:58.634] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:58:58.635] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:58:58.743] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_33868.1726130421.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310338742, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130421152591, "etime": 1726130421152591, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 33868, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:58:58.743] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:59:01.746] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24093 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_51754.1726130541.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_51754.1726130541.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T115901Z&X-Amz-SignedHeaders=host&X-Amz-Signature=a62eee99c34a8fdc09d949708d7de5e2ebab910be4283e918a5798f46e9ca860&X-Amz-Expires=604800"}
[2025-12-09 19:59:01.746] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:59:01.746] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:59:01.746] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:59:01.746] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:59:01.746] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:59:01.747] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:59:01.855] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_51754.1726130541.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310341855, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130541391931, "etime": 1726130541391931, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 51754, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:59:01.855] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:59:04.857] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25731 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_58168.1726129546.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_58168.1726129546.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T115904Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=d420ee56868473a4938f4fd43baae402c8a790456b42f940d998c1ff59e4c94f&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:59:04.858] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:59:04.858] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:59:04.858] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:59:04.858] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:59:04.858] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:59:04.859] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:59:04.967] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_58168.1726129546.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310344967, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129546667192, "etime": 1726129546667192, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 58168, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:59:04.967] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:59:07.971] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24485 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_45860.1726129599.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_45860.1726129599.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=16ded07e12ddd131cea32a432b28f132c6f1fc35d65cca14f0cc2352311ee2d2&X-Amz-Expires=604800&X-Amz-Date=20251209T115907Z"}
[2025-12-09 19:59:07.971] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:59:07.971] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:59:07.971] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:59:07.971] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:59:07.971] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:59:07.972] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:59:08.085] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_45860.1726129599.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310348084, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129599418463, "etime": 1726129599418463, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 45860, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:59:08.085] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:59:11.074] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24094 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_36974.1726129653.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_36974.1726129653.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T115910Z&X-Amz-Expires=604800&X-Amz-Signature=cb450e756420f7785111097d361a61210e21de65dbd4cbe603ac142b6654089d&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 19:59:11.075] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:59:11.075] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:59:11.075] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:59:11.075] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:59:11.075] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:59:11.076] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:59:11.179] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_36974.1726129653.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310351178, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129653908234, "etime": 1726129653908234, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 36974, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:59:11.179] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:59:14.192] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24486 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_56490.1726129644.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_56490.1726129644.jsonl?X-Amz-Expires=604800&X-Amz-Date=20251209T115913Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=dc9b681989434a6981b733ffe976f9d851962dac3f3641a6a5918c4507ede7a3"}
[2025-12-09 19:59:14.192] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:59:14.192] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:59:14.192] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:59:14.192] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:59:14.192] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:59:14.193] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:59:14.303] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_56490.1726129644.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310354303, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129644682614, "etime": 1726129644682614, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 56490, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:59:14.304] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:59:17.305] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24487 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_56494.1726129647.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_56494.1726129647.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Date=20251209T115916Z&X-Amz-Signature=ac21a1172fd7d2599eb180672970580b7925a5619da62f4f2652261b43213a60&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:59:17.305] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:59:17.305] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:59:17.305] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:59:17.305] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:59:17.305] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:59:17.306] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:59:17.415] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_56494.1726129647.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310357414, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129647757340, "etime": 1726129647757340, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 56494, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:59:17.415] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:59:20.415] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24095 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_54360.1726130503.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_54360.1726130503.jsonl?X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T115919Z&X-Amz-Expires=604800&X-Amz-Signature=70897f61225afd48391ccfb8efb50aadac9526a7b1b9663c299ef7b07fc68b7c"}
[2025-12-09 19:59:20.415] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:59:20.415] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:59:20.416] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:59:20.416] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:59:20.416] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:59:20.417] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:59:20.526] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_54360.1726130503.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310360525, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130503236536, "etime": 1726130503236536, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 54360, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:59:20.526] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:59:23.529] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24096 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_https-1.pcap.TCP_192-168-163-21_41524_192-168-163-23_443.1726205275.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_https-1.pcap.TCP_192-168-163-21_41524_192-168-163-23_443.1726205275.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=22f0a1ee7950aa165d7453303ab274a4ea73db39314cf105cafca862c017622f&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T115923Z"}
[2025-12-09 19:59:23.530] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:59:23.530] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:59:23.530] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:59:23.530] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:59:23.530] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:59:23.531] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:59:23.641] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_https-1.pcap.TCP_192-168-163-21_41524_192-168-163-23_443.1726205275.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310363640, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726205275790404, "etime": 1726205275790404, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 41524, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:59:23.641] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:59:26.634] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24097 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_47654.1726130399.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_47654.1726130399.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T115926Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=fd258097614f781981128c5c9173cbfe9980d6f64c073983a1c24bfe1975cbd0&X-Amz-SignedHeaders=host"}
[2025-12-09 19:59:26.634] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:59:26.634] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:59:26.634] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:59:26.634] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:59:26.634] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:59:26.635] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:59:26.735] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_47654.1726130399.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310366735, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130399636819, "etime": 1726130399636819, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 47654, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:59:26.735] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:59:29.737] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24488 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_32786.1726130553.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_32786.1726130553.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T115929Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=da631b54b5ac653b6a9cc545a2309271b03c993f329353ab91af3938a0882238&X-Amz-SignedHeaders=host"}
[2025-12-09 19:59:29.737] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:59:29.737] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:59:29.737] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:59:29.737] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:59:29.737] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:59:29.738] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:59:29.845] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_32786.1726130553.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310369845, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130553691921, "etime": 1726130553691921, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 32786, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:59:29.845] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:59:32.850] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24489 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_50518.1726129523.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_50518.1726129523.jsonl?X-Amz-Date=20251209T115932Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=1f26ffb7db1ac9200d0783de1cf828e0d749ea8244c375de547694de358f5ecc"}
[2025-12-09 19:59:32.850] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:59:32.850] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:59:32.850] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:59:32.850] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:59:32.850] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:59:32.851] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:59:32.963] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_50518.1726129523.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310372963, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129523172277, "etime": 1726129523172277, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 50518, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:59:32.963] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:59:35.967] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25732 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_50524.1726129527.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_50524.1726129527.jsonl?X-Amz-Signature=1abc823e61624e91d175ec0b4de9a70af086055345051ade4a6af3ad231f651f&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T115935Z&X-Amz-Expires=604800"}
[2025-12-09 19:59:35.967] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:59:35.967] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:59:35.967] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:59:35.967] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:59:35.967] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:59:35.968] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:59:36.080] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_50524.1726129527.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310376079, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129527239896, "etime": 1726129527239896, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 50524, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:59:36.080] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:59:39.078] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24490 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_35730.1726129640.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_35730.1726129640.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T115938Z&X-Amz-Signature=bfd68907120196642c32212218307d98694c3727f016c29996f75ed02af146c2&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 19:59:39.079] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:59:39.079] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:59:39.079] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:59:39.079] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:59:39.079] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:59:39.080] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:59:39.187] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_35730.1726129640.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310379186, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129640617536, "etime": 1726129640617536, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 35730, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:59:39.187] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:59:42.182] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25733 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_43414.1726129540.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_43414.1726129540.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=5a9f619a363ae2ac17ee4dc6d549f68572a204e0adbc685b652077933c4ece07&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T115941Z"}
[2025-12-09 19:59:42.182] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:59:42.182] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:59:42.183] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:59:42.183] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:59:42.183] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:59:42.183] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:59:42.288] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_43414.1726129540.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310382288, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129540582098, "etime": 1726129540582098, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 43414, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:59:42.288] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:59:45.298] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24491 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-tls1.3.pcap.TCP_10-0-4-15_443_218-26-55-102_43321.1726308954.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-tls1.3.pcap.TCP_10-0-4-15_443_218-26-55-102_43321.1726308954.jsonl?X-Amz-Signature=3c3ce6991928222c781c530750a24b09cdfb9507d91d51c46256bfa315254614&X-Amz-Date=20251209T115944Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 19:59:45.298] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:59:45.298] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:59:45.298] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:59:45.298] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:59:45.298] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:59:45.299] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:59:45.412] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-tls1.3.pcap.TCP_10-0-4-15_443_218-26-55-102_43321.1726308954.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310385412, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726308954568900, "etime": 1726308954568900, "src_ip": "218.26.55.102", "dest_ip": "10.0.4.15", "src_port": 43321, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:59:45.412] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:59:48.401] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25734 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID60_behinderv4.1_aspx_winserver2012r2-tls1.3_1.pcap.TCP_10-0-4-15_443_218-26-55-102_43316.1726308782.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID60_behinderv4.1_aspx_winserver2012r2-tls1.3_1.pcap.TCP_10-0-4-15_443_218-26-55-102_43316.1726308782.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=a33388833f89666c1df86fee1c15f8963612bbbf070fd8fc47747a12f0c94fe8&X-Amz-Date=20251209T115947Z&X-Amz-Expires=604800"}
[2025-12-09 19:59:48.401] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:59:48.401] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:59:48.401] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:59:48.401] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:59:48.401] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:59:48.402] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:59:48.511] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID60_behinderv4.1_aspx_winserver2012r2-tls1.3_1.pcap.TCP_10-0-4-15_443_218-26-55-102_43316.1726308782.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310388510, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726308782677919, "etime": 1726308782677919, "src_ip": "218.26.55.102", "dest_ip": "10.0.4.15", "src_port": 43316, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:59:48.511] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 19:59:51.504] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24492 key: NULL payload: {"bucket":"2025-12-09","object":"19/output/cnn/replay.pcap-ID60_behinderv4.1_aspx_winserver2012r2-tls1.3_1.pcap.TCP_10-0-4-15_443_218-26-55-102_43317.1726308782.jsonl","url":"http://111.32.12.11:9000/2025-12-09/19/output/cnn/replay.pcap-ID60_behinderv4.1_aspx_winserver2012r2-tls1.3_1.pcap.TCP_10-0-4-15_443_218-26-55-102_43317.1726308782.jsonl?X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T115951Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=0b7694e93214d5c0b7db15d077375249533c69d43068e5977befff9e1eeb5698"}
[2025-12-09 19:59:51.504] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 19:59:51.504] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 19:59:51.504] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 19:59:51.504] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 19:59:51.504] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 19:59:51.505] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 19:59:51.611] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:19/output/cnn/replay.pcap-ID60_behinderv4.1_aspx_winserver2012r2-tls1.3_1.pcap.TCP_10-0-4-15_443_218-26-55-102_43317.1726308782.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310391611, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726308782808555, "etime": 1726308782808555, "src_ip": "218.26.55.102", "dest_ip": "10.0.4.15", "src_port": 43317, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 19:59:51.611] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:01:57.186] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24493 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_50555.1727436113.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_50555.1727436113.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T120156Z&X-Amz-Signature=c00ca49c5c52117f97bb4d821f9686d89e778fc8918b336412ab6dff9ee89a03"}
[2025-12-09 20:01:57.187] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:01:57.187] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:01:57.187] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:01:57.187] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:01:57.187] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:01:57.188] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:01:57.298] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_50555.1727436113.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310517297, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727436113712758, "etime": 1727436113712758, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 50555, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:01:57.298] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:02:00.295] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24098 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https5.pcap.TCP_192-168-112-1_53624_192-168-112-135_443.1726625047.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https5.pcap.TCP_192-168-112-1_53624_192-168-112-135_443.1726625047.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=c4e8f94c64458076dd7cdb72352b96c3b6e1d23119ad0ed6a4a0ba84195fbbee&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120159Z&X-Amz-Expires=604800"}
[2025-12-09 20:02:00.295] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:02:00.295] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:02:00.295] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:02:00.295] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:02:00.295] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:02:00.296] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:02:00.393] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https5.pcap.TCP_192-168-112-1_53624_192-168-112-135_443.1726625047.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765310520393, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726625047363652, "etime": 1726625047363652, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 53624, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:02:00.393] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:02:00.393] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:02:00.393] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:02:03.404] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25735 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_http.pcap.TCP_192-168-37-1_43063_192-168-37-136_8080.1727255542.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_http.pcap.TCP_192-168-37-1_43063_192-168-37-136_8080.1727255542.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=6730347c183b3259ef8d4b19f91f04cf6ab8e890808b9b6d3a35084efbe725b7&X-Amz-Date=20251209T120202Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Expires=604800"}
[2025-12-09 20:02:03.404] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:02:03.404] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:02:03.405] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:02:03.405] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:02:03.405] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:02:03.406] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:02:03.518] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_http.pcap.TCP_192-168-37-1_43063_192-168-37-136_8080.1727255542.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310523518, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727255542630132, "etime": 1727255542630132, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 43063, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:02:03.519] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:02:06.519] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24494 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54133_192-168-37-136_8080.1727405503.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54133_192-168-37-136_8080.1727405503.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T120206Z&X-Amz-Signature=9b69de8524b401f77a37528104f795fa4badaaa6852c02787055cd4bea88e7fe&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:02:06.519] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:02:06.519] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:02:06.520] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:02:06.520] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:02:06.520] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:02:06.521] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:02:06.632] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54133_192-168-37-136_8080.1727405503.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310526631, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727405503297814, "etime": 1727405503297814, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 54133, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:02:06.632] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:02:09.638] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24495 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_63350.1727520055.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_63350.1727520055.jsonl?X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=48157f55104e4255d6e26710fd8a59ed49c2fc1479eb7b9bc00de7f03cbf1202&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120209Z&X-Amz-Expires=604800"}
[2025-12-09 20:02:09.639] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:02:09.639] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:02:09.639] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:02:09.639] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:02:09.639] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:02:09.640] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:02:09.751] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_63350.1727520055.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310529751, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727520055539377, "etime": 1727520055539377, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 63350, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:02:09.751] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:02:12.752] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24496 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai_http_cat.pcap.TCP_192-168-52-1_11957_192-168-52-129_80.1726192517.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai_http_cat.pcap.TCP_192-168-52-1_11957_192-168-52-129_80.1726192517.jsonl?X-Amz-Signature=ef185b117a0eb341a2c99755b0e3ec38714906ec870d147caa01dd98ad805f4e&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T120212Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:02:12.752] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:02:12.752] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:02:12.752] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:02:12.752] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:02:12.752] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:02:12.753] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:02:12.863] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai_http_cat.pcap.TCP_192-168-52-1_11957_192-168-52-129_80.1726192517.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310532862, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726192517812209, "etime": 1726192517812209, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 11957, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:02:12.863] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:02:15.867] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24099 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https5.pcap.TCP_192-168-112-1_53625_192-168-112-135_443.1726625050.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https5.pcap.TCP_192-168-112-1_53625_192-168-112-135_443.1726625050.jsonl?X-Amz-Signature=bfd1a8595d06a88f5b199d36b29fea53723d283b8c23d95d0c91c7c4f9e6bd50&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T120215Z"}
[2025-12-09 20:02:15.867] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:02:15.867] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:02:15.867] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:02:15.867] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:02:15.867] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:02:15.868] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:02:15.980] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https5.pcap.TCP_192-168-112-1_53625_192-168-112-135_443.1726625050.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765310535980, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726625050505958, "etime": 1726625050505958, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 53625, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:02:15.980] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:02:15.980] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:02:15.980] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:02:18.980] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24100 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http6.pcap.TCP_192-168-112-1_53642_192-168-112-135_443.1726625085.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http6.pcap.TCP_192-168-112-1_53642_192-168-112-135_443.1726625085.jsonl?X-Amz-Signature=002c74167d0ec2f9357294eb952d290a65a9069979a09a266cc70267927f04fd&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T120218Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:02:18.980] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:02:18.980] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:02:18.980] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:02:18.981] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:02:18.981] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:02:18.981] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:02:19.091] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http6.pcap.TCP_192-168-112-1_53642_192-168-112-135_443.1726625085.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765310539091, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726625085605335, "etime": 1726625085605335, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 53642, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:02:19.091] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:02:19.091] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:02:19.091] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:02:22.100] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24101 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_http.pcap.TCP_192-168-37-1_43061_192-168-37-136_8080.1727255540.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_http.pcap.TCP_192-168-37-1_43061_192-168-37-136_8080.1727255540.jsonl?X-Amz-Date=20251209T120221Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=c02d243de31761accaeb47ffb33a12bacd8cf54552609493069d74701caab86d"}
[2025-12-09 20:02:22.100] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:02:22.100] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:02:22.100] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:02:22.100] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:02:22.100] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:02:22.101] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:02:22.214] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_http.pcap.TCP_192-168-37-1_43061_192-168-37-136_8080.1727255540.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310542213, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727255540318957, "etime": 1727255540318957, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 43061, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:02:22.214] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:02:25.218] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25736 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https4.pcap.TCP_192-168-112-1_53560_192-168-112-135_443.1726624881.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https4.pcap.TCP_192-168-112-1_53560_192-168-112-135_443.1726624881.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T120224Z&X-Amz-SignedHeaders=host&X-Amz-Signature=0ea6cf0c1ca33a55239cacd960c2c3510ede1802cd470dcd160197c23037428e"}
[2025-12-09 20:02:25.218] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:02:25.218] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:02:25.219] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:02:25.219] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:02:25.219] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:02:25.220] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:02:25.332] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https4.pcap.TCP_192-168-112-1_53560_192-168-112-135_443.1726624881.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765310545331, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726624881691309, "etime": 1726624881691309, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 53560, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:02:25.332] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:02:25.332] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:02:25.332] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:02:28.327] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25737 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54129_192-168-37-136_8080.1727405489.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54129_192-168-37-136_8080.1727405489.jsonl?X-Amz-Expires=604800&X-Amz-Signature=1cfb0856bf2d2b6b2b630b715446f9ef2f1b1be021f69d7c6f484f8bbc260d0b&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120227Z"}
[2025-12-09 20:02:28.327] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:02:28.328] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:02:28.328] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:02:28.328] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:02:28.328] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:02:28.329] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:02:28.420] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54129_192-168-37-136_8080.1727405489.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310548419, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727405489398774, "etime": 1727405489398774, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 54129, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:02:28.420] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:02:31.436] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24497 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_36457_192-168-37-136_8080.1727405538.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_36457_192-168-37-136_8080.1727405538.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T120230Z&X-Amz-Expires=604800&X-Amz-Signature=196612d2ca01a9d57e7eb5b1ec222b6a4959092cebc376352b4f48a4ac37d4ba&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:02:31.436] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:02:31.436] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:02:31.436] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:02:31.436] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:02:31.436] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:02:31.437] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:02:31.547] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_36457_192-168-37-136_8080.1727405538.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310551546, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727405538005109, "etime": 1727405538005109, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 36457, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:02:31.547] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:02:34.544] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24102 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_36453_192-168-37-136_8080.1727405528.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_36453_192-168-37-136_8080.1727405528.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=5b43bbfcd52fa71865f4975749d0289f7597796b44321ad3902abc1fed5f9187&X-Amz-Date=20251209T120234Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:02:34.544] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:02:34.544] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:02:34.545] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:02:34.545] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:02:34.545] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:02:34.546] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:02:34.650] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_36453_192-168-37-136_8080.1727405528.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310554649, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727405528620810, "etime": 1727405528620810, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 36453, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:02:34.650] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:02:37.656] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25738 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_36455_192-168-37-136_8080.1727405533.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_36455_192-168-37-136_8080.1727405533.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=584362d94bbbc189febae326c542905be50dfba2e3ed78d386e047c51306bb81&X-Amz-Date=20251209T120237Z&X-Amz-SignedHeaders=host"}
[2025-12-09 20:02:37.656] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:02:37.656] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:02:37.657] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:02:37.657] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:02:37.657] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:02:37.657] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:02:37.767] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_36455_192-168-37-136_8080.1727405533.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310557766, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727405533370267, "etime": 1727405533370267, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 36455, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:02:37.767] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:02:40.774] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25739 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54138_192-168-37-136_8080.1727405512.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54138_192-168-37-136_8080.1727405512.jsonl?X-Amz-Date=20251209T120240Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=2f9f19d6bbca19ffe537bf3bb4f6763ace9e0245237e9b9d26488095b72222f7"}
[2025-12-09 20:02:40.774] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:02:40.774] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:02:40.775] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:02:40.775] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:02:40.775] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:02:40.775] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:02:40.876] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54138_192-168-37-136_8080.1727405512.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310560876, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727405512715624, "etime": 1727405512715624, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 54138, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:02:40.876] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:02:43.890] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24103 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54130_192-168-37-136_8080.1727405491.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54130_192-168-37-136_8080.1727405491.jsonl?X-Amz-Signature=0a57f3303901b7b89b05eff3a6c3d824d66fd2b0cb6a610efccd2b07a1596d9c&X-Amz-Date=20251209T120243Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host"}
[2025-12-09 20:02:43.890] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:02:43.890] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:02:43.891] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:02:43.891] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:02:43.891] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:02:43.892] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:02:44.004] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54130_192-168-37-136_8080.1727405491.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310564004, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727405491662221, "etime": 1727405491662221, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 54130, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:02:44.004] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:02:46.993] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25740 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54131_192-168-37-136_8080.1727405496.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54131_192-168-37-136_8080.1727405496.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=1bbdff6bcdda4631d91404f45b39ed643e1ff710524fb1b149285edee8209ac0&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T120246Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:02:46.993] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:02:46.993] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:02:46.993] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:02:46.993] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:02:46.993] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:02:46.994] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:02:47.100] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54131_192-168-37-136_8080.1727405496.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310567100, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727405496157582, "etime": 1727405496157582, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 54131, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:02:47.100] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:02:50.107] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25741 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_36454_192-168-37-136_8080.1727405529.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_36454_192-168-37-136_8080.1727405529.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=d345aee2c462d18e8f4ed8c580ddec01c6d4dc18826dc2faf42725f8ac09d72d&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120249Z&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:02:50.108] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:02:50.108] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:02:50.108] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:02:50.108] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:02:50.108] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:02:50.109] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:02:50.218] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_36454_192-168-37-136_8080.1727405529.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310570218, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727405529866272, "etime": 1727405529866272, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 36454, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:02:50.218] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:02:53.222] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24498 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_36456_192-168-37-136_8080.1727405536.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_36456_192-168-37-136_8080.1727405536.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T120252Z&X-Amz-Signature=b45fac0a76af0dd20c2055207e91bb9ff21f4d8907994f60a2226b7d39f304dd&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:02:53.222] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:02:53.222] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:02:53.222] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:02:53.222] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:02:53.222] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:02:53.223] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:02:53.335] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_36456_192-168-37-136_8080.1727405536.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310573334, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727405536345005, "etime": 1727405536345005, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 36456, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:02:53.335] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:02:56.336] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24499 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54136_192-168-37-136_8080.1727405509.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54136_192-168-37-136_8080.1727405509.jsonl?X-Amz-Date=20251209T120255Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=e64cdfd49c89ca33e8dcc11fd5efb6b00f3bad994f52cce5436eb125c4719b75"}
[2025-12-09 20:02:56.337] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:02:56.337] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:02:56.337] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:02:56.337] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:02:56.337] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:02:56.338] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:02:56.447] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54136_192-168-37-136_8080.1727405509.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310576446, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727405509216119, "etime": 1727405509216119, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 54136, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:02:56.447] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:02:59.453] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24104 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai1_http_cat.pcap.TCP_192-168-52-1_13173_192-168-52-129_80.1726193267.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai1_http_cat.pcap.TCP_192-168-52-1_13173_192-168-52-129_80.1726193267.jsonl?X-Amz-Signature=5756c577f230f4563fe2923bf8b9faf56fb4390a78b95928a73f01ab80269e4a&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T120258Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:02:59.453] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:02:59.453] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:02:59.453] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:02:59.453] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:02:59.453] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:02:59.454] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:02:59.563] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai1_http_cat.pcap.TCP_192-168-52-1_13173_192-168-52-129_80.1726193267.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310579562, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726193267159595, "etime": 1726193267159595, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 13173, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:02:59.563] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:03:02.584] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24500 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http6.pcap.TCP_192-168-112-1_53641_192-168-112-135_443.1726625082.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http6.pcap.TCP_192-168-112-1_53641_192-168-112-135_443.1726625082.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=36d842f6439693fdf3bd7e9b1edbc3a92772403fb4ae778f721004baff6c631d&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120302Z&X-Amz-SignedHeaders=host"}
[2025-12-09 20:03:02.584] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:03:02.584] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:03:02.584] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:03:02.584] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:03:02.584] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:03:02.585] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:03:02.693] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http6.pcap.TCP_192-168-112-1_53641_192-168-112-135_443.1726625082.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765310582692, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726625082909964, "etime": 1726625082909964, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 53641, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:03:02.693] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:03:02.693] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:03:02.693] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:03:05.703] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25742 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54134_192-168-37-136_8080.1727405507.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54134_192-168-37-136_8080.1727405507.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=3bc5b46f8c75374e3dd2de44ce0db36a367ea6e0005f0140eaeefb1b0464e268&X-Amz-Date=20251209T120305Z&X-Amz-Expires=604800"}
[2025-12-09 20:03:05.703] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:03:05.703] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:03:05.704] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:03:05.704] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:03:05.704] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:03:05.705] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:03:05.813] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54134_192-168-37-136_8080.1727405507.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310585812, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727405507372722, "etime": 1727405507372722, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 54134, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:03:05.813] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:03:08.816] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24105 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54137_192-168-37-136_8080.1727405510.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54137_192-168-37-136_8080.1727405510.jsonl?X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T120308Z&X-Amz-Signature=3b039061de5ed26294e8d9ef65e9725631eec11065ada2286b73dde6a8734f3d"}
[2025-12-09 20:03:08.816] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:03:08.816] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:03:08.817] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:03:08.817] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:03:08.817] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:03:08.818] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:03:08.927] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54137_192-168-37-136_8080.1727405510.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310588927, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727405510787455, "etime": 1727405510787455, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 54137, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:03:08.927] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:03:11.920] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24106 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54139_192-168-37-136_8080.1727405513.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54139_192-168-37-136_8080.1727405513.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120311Z&X-Amz-Signature=682d020119f7870608035e24d9dfeaee63c73ba36fea617be8660f7c1eda2c33&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:03:11.920] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:03:11.920] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:03:11.920] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:03:11.920] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:03:11.920] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:03:11.921] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:03:12.026] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54139_192-168-37-136_8080.1727405513.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310592026, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727405513528149, "etime": 1727405513528149, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 54139, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:03:12.026] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:03:15.027] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24107 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_63360.1727520063.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_63360.1727520063.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T120314Z&X-Amz-Signature=34f91826535110b2167005a37d0aa5c350f969f2782bf8b43144ed160d1fac77&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:03:15.027] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:03:15.027] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:03:15.027] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:03:15.027] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:03:15.027] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:03:15.028] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:03:15.139] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_63360.1727520063.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310595138, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727520063799827, "etime": 1727520063799827, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 63360, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:03:15.139] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:03:18.135] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24501 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http.pcap.TCP_192-168-112-1_55521_192-168-112-135_80.1727254876.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http.pcap.TCP_192-168-112-1_55521_192-168-112-135_80.1727254876.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T120317Z&X-Amz-Expires=604800&X-Amz-Signature=9202f0b9a5fcd8afa2ea5155500443e6ed5feeb653284640ec03c86ea3124313&X-Amz-SignedHeaders=host"}
[2025-12-09 20:03:18.135] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:03:18.135] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:03:18.135] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:03:18.135] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:03:18.135] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:03:18.136] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:03:18.237] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http.pcap.TCP_192-168-112-1_55521_192-168-112-135_80.1727254876.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310598236, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727254876072015, "etime": 1727254876072015, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 55521, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:03:18.237] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:03:21.237] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24108 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_50573.1727436128.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_50573.1727436128.jsonl?X-Amz-Expires=604800&X-Amz-Date=20251209T120320Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=543f31cf6109cb16a84ef02c44a331567f9ce9cd7154d28af513a97e2314fa41&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:03:21.237] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:03:21.237] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:03:21.237] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:03:21.237] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:03:21.237] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:03:21.238] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:03:21.346] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_50573.1727436128.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310601345, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727436128753161, "etime": 1727436128753161, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 50573, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:03:21.346] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:03:24.348] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24502 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54127_192-168-37-136_8080.1727405487.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54127_192-168-37-136_8080.1727405487.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T120323Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=730b6ec67f06a55a8c34c1d4aa48242485015f2a5056a3b83041d4ae8c3a2ae5"}
[2025-12-09 20:03:24.348] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:03:24.348] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:03:24.348] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:03:24.348] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:03:24.348] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:03:24.349] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:03:24.459] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54127_192-168-37-136_8080.1727405487.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310604458, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727405487704534, "etime": 1727405487704534, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 54127, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:03:24.459] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:03:27.460] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24503 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_62816.1727519466.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_62816.1727519466.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T120326Z&X-Amz-Expires=604800&X-Amz-Signature=1cb0206698c3faca36027b4b68f62650b90925a89835971c751134cb9fad62f8&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 20:03:27.460] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:03:27.460] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:03:27.460] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:03:27.460] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:03:27.460] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:03:27.461] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:03:27.570] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_62816.1727519466.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310607569, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727519466626383, "etime": 1727519466626383, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 62816, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:03:27.570] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:03:30.577] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24109 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_61698.1727518200.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_61698.1727518200.jsonl?X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120330Z&X-Amz-Signature=cb086abbf42221bdf7b3d3ad44c7575615796e43c77562be929f6b0964b6c915&X-Amz-Expires=604800"}
[2025-12-09 20:03:30.577] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:03:30.577] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:03:30.578] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:03:30.578] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:03:30.578] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:03:30.579] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:03:30.687] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_61698.1727518200.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310610686, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727518200548375, "etime": 1727518200548375, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 61698, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:03:30.687] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:03:33.697] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24110 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_whoami.pcap.TCP_192-168-52-1_21148_192-168-52-129_443.1725955229.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_whoami.pcap.TCP_192-168-52-1_21148_192-168-52-129_443.1725955229.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T120333Z&X-Amz-Expires=604800&X-Amz-Signature=06d5cfcc06f85545570dc91716cae47a4591607fd64d654a3890362d5c025f72&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:03:33.697] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:03:33.698] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:03:33.698] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:03:33.698] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:03:33.698] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:03:33.699] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:03:33.808] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_whoami.pcap.TCP_192-168-52-1_21148_192-168-52-129_443.1725955229.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765310613807, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1725955229183639, "etime": 1725955229183639, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 21148, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:03:33.808] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:03:33.808] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:03:33.808] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:03:36.810] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24504 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_whoami.pcap.TCP_192-168-52-1_21138_192-168-52-129_443.1725955220.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_whoami.pcap.TCP_192-168-52-1_21138_192-168-52-129_443.1725955220.jsonl?X-Amz-Date=20251209T120336Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=5cb24986a3da7327faedd54a6d90f74950b827ce812ed3de92219463c026fbb3&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:03:36.810] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:03:36.810] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:03:36.810] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:03:36.810] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:03:36.810] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:03:36.811] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:03:36.920] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_whoami.pcap.TCP_192-168-52-1_21138_192-168-52-129_443.1725955220.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765310616919, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1725955220861005, "etime": 1725955220861005, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 21138, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:03:36.920] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:03:36.920] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:03:36.920] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:03:39.929] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25743 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40629_192-168-37-136_8443.1727405639.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40629_192-168-37-136_8443.1727405639.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T120339Z&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=b6aba6c7f5eb97cb618c7cb78c887842800453e43100fbda5fb8d25781de6037"}
[2025-12-09 20:03:39.930] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:03:39.930] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:03:39.930] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:03:39.930] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:03:39.930] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:03:39.931] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:03:40.041] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40629_192-168-37-136_8443.1727405639.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765310620041, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727405639355442, "etime": 1727405639355442, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 40629, "dest_port": 8443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:03:40.041] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:03:40.041] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:03:40.041] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:03:43.046] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24505 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40631_192-168-37-136_8443.1727405641.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40631_192-168-37-136_8443.1727405641.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=a762d7d31007cb86833fea98ac9adc1e8cd65131167eb52471e26107d0448bb4&X-Amz-Date=20251209T120342Z&X-Amz-SignedHeaders=host"}
[2025-12-09 20:03:43.046] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:03:43.046] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:03:43.046] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:03:43.046] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:03:43.046] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:03:43.047] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:03:43.157] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40631_192-168-37-136_8443.1727405641.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765310623156, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727405641230110, "etime": 1727405641230110, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 40631, "dest_port": 8443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:03:43.157] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:03:43.157] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:03:43.157] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:03:46.155] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25744 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_63344.1727520049.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_63344.1727520049.jsonl?X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=1426be2fa6dc29b95604407e5fe7aac94fdd88989af3e12eb8a8f786f57a1005&X-Amz-Date=20251209T120345Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 20:03:46.155] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:03:46.155] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:03:46.155] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:03:46.155] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:03:46.155] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:03:46.156] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:03:46.266] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_63344.1727520049.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310626266, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727520049102346, "etime": 1727520049102346, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 63344, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:03:46.266] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:03:49.270] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25745 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_61670.1727518173.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_61670.1727518173.jsonl?X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120348Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=fedb132f009d7e1e6d4fb2bf7059331bd6cdd70ee7354b2e48ed202fb01b2ff3"}
[2025-12-09 20:03:49.270] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:03:49.270] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:03:49.270] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:03:49.270] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:03:49.270] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:03:49.271] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:03:49.384] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_61670.1727518173.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310629383, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727518173438205, "etime": 1727518173438205, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 61670, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:03:49.384] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:03:52.397] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24506 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_62800.1727519453.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_62800.1727519453.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=e59a17de3020d698bf37a5f1e5b3fda40168f7f5aedafffa199702e568c3e804&X-Amz-Date=20251209T120351Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800"}
[2025-12-09 20:03:52.397] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:03:52.397] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:03:52.397] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:03:52.397] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:03:52.397] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:03:52.398] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:03:52.509] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_62800.1727519453.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310632508, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727519453021652, "etime": 1727519453021652, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 62800, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:03:52.509] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:03:55.511] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24507 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_https_ls.pcap.TCP_192-168-52-1_11671_192-168-52-129_443.1726018242.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_https_ls.pcap.TCP_192-168-52-1_11671_192-168-52-129_443.1726018242.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=fca531a5377becea3a3c753034d6399fd32da8b73d16f98650e83cef50115136&X-Amz-Date=20251209T120355Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 20:03:55.511] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:03:55.511] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:03:55.511] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:03:55.511] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:03:55.511] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:03:55.512] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:03:55.622] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_https_ls.pcap.TCP_192-168-52-1_11671_192-168-52-129_443.1726018242.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765310635622, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726018242689356, "etime": 1726018242689356, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 11671, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:03:55.622] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:03:55.622] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:03:55.622] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:03:58.632] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25746 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40628_192-168-37-136_8443.1727405635.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40628_192-168-37-136_8443.1727405635.jsonl?X-Amz-Date=20251209T120358Z&X-Amz-Signature=bf792d7b51f0d9a3bab47611874d94186bb94337683cd89bbee7147bb965676c&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host"}
[2025-12-09 20:03:58.632] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:03:58.632] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:03:58.632] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:03:58.633] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:03:58.633] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:03:58.633] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:03:58.744] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40628_192-168-37-136_8443.1727405635.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765310638743, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727405635486957, "etime": 1727405635486957, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 40628, "dest_port": 8443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:03:58.744] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:03:58.744] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:03:58.744] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:04:01.750] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24111 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http.pcap.TCP_192-168-112-1_55530_192-168-112-135_80.1727254882.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http.pcap.TCP_192-168-112-1_55530_192-168-112-135_80.1727254882.jsonl?X-Amz-Date=20251209T120401Z&X-Amz-SignedHeaders=host&X-Amz-Signature=b56d36832ff64064f6efd29cf8f5fac4253751f548023a9d069e3d50a04aa302&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 20:04:01.750] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:04:01.750] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:04:01.750] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:04:01.750] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:04:01.750] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:04:01.751] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:04:01.860] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http.pcap.TCP_192-168-112-1_55530_192-168-112-135_80.1727254882.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310641860, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727254882593815, "etime": 1727254882593815, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 55530, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:04:01.860] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:04:04.852] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25747 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http.pcap.TCP_192-168-112-1_55491_192-168-112-135_80.1727254862.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http.pcap.TCP_192-168-112-1_55491_192-168-112-135_80.1727254862.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=d843942126f2f9b2b72fc59cbb46b9a02b8bce977878e69027378bd5f30c0f14&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120404Z&X-Amz-Expires=604800"}
[2025-12-09 20:04:04.852] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:04:04.852] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:04:04.852] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:04:04.852] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:04:04.852] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:04:04.853] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:04:04.953] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http.pcap.TCP_192-168-112-1_55491_192-168-112-135_80.1727254862.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310644953, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727254862972335, "etime": 1727254862972335, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 55491, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:04:04.953] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:04:07.964] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25748 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_50552.1727436110.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_50552.1727436110.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=dedf505229e3a4e7875dc5ef5d7f1f91d5d532e25814ab43a9852d8e75dbf39b&X-Amz-Date=20251209T120407Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:04:07.965] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:04:07.965] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:04:07.965] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:04:07.965] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:04:07.965] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:04:07.966] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:04:08.074] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_50552.1727436110.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310648074, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727436110994424, "etime": 1727436110994424, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 50552, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:04:08.074] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:04:11.073] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25749 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http.pcap.TCP_192-168-112-1_55495_192-168-112-135_80.1727254864.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http.pcap.TCP_192-168-112-1_55495_192-168-112-135_80.1727254864.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T120410Z&X-Amz-Expires=604800&X-Amz-Signature=3dd9b1785b8e6201563ccb5e288fd94e1f5d5c2fdad472a0a2f037782a93baa5"}
[2025-12-09 20:04:11.073] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:04:11.073] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:04:11.073] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:04:11.074] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:04:11.074] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:04:11.074] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:04:11.174] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http.pcap.TCP_192-168-112-1_55495_192-168-112-135_80.1727254864.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310651174, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727254864919652, "etime": 1727254864919652, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 55495, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:04:11.174] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:04:14.183] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24508 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http.pcap.TCP_192-168-112-1_55543_192-168-112-135_80.1727254887.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http.pcap.TCP_192-168-112-1_55543_192-168-112-135_80.1727254887.jsonl?X-Amz-Date=20251209T120413Z&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=f6098a1235b894445469efa16173c492e196a51e0ca3a41c3224663dfea160ba"}
[2025-12-09 20:04:14.183] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:04:14.183] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:04:14.183] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:04:14.183] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:04:14.183] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:04:14.184] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:04:14.293] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http.pcap.TCP_192-168-112-1_55543_192-168-112-135_80.1727254887.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310654293, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727254887821209, "etime": 1727254887821209, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 55543, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:04:14.293] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:04:17.305] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24112 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai3_https_whoami.pcap.TCP_192-168-52-1_40790_192-168-52-129_443.1726041626.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai3_https_whoami.pcap.TCP_192-168-52-1_40790_192-168-52-129_443.1726041626.jsonl?X-Amz-Date=20251209T120416Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=ad6b24966c0acc8a58cced55624efbbb24d8e33826a8382778246d6d850f6b2c&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Expires=604800"}
[2025-12-09 20:04:17.305] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:04:17.305] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:04:17.306] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:04:17.306] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:04:17.306] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:04:17.307] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:04:17.419] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai3_https_whoami.pcap.TCP_192-168-52-1_40790_192-168-52-129_443.1726041626.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765310657419, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726041626326302, "etime": 1726041626326302, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 40790, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:04:17.419] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:04:17.419] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:04:17.419] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:04:20.420] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24509 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_tls1.2_ls.pcap.TCP_192-168-52-1_12256_192-168-52-129_443.1726018536.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_tls1.2_ls.pcap.TCP_192-168-52-1_12256_192-168-52-129_443.1726018536.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T120419Z&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=d0be8c17996847af4afc1c4b5c1652fc12ce4eab9b9c50ca9de33f9d82687916"}
[2025-12-09 20:04:20.420] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:04:20.420] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:04:20.421] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:04:20.421] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:04:20.421] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:04:20.421] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:04:20.532] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_tls1.2_ls.pcap.TCP_192-168-52-1_12256_192-168-52-129_443.1726018536.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765310660532, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726018536975552, "etime": 1726018536975552, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 12256, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:04:20.532] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:04:20.532] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:04:20.532] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:04:23.546] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25750 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-https-1.pcap.TCP_192-168-163-21_42268_192-168-163-23_443.1726208854.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-https-1.pcap.TCP_192-168-163-21_42268_192-168-163-23_443.1726208854.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120423Z&X-Amz-Signature=a13698cdd39ca4bde7454b2fb1d2278584bfc9db4a3fabb475e04d7aa2237532"}
[2025-12-09 20:04:23.547] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:04:23.547] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:04:23.547] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:04:23.547] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:04:23.547] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:04:23.548] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:04:23.651] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-https-1.pcap.TCP_192-168-163-21_42268_192-168-163-23_443.1726208854.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310663650, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726208854103777, "etime": 1726208854103777, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 42268, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:04:23.651] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:04:26.667] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24510 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_52972_192-168-32-40_443.1726127483.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_52972_192-168-32-40_443.1726127483.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120426Z&X-Amz-Signature=440e9890690149a9db33f2d0101791685218f56de86eb5b83a3ba866ba5917f5&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 20:04:26.667] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:04:26.667] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:04:26.668] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:04:26.668] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:04:26.668] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:04:26.669] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:04:26.780] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_52972_192-168-32-40_443.1726127483.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310666779, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726127483519962, "etime": 1726127483519962, "src_ip": "192.168.32.1", "dest_ip": "192.168.32.40", "src_port": 52972, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:04:26.780] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:04:29.779] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25751 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50450.1727159688.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50450.1727159688.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T120429Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=1e8bd560fee3e18ef0c2cca3db99fcc381a49bb0a0a31b27e79a302834d4ce09"}
[2025-12-09 20:04:29.779] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:04:29.779] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:04:29.779] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:04:29.779] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:04:29.779] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:04:29.780] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:04:29.893] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50450.1727159688.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765310669892, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727159688509735, "etime": 1727159688509735, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50450, "dest_port": 9443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:04:29.893] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:04:29.893] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:04:29.893] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:04:32.882] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25752 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux_https-1.pcap.TCP_192-168-163-21_42100_192-168-163-23_443.1726207998.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux_https-1.pcap.TCP_192-168-163-21_42100_192-168-163-23_443.1726207998.jsonl?X-Amz-Date=20251209T120432Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=35c4e51daaf143d153ba72cb7cc24e3fc183e22720c02b162260e32aeede8a27"}
[2025-12-09 20:04:32.882] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:04:32.882] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:04:32.883] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:04:32.883] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:04:32.883] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:04:32.884] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:04:32.991] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux_https-1.pcap.TCP_192-168-163-21_42100_192-168-163-23_443.1726207998.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310672990, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726207998860811, "etime": 1726207998860811, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 42100, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:04:32.991] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:04:35.992] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25753 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_52799_192-168-32-40_443.1726127473.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_52799_192-168-32-40_443.1726127473.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=8731750ef013ed64c10d60216802818310ca115195448dd0c15fa1920040714c&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T120435Z"}
[2025-12-09 20:04:35.993] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:04:35.993] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:04:35.993] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:04:35.993] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:04:35.993] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:04:35.994] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:04:36.103] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_52799_192-168-32-40_443.1726127473.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765310676102, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726127473298137, "etime": 1726127473298137, "src_ip": "192.168.32.1", "dest_ip": "192.168.32.40", "src_port": 52799, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:04:36.103] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:04:36.103] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:04:36.103] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:04:39.109] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25754 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50131.1726212721.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50131.1726212721.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120438Z&X-Amz-SignedHeaders=host&X-Amz-Signature=2d0d03ca53600d9ba10f2ac746ca0fae7cb9c598498a8e3f0177abf4efa3c3b0&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 20:04:39.109] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:04:39.109] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:04:39.109] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:04:39.109] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:04:39.109] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:04:39.110] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:04:39.223] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50131.1726212721.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310679222, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726212721829187, "etime": 1726212721829187, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50131, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:04:39.223] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:04:42.225] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24113 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_http_whoami.pcap.TCP_192-168-52-1_13322_192-168-52-129_80.1726193381.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_http_whoami.pcap.TCP_192-168-52-1_13322_192-168-52-129_80.1726193381.jsonl?X-Amz-Expires=604800&X-Amz-Signature=d8834d5101483a4f08d155d08d44adc817b0a2c5d157466371912536d04d7f4a&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T120441Z&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:04:42.226] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:04:42.226] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:04:42.226] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:04:42.226] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:04:42.226] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:04:42.227] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:04:42.331] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_http_whoami.pcap.TCP_192-168-52-1_13322_192-168-52-129_80.1726193381.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310682330, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726193381483632, "etime": 1726193381483632, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 13322, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:04:42.331] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:04:45.338] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25755 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_53311_192-168-32-40_443.1726127506.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_53311_192-168-32-40_443.1726127506.jsonl?X-Amz-Expires=604800&X-Amz-Signature=9186324f6eb7c2e2558bd345c5fdeb2c04227ab3cc3da42d02f3c5a2045e8359&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T120444Z&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:04:45.338] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:04:45.338] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:04:45.338] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:04:45.339] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:04:45.339] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:04:45.339] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:04:45.449] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_53311_192-168-32-40_443.1726127506.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310685448, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726127506565947, "etime": 1726127506565947, "src_ip": "192.168.32.1", "dest_ip": "192.168.32.40", "src_port": 53311, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:04:45.449] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:04:48.443] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24511 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-136_44854.1726132120.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-136_44854.1726132120.jsonl?X-Amz-Date=20251209T120447Z&X-Amz-Signature=f5c5332f522d4f2d6802661b036319937e910f5e87c2272c38e7ad36b345028d&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 20:04:48.443] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:04:48.443] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:04:48.443] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:04:48.443] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:04:48.444] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:04:48.444] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:04:48.551] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-136_44854.1726132120.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310688551, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132120257583, "etime": 1726132120257583, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44854, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:04:48.551] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:04:51.546] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25756 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44892.1726132175.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44892.1726132175.jsonl?X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T120451Z&X-Amz-Signature=f1cdb532be2a597f58a40b58758eb3199cbbc738e0fd4ec4b0a7d06446743055&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:04:51.546] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:04:51.546] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:04:51.546] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:04:51.546] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:04:51.546] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:04:51.547] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:04:51.656] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44892.1726132175.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310691656, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132175152807, "etime": 1726132175152807, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44892, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:04:51.657] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:04:54.664] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24512 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44916.1726132216.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44916.1726132216.jsonl?X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=5dde1a20b465c8f21084cdbfa840b591b8646bbedc1f064e6e7ae299ec1526f9&X-Amz-Date=20251209T120454Z&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:04:54.664] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:04:54.664] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:04:54.664] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:04:54.664] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:04:54.664] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:04:54.665] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:04:54.778] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44916.1726132216.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310694778, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132216248272, "etime": 1726132216248272, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44916, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:04:54.778] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:04:57.766] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25757 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49246.1727232128.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49246.1727232128.jsonl?X-Amz-Signature=32567668737a6385e0c2622596a8b474350c4dbbf14185c70d8cc5f2691853d2&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120457Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:04:57.766] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:04:57.766] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:04:57.766] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:04:57.766] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:04:57.766] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:04:57.767] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:04:57.872] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49246.1727232128.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310697872, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727232128680946, "etime": 1727232128680946, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49246, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:04:57.872] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:05:00.880] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24513 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53340.1726132256.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53340.1726132256.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=912b0bab06aac60a9eae85c15a6899be3744a88ab0e8a8bc4114d50ee34aae14&X-Amz-Date=20251209T120500Z"}
[2025-12-09 20:05:00.880] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:05:00.880] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:05:00.880] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:05:00.880] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:05:00.880] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:05:00.881] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:05:00.989] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53340.1726132256.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310700988, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132256077876, "etime": 1726132256077876, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53340, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:05:00.989] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:05:03.991] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24514 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54125_192-168-37-136_8080.1727405485.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54125_192-168-37-136_8080.1727405485.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Date=20251209T120503Z&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=aadeb693c2e1ddfa70453838138bf5c985718504687f1e30a18c55895bcbaca6"}
[2025-12-09 20:05:03.991] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:05:03.992] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:05:03.992] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:05:03.992] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:05:03.992] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:05:03.993] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:05:04.101] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54125_192-168-37-136_8080.1727405485.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310704100, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727405485017759, "etime": 1727405485017759, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 54125, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:05:04.101] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:05:07.104] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24515 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54126_192-168-37-136_8080.1727405487.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54126_192-168-37-136_8080.1727405487.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=31279b64f50739857a1bba88bee68c9fe22a2163fc1c9be641c837f8550d5029&X-Amz-Date=20251209T120506Z"}
[2025-12-09 20:05:07.104] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:05:07.104] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:05:07.104] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:05:07.104] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:05:07.104] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:05:07.105] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:05:07.209] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54126_192-168-37-136_8080.1727405487.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310707209, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727405487640185, "etime": 1727405487640185, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 54126, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:05:07.209] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:05:10.212] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24516 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54128_192-168-37-136_8080.1727405489.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54128_192-168-37-136_8080.1727405489.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T120509Z&X-Amz-Signature=2f7541e869b1359584ed606faafc89e9ba849ee85826d5019be21808a46ed84e"}
[2025-12-09 20:05:10.212] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:05:10.212] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:05:10.213] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:05:10.213] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:05:10.213] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:05:10.213] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:05:10.325] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54128_192-168-37-136_8080.1727405489.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310710325, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727405489312574, "etime": 1727405489312574, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 54128, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:05:10.325] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:05:13.324] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24114 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-https-1.pcap.TCP_192-168-163-21_42267_192-168-163-23_443.1726208846.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-https-1.pcap.TCP_192-168-163-21_42267_192-168-163-23_443.1726208846.jsonl?X-Amz-Date=20251209T120512Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=144a11752d97524e5a47b0f684411e4b6f25fe2af951f81dacd7b5dc5c504b35"}
[2025-12-09 20:05:13.324] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:05:13.324] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:05:13.325] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:05:13.325] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:05:13.325] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:05:13.325] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:05:13.430] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-https-1.pcap.TCP_192-168-163-21_42267_192-168-163-23_443.1726208846.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310713429, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726208846205387, "etime": 1726208846205387, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 42267, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:05:13.430] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:05:16.445] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24517 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https.pcap.TCP_192-168-112-1_55600_192-168-112-135_443.1727254925.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https.pcap.TCP_192-168-112-1_55600_192-168-112-135_443.1727254925.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T120515Z&X-Amz-Signature=b7e5b041cc1253487bcbcf3015153cf28a857d5fe633ef10298cb512a4c2747f&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:05:16.445] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:05:16.445] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:05:16.445] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:05:16.446] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:05:16.446] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:05:16.446] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:05:16.555] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https.pcap.TCP_192-168-112-1_55600_192-168-112-135_443.1727254925.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765310716554, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727254925517241, "etime": 1727254925517241, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 55600, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:05:16.555] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:05:16.555] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:05:16.555] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:05:19.564] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24518 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-https-1.pcap.TCP_192-168-163-21_42274_192-168-163-23_443.1726208860.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-https-1.pcap.TCP_192-168-163-21_42274_192-168-163-23_443.1726208860.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120519Z&X-Amz-SignedHeaders=host&X-Amz-Signature=b18dddba53241ddbd4ccaf8597f649da464bc78180573a90c9eac2c635078f5e&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:05:19.564] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:05:19.564] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:05:19.565] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:05:19.565] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:05:19.565] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:05:19.566] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:05:19.677] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-https-1.pcap.TCP_192-168-163-21_42274_192-168-163-23_443.1726208860.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310719676, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726208860477707, "etime": 1726208860477707, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 42274, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:05:19.677] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:05:22.681] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24519 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-https-1.pcap.TCP_192-168-163-21_42263_192-168-163-23_443.1726208839.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-https-1.pcap.TCP_192-168-163-21_42263_192-168-163-23_443.1726208839.jsonl?X-Amz-Signature=735c196ba31936c794360ab815c33a85b54c2acc7443da4735756c182081adf7&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Date=20251209T120522Z&X-Amz-SignedHeaders=host"}
[2025-12-09 20:05:22.681] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:05:22.681] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:05:22.682] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:05:22.682] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:05:22.682] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:05:22.683] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:05:22.792] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-https-1.pcap.TCP_192-168-163-21_42263_192-168-163-23_443.1726208839.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310722791, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726208839209384, "etime": 1726208839209384, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 42263, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:05:22.792] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:05:25.797] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25758 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50128.1726212719.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50128.1726212719.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T120525Z&X-Amz-Signature=02f46cf6d59a27d7d047bf95b1a698c66e6d9775f46d4c3e95aed59b832e7d61&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:05:25.797] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:05:25.797] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:05:25.798] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:05:25.798] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:05:25.798] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:05:25.798] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:05:25.907] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50128.1726212719.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310725907, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726212719767203, "etime": 1726212719767203, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50128, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:05:25.908] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:05:28.910] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24520 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50134.1726212724.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50134.1726212724.jsonl?X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=0a58e1c5e887dc30d2190cead00dbefdc3faf63bade0bc6dbc402743c7190dd5&X-Amz-Date=20251209T120528Z"}
[2025-12-09 20:05:28.910] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:05:28.910] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:05:28.910] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:05:28.910] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:05:28.910] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:05:28.911] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:05:29.023] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50134.1726212724.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310729023, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726212724889659, "etime": 1726212724889659, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50134, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:05:29.023] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:05:32.024] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24115 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux_https-1.pcap.TCP_192-168-163-21_42110_192-168-163-23_443.1726208030.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux_https-1.pcap.TCP_192-168-163-21_42110_192-168-163-23_443.1726208030.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120531Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=fc3ca38ddbee349ed7a0747df68ba88d7a6f57d9a756e0a7975907d51ad57c10"}
[2025-12-09 20:05:32.025] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:05:32.025] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:05:32.025] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:05:32.025] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:05:32.025] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:05:32.026] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:05:32.138] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux_https-1.pcap.TCP_192-168-163-21_42110_192-168-163-23_443.1726208030.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310732138, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726208030347909, "etime": 1726208030347909, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 42110, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:05:32.138] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:05:35.128] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24521 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-https-1.pcap.TCP_192-168-163-21_42283_192-168-163-23_443.1726208876.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-https-1.pcap.TCP_192-168-163-21_42283_192-168-163-23_443.1726208876.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=3ab38a8c658cca8f76d4d225075a060a6c0ec1672587b99e450c98717e3272ea&X-Amz-Date=20251209T120534Z"}
[2025-12-09 20:05:35.128] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:05:35.128] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:05:35.129] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:05:35.129] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:05:35.129] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:05:35.130] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:05:35.237] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-https-1.pcap.TCP_192-168-163-21_42283_192-168-163-23_443.1726208876.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310735237, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726208876045542, "etime": 1726208876045542, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 42283, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:05:35.237] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:05:38.237] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24116 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_53138_192-168-32-40_443.1726127495.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_53138_192-168-32-40_443.1726127495.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120537Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=31e62740b9e0ded91cc34deeb1f6ac7a12a1a1991cbe9d50c570824e93a72c28&X-Amz-SignedHeaders=host"}
[2025-12-09 20:05:38.237] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:05:38.237] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:05:38.237] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:05:38.237] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:05:38.237] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:05:38.238] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:05:38.348] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_53138_192-168-32-40_443.1726127495.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765310738348, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726127495073869, "etime": 1726127495073869, "src_ip": "192.168.32.1", "dest_ip": "192.168.32.40", "src_port": 53138, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:05:38.348] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:05:38.348] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:05:38.348] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:05:41.355] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24117 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50125.1726212718.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50125.1726212718.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120540Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=ab39f513418c5c8b0fdb2633974da3862cca22125422a25521d6a86ca5a8dad5"}
[2025-12-09 20:05:41.355] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:05:41.355] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:05:41.356] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:05:41.356] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:05:41.356] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:05:41.357] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:05:41.467] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50125.1726212718.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310741466, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726212718733226, "etime": 1726212718733226, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50125, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:05:41.467] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:05:44.460] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24522 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50127.1726212719.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50127.1726212719.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=11436ca1f2e840b54a3ac9087f11c082e628d4e51f1d1d7d6878b83207267a2c&X-Amz-Date=20251209T120543Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Expires=604800"}
[2025-12-09 20:05:44.460] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:05:44.460] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:05:44.461] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:05:44.461] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:05:44.461] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:05:44.461] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:05:44.569] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50127.1726212719.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310744568, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726212719751845, "etime": 1726212719751845, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50127, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:05:44.569] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:05:47.569] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25759 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_http.pcap.TCP_192-168-32-1_58172_192-168-32-40_80.1726196747.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_http.pcap.TCP_192-168-32-1_58172_192-168-32-40_80.1726196747.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120547Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=50878db3886563e004faa80d57d5c045609bdc3e96a42cc92690c939f9d1da8f"}
[2025-12-09 20:05:47.569] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:05:47.570] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:05:47.570] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:05:47.570] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:05:47.570] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:05:47.571] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:05:47.679] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_http.pcap.TCP_192-168-32-1_58172_192-168-32-40_80.1726196747.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310747679, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726196747300843, "etime": 1726196747300843, "src_ip": "192.168.32.1", "dest_ip": "192.168.32.40", "src_port": 58172, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:05:47.679] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:05:50.686] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24523 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_54386.1726130506.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_54386.1726130506.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120550Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=e5ca0f3253f40d215d65530078799ba1b3c365abed862029bb741ff6512eca2c"}
[2025-12-09 20:05:50.687] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:05:50.687] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:05:50.687] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:05:50.687] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:05:50.687] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:05:50.688] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:05:50.796] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_54386.1726130506.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310750795, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130506316604, "etime": 1726130506316604, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 54386, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:05:50.796] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:05:53.790] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24524 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_51500.1726130547.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_51500.1726130547.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=0db51d8312d239b7db9f895f01c5fa95c02e9bcb6bca3e2970c9393fff9ccf42&X-Amz-Date=20251209T120553Z&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:05:53.790] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:05:53.790] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:05:53.791] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:05:53.791] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:05:53.791] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:05:53.792] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:05:53.902] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_51500.1726130547.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310753901, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130547610682, "etime": 1726130547610682, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 51500, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:05:53.902] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:05:56.893] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24525 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_44042.1726130601.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_44042.1726130601.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=09c4e477693e6e8eb4677f819e4e18a0d55e47a23ab456cf5d71cab765e8d3a0&X-Amz-Date=20251209T120556Z&X-Amz-Expires=604800"}
[2025-12-09 20:05:56.893] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:05:56.893] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:05:56.894] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:05:56.894] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:05:56.894] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:05:56.894] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:05:57.000] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_44042.1726130601.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310757000, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130601018523, "etime": 1726130601018523, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 44042, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:05:57.000] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:06:00.011] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25760 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_58174.1726129546.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_58174.1726129546.jsonl?X-Amz-Date=20251209T120559Z&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=2519ab784c15bd0eb0d3967c87d0b3cb62fdc1a884db82e613b89788ba93248b"}
[2025-12-09 20:06:00.012] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:06:00.012] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:06:00.012] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:06:00.012] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:06:00.012] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:06:00.013] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:06:00.122] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_58174.1726129546.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310760122, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129546741149, "etime": 1726129546741149, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 58174, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:06:00.122] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:06:03.128] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24526 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_33074.1726129605.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_33074.1726129605.jsonl?X-Amz-Signature=97b08f1b4d631862fc3a8dd8a90876b1c60ecf6de824da4eba2edec9d1da26cd&X-Amz-Date=20251209T120602Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:06:03.128] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:06:03.128] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:06:03.129] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:06:03.129] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:06:03.129] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:06:03.130] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:06:03.239] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_33074.1726129605.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310763238, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129605640973, "etime": 1726129605640973, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 33074, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:06:03.239] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:06:06.240] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25761 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_36992.1726129657.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_36992.1726129657.jsonl?X-Amz-Signature=b6537ea802ec53f4fefb994d79927a896c8f3196c3ce47f9c21f482f0e802314&X-Amz-Date=20251209T120605Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:06:06.241] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:06:06.241] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:06:06.241] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:06:06.241] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:06:06.241] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:06:06.242] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:06:06.351] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_36992.1726129657.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310766351, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129657051972, "etime": 1726129657051972, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 36992, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:06:06.351] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:06:09.358] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24527 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_35960.1726130427.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_35960.1726130427.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120608Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=47a275b562c622de7aed39feeab5796075b8bfa0657873a744ef29f191d6ca14"}
[2025-12-09 20:06:09.358] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:06:09.358] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:06:09.358] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:06:09.358] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:06:09.358] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:06:09.359] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:06:09.474] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_35960.1726130427.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310769473, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130427312254, "etime": 1726130427312254, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 35960, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:06:09.474] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:06:12.468] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24528 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux_https-1.pcap.TCP_192-168-163-21_42096_192-168-163-23_443.1726207955.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux_https-1.pcap.TCP_192-168-163-21_42096_192-168-163-23_443.1726207955.jsonl?X-Amz-Date=20251209T120611Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=4fad870417af4a883a13fc2e005d97b93f55cba3effeb48e6a1d6ca56198d348"}
[2025-12-09 20:06:12.469] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:06:12.469] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:06:12.469] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:06:12.469] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:06:12.469] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:06:12.470] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:06:12.582] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux_https-1.pcap.TCP_192-168-163-21_42096_192-168-163-23_443.1726207955.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310772581, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726207955701412, "etime": 1726207955701412, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 42096, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:06:12.582] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:06:15.581] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24118 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50130.1726212721.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50130.1726212721.jsonl?X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T120615Z&X-Amz-Signature=f17835d1ba2d2f2eb39f2b164b825e5c9a2ca81c8875fb605aab061ea59798aa"}
[2025-12-09 20:06:15.581] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:06:15.581] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:06:15.581] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:06:15.581] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:06:15.581] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:06:15.582] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:06:15.688] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50130.1726212721.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310775688, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726212721802468, "etime": 1726212721802468, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50130, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:06:15.689] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:06:18.702] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24529 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain1.1726212841.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain1.1726212841.jsonl?X-Amz-Expires=604800&X-Amz-Date=20251209T120618Z&X-Amz-Signature=c1a55cfeea37b028da6cf23f9dbb5db5a02de0048dcc1d92f07c5d649bd0763f&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:06:18.702] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:06:18.702] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:06:18.702] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:06:18.702] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:06:18.702] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:06:18.703] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:06:18.815] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain1.1726212841.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310778815, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726212841536391, "etime": 1726212841536391, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50185, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:06:18.816] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:06:21.815] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24119 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain1.pcap.TCP_192-168-112-139_51129_192-168-112-141_50185.1726212841.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain1.pcap.TCP_192-168-112-139_51129_192-168-112-141_50185.1726212841.jsonl?X-Amz-Date=20251209T120621Z&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=b60f4f387332068f3a4d39e13a1628a997d428c2ab81239eee850061cec2953b&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 20:06:21.815] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:06:21.815] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:06:21.816] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:06:21.816] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:06:21.816] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:06:21.817] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:06:21.923] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain1.pcap.TCP_192-168-112-139_51129_192-168-112-141_50185.1726212841.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310781922, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726212841536391, "etime": 1726212841536391, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50185, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:06:21.923] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:06:24.934] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25762 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50123.1726212710.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50123.1726212710.jsonl?X-Amz-Date=20251209T120624Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=06ea51d2921fb9438127722b5c9c09d92360a30a7aca656771826dcc18aeba07&X-Amz-SignedHeaders=host"}
[2025-12-09 20:06:24.934] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:06:24.934] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:06:24.935] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:06:24.935] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:06:24.935] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:06:24.936] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:06:25.045] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50123.1726212710.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310785045, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726212710678781, "etime": 1726212710678781, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50123, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:06:25.046] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:06:28.048] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25763 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50124.1726212714.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50124.1726212714.jsonl?X-Amz-Signature=aaf0a30d68c6c844c5b46aeadc5a1c728aece2e9a3b734d57b5ad1eaded451f8&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120627Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:06:28.048] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:06:28.048] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:06:28.048] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:06:28.048] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:06:28.048] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:06:28.049] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:06:28.162] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50124.1726212714.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310788161, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726212714709050, "etime": 1726212714709050, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50124, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:06:28.162] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:06:31.161] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24530 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50129.1726212720.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50129.1726212720.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120630Z&X-Amz-Expires=604800&X-Amz-Signature=2ac48e5e9fd12d9275a88322ee1becba6cc77e2735ee3d7cb6a8d6ab05558e16&X-Amz-SignedHeaders=host"}
[2025-12-09 20:06:31.161] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:06:31.161] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:06:31.161] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:06:31.161] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:06:31.161] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:06:31.162] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:06:31.271] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50129.1726212720.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310791270, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726212720770251, "etime": 1726212720770251, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50129, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:06:31.271] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:06:34.280] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25764 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50132.1726212722.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50132.1726212722.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120633Z&X-Amz-SignedHeaders=host&X-Amz-Signature=a6787d34a596d8a13f052bcccae16a0f1c6e2b75b40adef699ec87b6fc9ea277"}
[2025-12-09 20:06:34.280] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:06:34.280] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:06:34.281] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:06:34.281] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:06:34.281] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:06:34.282] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:06:34.393] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50132.1726212722.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310794393, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726212722835271, "etime": 1726212722835271, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50132, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:06:34.393] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:06:37.395] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24120 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50135.1726212725.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50135.1726212725.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T120636Z&X-Amz-Signature=8ec729fb9e32f81efdd274ca0e4835ce3510bf4d1a9452346001da0ecd5a4114&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:06:37.396] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:06:37.396] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:06:37.396] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:06:37.396] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:06:37.396] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:06:37.397] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:06:37.501] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50135.1726212725.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310797501, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726212725906338, "etime": 1726212725906338, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50135, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:06:37.501] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:06:40.519] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24531 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50137.1726212727.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50137.1726212727.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=3cb9dfbbe9fbb0a9fcc35d46c482c039a07c6126db5b01c52cb23480bc9ec7a1&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120639Z&X-Amz-Expires=604800"}
[2025-12-09 20:06:40.519] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:06:40.519] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:06:40.520] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:06:40.520] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:06:40.520] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:06:40.520] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:06:40.630] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50137.1726212727.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310800629, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726212727934034, "etime": 1726212727934034, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50137, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:06:40.630] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:06:43.623] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25765 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux_https-1.pcap.TCP_192-168-163-21_42111_192-168-163-23_443.1726208046.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux_https-1.pcap.TCP_192-168-163-21_42111_192-168-163-23_443.1726208046.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=05ccd3cc3001606127f53ee4ea1fc2fed781afaf26967eb59ed5bfd4d63c4414&X-Amz-Expires=604800&X-Amz-Date=20251209T120643Z&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:06:43.624] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:06:43.624] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:06:43.624] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:06:43.624] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:06:43.624] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:06:43.625] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:06:43.723] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux_https-1.pcap.TCP_192-168-163-21_42111_192-168-163-23_443.1726208046.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310803723, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726208046965479, "etime": 1726208046965479, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 42111, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:06:43.723] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:06:46.738] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24532 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50459.1727159698.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50459.1727159698.jsonl?X-Amz-Expires=604800&X-Amz-Date=20251209T120646Z&X-Amz-Signature=3f5d1a70acf5141abe43757682cd37688849a09308f5a1c126864ea1c1bf0cc2&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:06:46.738] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:06:46.738] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:06:46.739] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:06:46.739] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:06:46.739] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:06:46.739] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:06:46.851] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50459.1727159698.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765310806851, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727159698652174, "etime": 1727159698652174, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50459, "dest_port": 9443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:06:46.851] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:06:46.851] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:06:46.851] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:06:49.869] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24533 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux_https-1.pcap.TCP_192-168-163-21_42108_192-168-163-23_443.1726208017.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux_https-1.pcap.TCP_192-168-163-21_42108_192-168-163-23_443.1726208017.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=9fb20e10cf174f57ec28ccda08d16b781a68330e566e9325fdf3db5baf79d6a2&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120649Z"}
[2025-12-09 20:06:49.869] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:06:49.869] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:06:49.869] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:06:49.869] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:06:49.869] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:06:49.870] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:06:49.981] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux_https-1.pcap.TCP_192-168-163-21_42108_192-168-163-23_443.1726208017.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310809981, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726208017477466, "etime": 1726208017477466, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 42108, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:06:49.981] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:06:52.972] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24534 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-https-1.pcap.TCP_192-168-163-21_42280_192-168-163-23_443.1726208868.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-https-1.pcap.TCP_192-168-163-21_42280_192-168-163-23_443.1726208868.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T120652Z&X-Amz-Signature=5821a7eb5fa298294f1de16e68a1add46cd5d9f27c902f3c4e058ba8123e8fba&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:06:52.972] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:06:52.972] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:06:52.972] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:06:52.972] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:06:52.972] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:06:52.973] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:06:53.078] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-https-1.pcap.TCP_192-168-163-21_42280_192-168-163-23_443.1726208868.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310813078, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726208868155326, "etime": 1726208868155326, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 42280, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:06:53.078] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:06:56.075] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25766 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50126.1726212718.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50126.1726212718.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120655Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=b83f8e06194c8da760d800bcd8868e6453c5dfe5c9cea9a2c5a29c15a34d82f7&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:06:56.075] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:06:56.075] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:06:56.075] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:06:56.076] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:06:56.076] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:06:56.076] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:06:56.181] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50126.1726212718.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310816181, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726212718748454, "etime": 1726212718748454, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50126, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:06:56.182] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:06:59.193] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24535 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50136.1726212726.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50136.1726212726.jsonl?X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=07ce58ad293af21d78dbce6862bf479c1c487b10faf2cdd7a137c1bd157114e1&X-Amz-Date=20251209T120658Z&X-Amz-SignedHeaders=host"}
[2025-12-09 20:06:59.193] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:06:59.193] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:06:59.193] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:06:59.193] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:06:59.193] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:06:59.194] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:06:59.306] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50136.1726212726.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310819306, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726212726924441, "etime": 1726212726924441, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50136, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:06:59.306] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:07:02.316] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24121 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_https-1.pcap.TCP_192-168-163-21_41528_192-168-163-23_443.1726205296.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_https-1.pcap.TCP_192-168-163-21_41528_192-168-163-23_443.1726205296.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=568737bf1a169d375d653a14bb2f8dfbda49a68cc2fa22e14edd8af154c942da&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120701Z&X-Amz-Expires=604800"}
[2025-12-09 20:07:02.316] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:07:02.316] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:07:02.317] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:07:02.317] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:07:02.317] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:07:02.318] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:07:02.428] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_https-1.pcap.TCP_192-168-163-21_41528_192-168-163-23_443.1726205296.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310822428, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726205296283007, "etime": 1726205296283007, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 41528, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:07:02.428] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:07:05.430] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25767 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_https-1.pcap.TCP_192-168-163-21_41852_192-168-163-23_443.1726206864.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_https-1.pcap.TCP_192-168-163-21_41852_192-168-163-23_443.1726206864.jsonl?X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Date=20251209T120704Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=34a9c9cc8ee7f947edd2cdb22e597a5104ea291f9aef1569289ce267d6647de5"}
[2025-12-09 20:07:05.430] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:07:05.430] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:07:05.431] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:07:05.431] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:07:05.431] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:07:05.432] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:07:05.542] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_https-1.pcap.TCP_192-168-163-21_41852_192-168-163-23_443.1726206864.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310825541, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726206864375523, "etime": 1726206864375523, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 41852, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:07:05.542] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:07:08.557] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24536 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_https-1.pcap.TCP_192-168-163-21_41520_192-168-163-23_443.1726205265.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_https-1.pcap.TCP_192-168-163-21_41520_192-168-163-23_443.1726205265.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T120708Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=a6f9a8287e1cbaacbae0f9a8d9cf8f6400adde0c26da8fa8b9738b95f5ff7d62&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:07:08.558] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:07:08.558] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:07:08.558] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:07:08.558] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:07:08.558] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:07:08.559] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:07:08.666] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_https-1.pcap.TCP_192-168-163-21_41520_192-168-163-23_443.1726205265.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310828665, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726205265386742, "etime": 1726205265386742, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 41520, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:07:08.666] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:07:11.681] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24537 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50446.1727159684.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50446.1727159684.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=1ea813dff617ff2f0339ebdf6fad3f8e5348329d6e154ffdc05af933d8a6a186&X-Amz-Date=20251209T120711Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:07:11.681] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:07:11.681] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:07:11.682] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:07:11.682] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:07:11.682] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:07:11.683] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:07:11.793] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50446.1727159684.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765310831792, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727159684404287, "etime": 1727159684404287, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50446, "dest_port": 9443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:07:11.793] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:07:11.793] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:07:11.793] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:07:14.799] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25768 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49237.1727232113.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49237.1727232113.jsonl?X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=05de80f6b1250473c80a239226c3a75f915ccbfc15d33f0875860827fe9172f9&X-Amz-Date=20251209T120714Z&X-Amz-SignedHeaders=host"}
[2025-12-09 20:07:14.799] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:07:14.799] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:07:14.799] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:07:14.799] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:07:14.799] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:07:14.800] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:07:14.909] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49237.1727232113.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310834909, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727232113603216, "etime": 1727232113603216, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49237, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:07:14.909] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:07:17.913] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24122 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49238.1727232116.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49238.1727232116.jsonl?X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T120717Z&X-Amz-SignedHeaders=host&X-Amz-Signature=05a462746480a9dc6a627711c074c4722179d34d0faef3976ab4ce476b33836c"}
[2025-12-09 20:07:17.913] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:07:17.913] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:07:17.913] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:07:17.914] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:07:17.914] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:07:17.914] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:07:18.011] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49238.1727232116.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310838010, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727232116613994, "etime": 1727232116613994, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49238, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:07:18.011] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:07:21.029] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24123 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49245.1727232128.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49245.1727232128.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=a7fe01ee01df8cb28c0679fc56be21c885219d093a493335f14e0d809ce5f1a6&X-Amz-Date=20251209T120720Z&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:07:21.029] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:07:21.029] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:07:21.029] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:07:21.029] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:07:21.029] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:07:21.030] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:07:21.139] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49245.1727232128.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310841139, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727232128663205, "etime": 1727232128663205, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49245, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:07:21.139] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:07:24.150] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24124 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49247.1727232131.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49247.1727232131.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T120723Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=19a408221a3979665997dc084bc209b450629ec76fd89005f9902d29dc6eee3b"}
[2025-12-09 20:07:24.150] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:07:24.150] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:07:24.150] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:07:24.150] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:07:24.150] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:07:24.151] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:07:24.263] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49247.1727232131.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310844262, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727232131674752, "etime": 1727232131674752, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49247, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:07:24.263] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:07:27.271] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24125 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50133.1726212723.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50133.1726212723.jsonl?X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T120726Z&X-Amz-Signature=f87b44d92084d996adaf74916ea3ca03488eff83bcb1529da5a07f84beb57aee&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 20:07:27.271] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:07:27.271] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:07:27.272] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:07:27.272] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:07:27.272] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:07:27.273] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:07:27.378] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.pcap.TCP_192-168-112-139_51119_192-168-112-141_50133.1726212723.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765310847378, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726212723856379, "etime": 1726212723856379, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50133, "dest_port": 51119, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:07:27.378] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:07:27.378] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:07:27.378] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:07:30.375] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24538 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49243.1727232122.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49243.1727232122.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120729Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=cf7b4f2d84f0557035b4c373756cfb9fd8ea322663342781f0158a847a6ee7fb&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:07:30.375] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:07:30.375] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:07:30.375] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:07:30.375] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:07:30.375] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:07:30.376] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:07:30.482] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49243.1727232122.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310850481, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727232122650773, "etime": 1727232122650773, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49243, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:07:30.482] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:07:33.479] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25769 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux_https-1.pcap.TCP_192-168-163-21_42099_192-168-163-23_443.1726207974.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux_https-1.pcap.TCP_192-168-163-21_42099_192-168-163-23_443.1726207974.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120733Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=5cf1ef2845016c1fab5840c5bcf69883c1f868021fbe5c9a5944d1647f6153e6"}
[2025-12-09 20:07:33.479] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:07:33.479] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:07:33.479] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:07:33.479] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:07:33.479] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:07:33.480] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:07:33.587] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux_https-1.pcap.TCP_192-168-163-21_42099_192-168-163-23_443.1726207974.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310853587, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726207974531385, "etime": 1726207974531385, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 42099, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:07:33.588] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:07:36.596] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24539 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49240.1727232119.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49240.1727232119.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=4f76b421c974b3fcc30aa63b4b85048a05bfd545d10d6a09d3484c95f266d369&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T120736Z"}
[2025-12-09 20:07:36.596] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:07:36.596] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:07:36.596] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:07:36.596] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:07:36.596] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:07:36.597] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:07:36.701] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49240.1727232119.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310856700, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727232119625195, "etime": 1727232119625195, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49240, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:07:36.701] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:07:39.699] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24126 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49249.1727232134.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49249.1727232134.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T120739Z&X-Amz-Signature=fa22a11e7490def4718a48cccc504c8339887d4f2401913cdca9280e357d9969&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:07:39.699] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:07:39.699] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:07:39.699] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:07:39.699] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:07:39.699] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:07:39.700] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:07:39.808] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49249.1727232134.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310859807, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727232134686353, "etime": 1727232134686353, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49249, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:07:39.808] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:07:42.806] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24127 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_https-1.pcap.TCP_192-168-163-21_41823_192-168-163-23_443.1726206680.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_https-1.pcap.TCP_192-168-163-21_41823_192-168-163-23_443.1726206680.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120742Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=4e6db4286f67f0aa5732900352ade25af07b7717561e59dacc68d37ce69eaff1"}
[2025-12-09 20:07:42.806] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:07:42.806] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:07:42.806] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:07:42.806] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:07:42.806] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:07:42.807] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:07:42.917] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_https-1.pcap.TCP_192-168-163-21_41823_192-168-163-23_443.1726206680.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310862916, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726206680103509, "etime": 1726206680103509, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 41823, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:07:42.917] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:07:45.927] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24540 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49236.1727232109.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49236.1727232109.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T120745Z&X-Amz-SignedHeaders=host&X-Amz-Signature=b72b7c70bf29a82b84b3a2f657ef45bede24e0e2685a7f8707aa2d55e77439f2"}
[2025-12-09 20:07:45.927] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:07:45.927] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:07:45.927] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:07:45.927] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:07:45.927] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:07:45.928] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:07:46.035] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49236.1727232109.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310866034, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727232109592276, "etime": 1727232109592276, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49236, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:07:46.035] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:07:49.045] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25770 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49251.1727232137.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49251.1727232137.jsonl?X-Amz-Date=20251209T120748Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=4bbc640921cc970afd754223a6a49317b846bf2aabe692ee002bb76bb3657b95"}
[2025-12-09 20:07:49.045] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:07:49.045] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:07:49.045] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:07:49.045] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:07:49.045] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:07:49.046] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:07:49.158] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49251.1727232137.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310869158, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727232137698976, "etime": 1727232137698976, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49251, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:07:49.158] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:07:52.166] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24541 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP2.pcap.TCP_192-168-112-140_51119_192-168-112-141_49197.1727231967.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP2.pcap.TCP_192-168-112-140_51119_192-168-112-141_49197.1727231967.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=f1aff1179468dd22fae54eff0a3e0a51e1db591c41864717ab9e27c93a64a356&X-Amz-Date=20251209T120751Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 20:07:52.166] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:07:52.166] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:07:52.166] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:07:52.166] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:07:52.166] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:07:52.167] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:07:52.276] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP2.pcap.TCP_192-168-112-140_51119_192-168-112-141_49197.1727231967.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310872276, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727231967331218, "etime": 1727231967331218, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49197, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:07:52.276] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:07:55.285] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24542 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP2.pcap.TCP_192-168-112-140_51119_192-168-112-141_49199.1727231975.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP2.pcap.TCP_192-168-112-140_51119_192-168-112-141_49199.1727231975.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T120754Z&X-Amz-Expires=604800&X-Amz-Signature=83ba6f7900443f0da738309efedf3f9e2d2ea4ffa313fb25e2f14d94fc3c02e3&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:07:55.285] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:07:55.286] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:07:55.286] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:07:55.286] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:07:55.286] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:07:55.287] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:07:55.399] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP2.pcap.TCP_192-168-112-140_51119_192-168-112-141_49199.1727231975.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310875398, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727231975365309, "etime": 1727231975365309, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49199, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:07:55.399] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:07:58.400] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25771 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49241.1727232119.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49241.1727232119.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=1e6c5e1a5a3ab6671c6459d562900ead1f63053a72c82c3b74f9b02fa4b4d921&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Date=20251209T120757Z"}
[2025-12-09 20:07:58.400] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:07:58.400] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:07:58.400] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:07:58.400] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:07:58.400] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:07:58.401] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:07:58.510] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49241.1727232119.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310878510, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727232119639666, "etime": 1727232119639666, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49241, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:07:58.510] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:08:01.511] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24543 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49248.1727232131.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49248.1727232131.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=cb426c39a23dc754e8335fc358ac23de3c90c94f16a79923ced7d249e39b5910&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T120801Z&X-Amz-Expires=604800"}
[2025-12-09 20:08:01.511] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:08:01.511] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:08:01.511] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:08:01.511] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:08:01.511] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:08:01.512] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:08:01.624] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49248.1727232131.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310881624, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727232131688173, "etime": 1727232131688173, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49248, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:08:01.624] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:08:04.626] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25772 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50458.1727159697.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50458.1727159697.jsonl?X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=78d2c847f6f963f740a4a6c18978d78f92f67c7e5a8f6d6e5c671d1e8483f642&X-Amz-Date=20251209T120804Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:08:04.626] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:08:04.626] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:08:04.626] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:08:04.626] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:08:04.626] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:08:04.627] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:08:04.739] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50458.1727159697.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310884738, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159697585727, "etime": 1727159697585727, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50458, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:08:04.739] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:08:07.732] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25773 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50482.1727159723.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50482.1727159723.jsonl?X-Amz-Signature=beab6ae41a426df07c0aa8b5fc53ae9bf0dbb0c47cc68f4a63300a7b46d15e70&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T120807Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:08:07.732] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:08:07.732] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:08:07.732] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:08:07.732] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:08:07.732] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:08:07.733] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:08:07.841] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50482.1727159723.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310887841, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159723824752, "etime": 1727159723824752, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50482, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:08:07.841] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:08:10.850] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24128 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49239.1727232116.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49239.1727232116.jsonl?X-Amz-Expires=604800&X-Amz-Date=20251209T120810Z&X-Amz-SignedHeaders=host&X-Amz-Signature=be9471f3765529dd05f6b0897b897558e07ab1f9344a6f53050b56cf73ac90b2&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:08:10.850] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:08:10.850] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:08:10.850] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:08:10.850] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:08:10.851] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:08:10.851] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:08:10.964] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49239.1727232116.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310890963, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727232116628907, "etime": 1727232116628907, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49239, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:08:10.964] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:08:13.962] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24544 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49250.1727232134.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49250.1727232134.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120813Z&X-Amz-SignedHeaders=host&X-Amz-Signature=bb847e423e4b1356013b3fcb859b94a61a983e417f10a8e92234553c9a693bd7&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 20:08:13.962] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:08:13.962] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:08:13.962] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:08:13.962] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:08:13.962] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:08:13.963] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:08:14.068] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49250.1727232134.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310894067, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727232134699906, "etime": 1727232134699906, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49250, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:08:14.068] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:08:17.073] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25774 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50449.1727159687.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50449.1727159687.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120816Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=bf997ab786ffe83c6cbdb08f597f8edd823323c1343b812e5f2139ce80c4b6ee&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:08:17.073] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:08:17.073] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:08:17.074] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:08:17.074] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:08:17.074] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:08:17.075] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:08:17.187] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50449.1727159687.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310897187, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159687117391, "etime": 1727159687117391, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50449, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:08:17.187] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:08:20.192] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24545 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50473.1727159714.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50473.1727159714.jsonl?X-Amz-Date=20251209T120819Z&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=5cf885f86db1d1496c8a7ee55591733ad93c78cec1b95d2c0cb21dd8f8908782"}
[2025-12-09 20:08:20.193] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:08:20.193] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:08:20.193] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:08:20.193] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:08:20.193] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:08:20.194] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:08:20.303] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50473.1727159714.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310900302, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159714527655, "etime": 1727159714527655, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50473, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:08:20.303] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:08:23.306] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24546 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49235.1727232105.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49235.1727232105.jsonl?X-Amz-Signature=c70c481d024b535c4016d61857f1594028964ee9625922185c5c57db28917e73&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120822Z"}
[2025-12-09 20:08:23.306] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:08:23.306] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:08:23.306] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:08:23.306] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:08:23.306] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:08:23.307] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:08:23.419] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49235.1727232105.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310903418, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727232105581000, "etime": 1727232105581000, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49235, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:08:23.419] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:08:26.420] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24547 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49242.1727232122.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49242.1727232122.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=01511d5c706ec5fdb5188d80161bc0a3078061054aeab1727ed79f3a819add30&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T120825Z&X-Amz-SignedHeaders=host"}
[2025-12-09 20:08:26.421] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:08:26.421] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:08:26.421] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:08:26.421] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:08:26.421] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:08:26.422] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:08:26.532] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49242.1727232122.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310906532, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727232122636829, "etime": 1727232122636829, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49242, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:08:26.532] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:08:29.536] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25775 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50495.1727159736.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50495.1727159736.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120829Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=59613a5d1215d917622528250f25a3c4c4edef7be84a0204273c950bf65a95de"}
[2025-12-09 20:08:29.536] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:08:29.536] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:08:29.536] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:08:29.536] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:08:29.536] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:08:29.537] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:08:29.641] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50495.1727159736.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310909641, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159736477442, "etime": 1727159736477442, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50495, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:08:29.641] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:08:32.654] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24548 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_52985_192-168-32-40_443.1726127488.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_52985_192-168-32-40_443.1726127488.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=15f9ac009c5f107daa0809cfcb981df131199a3f97298cacb828f6575ae0dd3d&X-Amz-Date=20251209T120832Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:08:32.654] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:08:32.654] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:08:32.654] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:08:32.654] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:08:32.654] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:08:32.655] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:08:32.764] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_52985_192-168-32-40_443.1726127488.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310912763, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726127488199764, "etime": 1726127488199764, "src_ip": "192.168.32.1", "dest_ip": "192.168.32.40", "src_port": 52985, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:08:32.764] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:08:35.767] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25776 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49234.1727232101.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49234.1727232101.jsonl?X-Amz-Date=20251209T120835Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=6c7110d03600ebe38de3b21901d8e0aa74839621976748f62a31d17ecfe65496&X-Amz-Expires=604800"}
[2025-12-09 20:08:35.768] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:08:35.768] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:08:35.768] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:08:35.768] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:08:35.768] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:08:35.769] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:08:35.878] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49234.1727232101.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310915878, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727232101568994, "etime": 1727232101568994, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49234, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:08:35.878] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:08:38.883] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24549 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49244.1727232125.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49244.1727232125.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=c80a635f250a15e3db0d96ab2c3e6e94dcaa3e482557647ab57677a51c3a3677&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T120838Z&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:08:38.883] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:08:38.883] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:08:38.883] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:08:38.883] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:08:38.883] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:08:38.884] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:08:38.996] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.pcap.TCP_192-168-112-140_51129_192-168-112-141_49244.1727232125.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310918995, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727232125648719, "etime": 1727232125648719, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49244, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:08:38.996] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:08:41.997] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25777 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_https-1.pcap.TCP_192-168-163-21_41529_192-168-163-23_443.1726205304.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_https-1.pcap.TCP_192-168-163-21_41529_192-168-163-23_443.1726205304.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T120841Z&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=7bf2e4544902b34ee25a8dd9ad0f41f6c6fae07d3aa443251d191f9bc2c163d1"}
[2025-12-09 20:08:41.997] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:08:41.997] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:08:41.997] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:08:41.997] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:08:41.997] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:08:41.998] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:08:42.106] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_https-1.pcap.TCP_192-168-163-21_41529_192-168-163-23_443.1726205304.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310922105, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726205304718263, "etime": 1726205304718263, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 41529, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:08:42.106] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:08:45.114] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25778 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_61661.1727518163.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_61661.1727518163.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T120844Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=de2c1027171b5cc4238f19d80bf1995d4347d28febb8d8ad127526cd5e0d3e6f&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:08:45.114] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:08:45.114] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:08:45.114] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:08:45.114] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:08:45.114] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:08:45.115] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:08:45.229] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_61661.1727518163.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310925228, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727518163289887, "etime": 1727518163289887, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 61661, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:08:45.229] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:08:48.230] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24550 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50448.1727159685.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50448.1727159685.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=f93760bed344440b09802a6c111da2db949eeeea526ce9e4ad7bcea650b5d5bb&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T120847Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 20:08:48.230] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:08:48.230] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:08:48.230] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:08:48.230] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:08:48.230] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:08:48.231] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:08:48.340] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50448.1727159685.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310928340, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159685978431, "etime": 1727159685978431, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50448, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:08:48.340] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:08:51.342] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25779 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50451.1727159689.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50451.1727159689.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120850Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=f1b864cccd0857080ebb1af875e18e12701b213b42e9ce0c4c94269151d0d415"}
[2025-12-09 20:08:51.342] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:08:51.342] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:08:51.342] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:08:51.342] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:08:51.342] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:08:51.343] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:08:51.453] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50451.1727159689.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310931453, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159689644836, "etime": 1727159689644836, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50451, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:08:51.453] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:08:54.460] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24551 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50452.1727159690.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50452.1727159690.jsonl?X-Amz-Date=20251209T120853Z&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=a259d12dbb0bcebee04ae1bf38552ce0d1f298ec189df76d5d06b10cd64b2bcf"}
[2025-12-09 20:08:54.461] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:08:54.461] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:08:54.461] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:08:54.461] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:08:54.461] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:08:54.462] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:08:54.574] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50452.1727159690.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310934573, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159690767728, "etime": 1727159690767728, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50452, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:08:54.574] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:08:57.574] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25780 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50453.1727159691.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50453.1727159691.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=8afc2f2da4d6d4e936fa709248767147408a0ccca66828b76b158d32aac3f8bc&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120857Z&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:08:57.574] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:08:57.574] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:08:57.574] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:08:57.574] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:08:57.574] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:08:57.575] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:08:57.686] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50453.1727159691.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310937685, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159691906984, "etime": 1727159691906984, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50453, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:08:57.686] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:09:00.689] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24552 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50454.1727159693.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50454.1727159693.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T120900Z&X-Amz-Expires=604800&X-Amz-Signature=17ec979c4973721e433e0a71e58818518fdbf022225ce5626989540695101f14&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:09:00.689] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:09:00.689] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:09:00.689] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:09:00.689] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:09:00.689] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:09:00.690] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:09:00.799] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50454.1727159693.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310940798, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159693045182, "etime": 1727159693045182, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50454, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:09:00.799] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:09:03.804] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24553 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50455.1727159694.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50455.1727159694.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=7e7223f647985e79486d9f8a3b417c1c5e39428f24a0b48e1e7a506995278a3e&X-Amz-Date=20251209T120903Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 20:09:03.804] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:09:03.804] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:09:03.804] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:09:03.804] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:09:03.804] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:09:03.805] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:09:03.914] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50455.1727159694.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310943914, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159694168659, "etime": 1727159694168659, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50455, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:09:03.914] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:09:06.915] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25781 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50456.1727159695.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50456.1727159695.jsonl?X-Amz-Date=20251209T120906Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=7c1e5a6c4e7ccf08ae09b7393d25dd2f51b44b6f42a6be7b73cdf3cd0a81cc5e&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:09:06.915] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:09:06.915] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:09:06.915] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:09:06.915] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:09:06.915] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:09:06.916] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:09:07.028] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50456.1727159695.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310947027, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159695308151, "etime": 1727159695308151, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50456, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:09:07.028] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:09:10.032] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25782 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50457.1727159696.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50457.1727159696.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=50de039fbc8099f6c9981c5ae8a758d30322418abf5d21d54a0b394371490585&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120909Z&X-Amz-SignedHeaders=host"}
[2025-12-09 20:09:10.032] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:09:10.032] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:09:10.032] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:09:10.032] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:09:10.032] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:09:10.033] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:09:10.144] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50457.1727159696.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310950143, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159696446756, "etime": 1727159696446756, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50457, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:09:10.144] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:09:13.148] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25783 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50460.1727159699.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50460.1727159699.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T120912Z&X-Amz-SignedHeaders=host&X-Amz-Signature=fe0709b1ebada7f465067686d085c01b73e9c539dbd3455285e8fda294f09361&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:09:13.148] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:09:13.148] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:09:13.148] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:09:13.149] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:09:13.149] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:09:13.149] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:09:13.259] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50460.1727159699.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310953258, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159699785755, "etime": 1727159699785755, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50460, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:09:13.259] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:09:16.259] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24129 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50461.1727159700.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50461.1727159700.jsonl?X-Amz-Signature=20d233e53f119d51df647e41c2329900b4ba5b9313268e01862a5113296849a1&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120915Z&X-Amz-Expires=604800"}
[2025-12-09 20:09:16.259] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:09:16.259] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:09:16.259] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:09:16.259] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:09:16.259] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:09:16.260] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:09:16.376] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50461.1727159700.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310956375, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159700923084, "etime": 1727159700923084, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50461, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:09:16.376] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:09:19.375] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25784 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50462.1727159702.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50462.1727159702.jsonl?X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=60f1cb0fb1d71d75dc13df37750805516d6b6ebc926341dd1ad905bbd738178b&X-Amz-Date=20251209T120918Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:09:19.375] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:09:19.375] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:09:19.375] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:09:19.375] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:09:19.375] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:09:19.376] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:09:19.480] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50462.1727159702.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310959480, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159702046585, "etime": 1727159702046585, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50462, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:09:19.480] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:09:22.479] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25785 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50463.1727159703.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50463.1727159703.jsonl?X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=67583efacfee905eb288ad527f33a8f1a1f824d437e782b37f1c2c28752002ec&X-Amz-Date=20251209T120921Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:09:22.480] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:09:22.480] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:09:22.480] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:09:22.480] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:09:22.480] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:09:22.481] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:09:22.587] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50463.1727159703.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310962586, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159703185523, "etime": 1727159703185523, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50463, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:09:22.587] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:09:25.600] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25786 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50464.1727159704.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50464.1727159704.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T120925Z&X-Amz-Signature=033026026bd9462eab9b3e37e44e6622a371a58e8035474ed48220944411be7e"}
[2025-12-09 20:09:25.600] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:09:25.600] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:09:25.601] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:09:25.601] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:09:25.601] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:09:25.602] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:09:25.713] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50464.1727159704.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310965712, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159704324389, "etime": 1727159704324389, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50464, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:09:25.713] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:09:28.703] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25787 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50465.1727159705.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50465.1727159705.jsonl?X-Amz-Signature=5254ce2f536c8658f555f211b54fa908eca5535b06f5d20687be6339ec9d37d2&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T120928Z&X-Amz-Expires=604800"}
[2025-12-09 20:09:28.703] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:09:28.703] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:09:28.703] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:09:28.703] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:09:28.703] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:09:28.704] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:09:28.810] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50465.1727159705.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310968809, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159705462830, "etime": 1727159705462830, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50465, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:09:28.810] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:09:31.814] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25788 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50466.1727159706.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50466.1727159706.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T120931Z&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=a7970c0bd7cc825b5bd7151ebbb180e9a705e611890ca03c9cffef633c88f62c"}
[2025-12-09 20:09:31.814] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:09:31.814] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:09:31.814] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:09:31.814] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:09:31.814] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:09:31.815] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:09:31.925] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50466.1727159706.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310971925, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159706602484, "etime": 1727159706602484, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50466, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:09:31.925] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:09:34.923] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25789 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50467.1727159707.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50467.1727159707.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120934Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=ce579eef0b0382ad9ee778c0c4153827c3e09a863e0ba45a9ed415cb5f6583d8"}
[2025-12-09 20:09:34.923] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:09:34.923] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:09:34.924] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:09:34.924] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:09:34.924] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:09:34.925] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:09:35.032] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50467.1727159707.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310975032, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159707740555, "etime": 1727159707740555, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50467, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:09:35.032] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:09:38.033] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25790 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50468.1727159708.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50468.1727159708.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=e6510ccc7416388553cc795a602f122f7af7d9fee1793ed7d48cfb2d25c11cfc&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T120937Z"}
[2025-12-09 20:09:38.033] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:09:38.033] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:09:38.033] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:09:38.033] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:09:38.033] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:09:38.034] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:09:38.144] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50468.1727159708.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310978143, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159708879774, "etime": 1727159708879774, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50468, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:09:38.144] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:09:41.148] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24130 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50469.1727159710.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50469.1727159710.jsonl?X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=4297300a55f2913084ca96d1811e12c1f9a16fc6264487dbb924c8b5015d5ecf&X-Amz-Date=20251209T120940Z"}
[2025-12-09 20:09:41.148] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:09:41.148] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:09:41.148] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:09:41.148] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:09:41.148] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:09:41.149] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:09:41.259] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50469.1727159710.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310981259, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159710002755, "etime": 1727159710002755, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50469, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:09:41.259] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:09:44.251] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24554 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50470.1727159711.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50470.1727159711.jsonl?X-Amz-Expires=604800&X-Amz-Signature=3b42f68bd6c472167af43af03d9d7cb550e8de66dd1203429a9f40c450c89031&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T120943Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 20:09:44.251] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:09:44.251] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:09:44.251] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:09:44.251] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:09:44.251] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:09:44.252] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:09:44.357] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50470.1727159711.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310984357, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159711127348, "etime": 1727159711127348, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50470, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:09:44.357] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:09:47.365] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24555 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50471.1727159712.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50471.1727159712.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=32165e52e5d8e4b9decc8f158c8e4603ce204407aa0508fbf7104f8da9ef5441&X-Amz-Date=20251209T120946Z&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:09:47.365] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:09:47.365] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:09:47.365] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:09:47.365] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:09:47.365] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:09:47.366] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:09:47.476] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50471.1727159712.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310987475, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159712264573, "etime": 1727159712264573, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50471, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:09:47.476] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:09:50.483] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25791 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50472.1727159713.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50472.1727159713.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=8275da2912725c1cd81a92ca31f1530113757a04f2e664976ba0200d02f232c6&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T120949Z&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:09:50.483] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:09:50.483] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:09:50.484] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:09:50.484] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:09:50.484] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:09:50.485] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:09:50.594] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50472.1727159713.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310990594, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159713388064, "etime": 1727159713388064, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50472, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:09:50.594] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:09:53.586] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24131 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50475.1727159715.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50475.1727159715.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120953Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=82b87c478a80e3b74f695f5468bbfd78a57c54bb1c5590514ac4fb734b921b58"}
[2025-12-09 20:09:53.587] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:09:53.587] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:09:53.587] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:09:53.587] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:09:53.587] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:09:53.588] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:09:53.685] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50475.1727159715.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310993685, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159715806939, "etime": 1727159715806939, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50475, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:09:53.685] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:09:56.690] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25792 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50476.1727159716.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50476.1727159716.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120956Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=bdb69c2299e3dfa6061839fa51a9916baeb3a293307313210ece94cf3cd1a894"}
[2025-12-09 20:09:56.690] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:09:56.690] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:09:56.690] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:09:56.690] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:09:56.690] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:09:56.691] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:09:56.796] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50476.1727159716.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310996796, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159716945137, "etime": 1727159716945137, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50476, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:09:56.796] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:09:59.812] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24556 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50477.1727159718.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50477.1727159718.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T120959Z&X-Amz-Signature=2a35c05c6b30c32f079ff4e640cb8ea2e6664e86775fd62d4aa5f0dbf12d4593&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Expires=604800"}
[2025-12-09 20:09:59.812] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:09:59.812] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:09:59.812] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:09:59.813] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:09:59.813] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:09:59.813] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:09:59.926] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50477.1727159718.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765310999925, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159718067988, "etime": 1727159718067988, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50477, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:09:59.926] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:10:02.926] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25793 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50478.1727159719.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50478.1727159719.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=0cbdc63cf973e0ea1f959641ccc70cc0866929b3f558a84c781110b6b7b35aa7&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T121002Z"}
[2025-12-09 20:10:02.926] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:10:02.926] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:10:02.927] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:10:02.927] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:10:02.927] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:10:02.928] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:10:03.036] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50478.1727159719.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311003036, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159719222201, "etime": 1727159719222201, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50478, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:10:03.036] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:10:06.038] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25794 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50479.1727159720.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50479.1727159720.jsonl?X-Amz-Date=20251209T121005Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=a83f77a132fbb1b04d82c94fdb44fa5a2532e8e9974f47374689d2bfa9ff9be1&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 20:10:06.038] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:10:06.038] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:10:06.038] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:10:06.038] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:10:06.038] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:10:06.039] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:10:06.144] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50479.1727159720.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311006143, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159720377717, "etime": 1727159720377717, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50479, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:10:06.144] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:10:09.151] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25795 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50480.1727159721.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50480.1727159721.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T121008Z&X-Amz-SignedHeaders=host&X-Amz-Signature=3cb9173f32b5117791ea77495c869bb86112ef6990cfcb4ffedc04e8d761534b&X-Amz-Expires=604800"}
[2025-12-09 20:10:09.151] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:10:09.151] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:10:09.151] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:10:09.152] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:10:09.152] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:10:09.152] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:10:09.262] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50480.1727159721.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311009262, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159721547155, "etime": 1727159721547155, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50480, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:10:09.262] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:10:12.254] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24132 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50481.1727159722.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50481.1727159722.jsonl?X-Amz-Date=20251209T121011Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=e61d2c09f27a8ec8728ccb9ee0caaed1914e6d5d6996df7e4fd9ec9df50b9260&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:10:12.254] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:10:12.254] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:10:12.254] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:10:12.254] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:10:12.254] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:10:12.255] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:10:12.361] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50481.1727159722.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311012360, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159722687145, "etime": 1727159722687145, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50481, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:10:12.361] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:10:15.366] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24133 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50484.1727159725.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50484.1727159725.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T121014Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=5222a78328eb6695a451159135aee016e5fc24bcb4597733303544b149a576ce"}
[2025-12-09 20:10:15.366] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:10:15.366] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:10:15.366] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:10:15.366] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:10:15.366] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:10:15.368] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:10:15.473] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50484.1727159725.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311015472, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159725135017, "etime": 1727159725135017, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50484, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:10:15.473] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:10:18.478] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24134 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50485.1727159726.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50485.1727159726.jsonl?X-Amz-Expires=604800&X-Amz-Date=20251209T121017Z&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=d038dbfb0f922e4b2665b4a0a27f88963f20824129aa59a48c3d5d74509bc82b&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:10:18.478] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:10:18.478] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:10:18.478] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:10:18.478] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:10:18.478] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:10:18.479] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:10:18.589] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50485.1727159726.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311018588, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159726274300, "etime": 1727159726274300, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50485, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:10:18.589] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:10:21.601] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24557 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50486.1727159727.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50486.1727159727.jsonl?X-Amz-Signature=026139ed179d3d939ad1c83c3c0418f352fa1b9718ab886d7d9a937c654285e1&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T121021Z"}
[2025-12-09 20:10:21.601] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:10:21.601] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:10:21.601] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:10:21.602] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:10:21.602] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:10:21.602] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:10:21.709] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50486.1727159727.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311021708, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159727397092, "etime": 1727159727397092, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50486, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:10:21.709] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:10:24.710] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24135 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50487.1727159728.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50487.1727159728.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=289cef8b41c3818102c7c3463eae4cc20a20f2f420e6129e1aef1e008447b420&X-Amz-Expires=604800&X-Amz-Date=20251209T121024Z"}
[2025-12-09 20:10:24.710] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:10:24.710] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:10:24.710] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:10:24.710] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:10:24.710] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:10:24.711] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:10:24.820] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50487.1727159728.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311024819, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159728536281, "etime": 1727159728536281, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50487, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:10:24.820] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:10:27.826] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24136 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50488.1727159729.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50488.1727159729.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=f5e0f28bb3b0203fbba487c5124f8170fe06d4816d7b1bba8277fdc32e2ac2b5&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T121027Z&X-Amz-Expires=604800"}
[2025-12-09 20:10:27.826] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:10:27.826] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:10:27.826] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:10:27.826] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:10:27.826] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:10:27.827] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:10:27.937] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50488.1727159729.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311027936, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159729675095, "etime": 1727159729675095, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50488, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:10:27.937] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:10:30.939] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24137 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50489.1727159730.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50489.1727159730.jsonl?X-Amz-Date=20251209T121030Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=52f506da4599b440356b84245f69418e3f2438fa6f3a5a50f9c710755804bb72&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:10:30.939] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:10:30.939] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:10:30.939] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:10:30.939] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:10:30.939] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:10:30.940] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:10:31.053] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50489.1727159730.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311031053, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159730813196, "etime": 1727159730813196, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50489, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:10:31.053] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:10:34.051] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24558 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50490.1727159731.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50490.1727159731.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T121033Z&X-Amz-Signature=3b3ad26e1a5bd184ee4349fff7a9670d593b60bf56a1bdb6463b1cfd437606fd&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 20:10:34.051] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:10:34.051] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:10:34.052] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:10:34.052] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:10:34.052] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:10:34.052] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:10:34.158] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50490.1727159731.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311034157, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159731936760, "etime": 1727159731936760, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50490, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:10:34.158] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:10:37.159] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24559 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50491.1727159733.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50491.1727159733.jsonl?X-Amz-Date=20251209T121036Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=3801a68dfc1ac49eac81b09f3136787135be0fdec17c0edb8054a576ea9bac58&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:10:37.159] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:10:37.159] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:10:37.159] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:10:37.159] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:10:37.159] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:10:37.160] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:10:37.265] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50491.1727159733.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311037265, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159733075751, "etime": 1727159733075751, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50491, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:10:37.265] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:10:40.274] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24560 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50492.1727159734.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50492.1727159734.jsonl?X-Amz-Signature=9ce5732147c103f692b5828dec7e567e85f481a70a26193130d70b5203bcc061&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T121039Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 20:10:40.274] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:10:40.274] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:10:40.274] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:10:40.275] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:10:40.275] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:10:40.275] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:10:40.386] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50492.1727159734.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311040386, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159734214305, "etime": 1727159734214305, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50492, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:10:40.386] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:10:43.390] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24138 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50493.1727159735.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50493.1727159735.jsonl?X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=26b2901dcb9b2fab9ea4c07ce7e71ce0bd1e8139a597652b273309b3c08dc605&X-Amz-Date=20251209T121042Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:10:43.390] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:10:43.390] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:10:43.391] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:10:43.391] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:10:43.391] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:10:43.392] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:10:43.502] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50493.1727159735.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311043501, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159735353447, "etime": 1727159735353447, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50493, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:10:43.502] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:10:46.506] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25796 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50474.1727159714.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50474.1727159714.jsonl?X-Amz-Date=20251209T121046Z&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=8ad5327f4777ef7eee3c923e2151cc82badd1c9e492e0f905701551df449057e&X-Amz-Expires=604800"}
[2025-12-09 20:10:46.506] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:10:46.506] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:10:46.506] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:10:46.506] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:10:46.506] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:10:46.507] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:10:46.619] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50474.1727159714.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311046618, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159714668711, "etime": 1727159714668711, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50474, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:10:46.619] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:10:49.608] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24561 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50483.1727159724.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50483.1727159724.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=b0da0d618339eceeaf54c0a6839c8475ab7af12254273d7ca3e20d35b93ca046&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T121049Z"}
[2025-12-09 20:10:49.608] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:10:49.608] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:10:49.609] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:10:49.609] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:10:49.609] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:10:49.609] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:10:49.712] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50483.1727159724.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311049712, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727159724002024, "etime": 1727159724002024, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50483, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:10:49.712] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:10:52.726] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25797 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_54358.1726130503.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_54358.1726130503.jsonl?X-Amz-Date=20251209T121052Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=2564e1f3a24adabad3d603a5897d0b6139a64859f26ccaa5fbf3ae7f9a896d19"}
[2025-12-09 20:10:52.727] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:10:52.727] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:10:52.727] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:10:52.727] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:10:52.727] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:10:52.728] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:10:52.838] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_54358.1726130503.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311052837, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130503165571, "etime": 1726130503165571, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 54358, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:10:52.838] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:10:55.847] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24562 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-http-1.pcap.TCP_192-168-163-21_42210_192-168-163-23_80.1726208586.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-http-1.pcap.TCP_192-168-163-21_42210_192-168-163-23_80.1726208586.jsonl?X-Amz-Date=20251209T121055Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=ac60ebe4cadf8795b1e47af1d3d5decdcfdc2ed1d363f7a533bbe9a9be169255&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:10:55.847] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:10:55.847] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:10:55.848] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:10:55.848] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:10:55.848] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:10:55.849] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:10:55.958] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-http-1.pcap.TCP_192-168-163-21_42210_192-168-163-23_80.1726208586.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311055958, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726208586651410, "etime": 1726208586651410, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 42210, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:10:55.958] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:10:58.965] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24139 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https4.pcap.TCP_192-168-112-1_53555_192-168-112-135_443.1726624870.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https4.pcap.TCP_192-168-112-1_53555_192-168-112-135_443.1726624870.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T121058Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=2597fae178f5d8e2990d9dfbbbfa4d37eef079efd4924f371aa7068f7df2917a&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:10:58.965] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:10:58.965] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:10:58.966] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:10:58.966] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:10:58.966] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:10:58.966] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:10:59.077] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https4.pcap.TCP_192-168-112-1_53555_192-168-112-135_443.1726624870.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311059076, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726624870646485, "etime": 1726624870646485, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 53555, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:10:59.077] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:10:59.077] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:10:59.077] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:11:02.082] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24563 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-136_44848.1726132117.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-136_44848.1726132117.jsonl?X-Amz-Expires=604800&X-Amz-Date=20251209T121101Z&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=2f9aade58bd999d0b27aca99843c7a7450bdbb4ec8cb03a59f4833a511233419&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:11:02.082] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:11:02.082] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:11:02.082] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:11:02.082] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:11:02.082] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:11:02.083] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:11:02.195] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-136_44848.1726132117.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311062195, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132117120758, "etime": 1726132117120758, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44848, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:11:02.195] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:11:05.186] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24564 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-136_44852.1726132120.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-136_44852.1726132120.jsonl?X-Amz-Signature=fa29665b3112ad4e87b308013f2c8e679a842ac3436cde93beedccae60df9748&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T121104Z"}
[2025-12-09 20:11:05.186] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:11:05.186] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:11:05.186] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:11:05.186] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:11:05.186] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:11:05.187] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:11:05.296] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-136_44852.1726132120.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311065296, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132120173753, "etime": 1726132120173753, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44852, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:11:05.296] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:11:08.303] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25798 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44884.1726132168.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44884.1726132168.jsonl?X-Amz-Date=20251209T121107Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=ddb74753ad71ac4b59ef3eb5991cb84ab543d4d56909e2318d8596519a6b4ee2&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Expires=604800"}
[2025-12-09 20:11:08.303] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:11:08.303] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:11:08.304] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:11:08.304] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:11:08.304] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:11:08.305] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:11:08.418] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44884.1726132168.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311068417, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132168993637, "etime": 1726132168993637, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44884, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:11:08.418] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:11:11.419] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24565 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44886.1726132172.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44886.1726132172.jsonl?X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=9bcf30a3e07419a382349ad1b2044a4bc7f1e41c8971e38bd6cd6e9633a20cc2&X-Amz-Date=20251209T121110Z"}
[2025-12-09 20:11:11.419] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:11:11.419] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:11:11.419] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:11:11.419] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:11:11.419] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:11:11.420] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:11:11.531] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44886.1726132172.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311071531, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132172046278, "etime": 1726132172046278, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44886, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:11:11.531] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:11:14.536] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25799 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44890.1726132175.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44890.1726132175.jsonl?X-Amz-Date=20251209T121114Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=03db577a047db37676f8fe4c7286f56bda62c3901ec038a79610e6249fb7967f&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:11:14.536] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:11:14.536] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:11:14.537] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:11:14.537] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:11:14.537] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:11:14.538] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:11:14.651] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44890.1726132175.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311074651, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132175097382, "etime": 1726132175097382, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44890, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:11:14.651] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:11:17.648] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25800 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44894.1726132178.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44894.1726132178.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=c0116a11f0a395ae8531bd3611a5c5e74041725f29240f946984faa7fa7e7f99&X-Amz-Date=20251209T121117Z"}
[2025-12-09 20:11:17.649] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:11:17.649] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:11:17.649] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:11:17.649] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:11:17.649] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:11:17.650] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:11:17.754] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-136_44894.1726132178.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311077753, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132178151026, "etime": 1726132178151026, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44894, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:11:17.754] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:11:20.763] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24566 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44906.1726132207.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44906.1726132207.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=7f70cb3312ba5a1a99812f506f8e504ea88f2034975bf6e7186865e70d42c29e&X-Amz-Expires=604800&X-Amz-Date=20251209T121120Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 20:11:20.763] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:11:20.763] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:11:20.763] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:11:20.763] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:11:20.763] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:11:20.764] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:11:20.874] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44906.1726132207.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311080874, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132207011307, "etime": 1726132207011307, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44906, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:11:20.874] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:11:23.877] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25801 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44910.1726132213.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44910.1726132213.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=fed7500bc28ba04817d669cca0cd165a71d28dc64ae748340d86c6e19b7621fa&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T121123Z"}
[2025-12-09 20:11:23.877] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:11:23.877] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:11:23.878] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:11:23.878] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:11:23.878] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:11:23.878] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:11:23.988] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44910.1726132213.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311083988, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132213139514, "etime": 1726132213139514, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44910, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:11:23.989] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:11:26.990] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24140 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44914.1726132216.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44914.1726132216.jsonl?X-Amz-Signature=5ff37cd393aa634c22d7a007893e4fc0d7e6b117ebd16c514a7607ffc21d261c&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T121126Z"}
[2025-12-09 20:11:26.990] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:11:26.990] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:11:26.990] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:11:26.990] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:11:26.990] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:11:26.991] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:11:27.100] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44914.1726132216.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311087099, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132216193720, "etime": 1726132216193720, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44914, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:11:27.100] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:11:30.101] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24141 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44918.1726132219.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44918.1726132219.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=3db6e97cfbc9c5a393ad4b6eb56018849e837ca33b54504e175c06f8bc3d7142&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T121129Z"}
[2025-12-09 20:11:30.101] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:11:30.101] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:11:30.101] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:11:30.101] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:11:30.101] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:11:30.102] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:11:30.212] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-136_44918.1726132219.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311090212, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132219245930, "etime": 1726132219245930, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44918, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:11:30.212] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:11:33.213] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24567 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53328.1726132246.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53328.1726132246.jsonl?X-Amz-Date=20251209T121132Z&X-Amz-Signature=61d781362307e6c5b9711cba40e9573ae2cbfe8af96a424dcde2698ce57e63c8&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:11:33.213] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:11:33.213] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:11:33.213] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:11:33.213] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:11:33.213] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:11:33.214] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:11:33.315] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53328.1726132246.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311093315, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132246862528, "etime": 1726132246862528, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53328, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:11:33.315] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:11:36.315] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24142 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53330.1726132249.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53330.1726132249.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T121135Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=721f2df79eb04aea3e5d6ef060d219de7559dcb024d6f01eaf029a791c3d2701"}
[2025-12-09 20:11:36.315] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:11:36.315] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:11:36.316] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:11:36.316] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:11:36.316] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:11:36.316] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:11:36.423] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53330.1726132249.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311096423, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132249914625, "etime": 1726132249914625, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53330, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:11:36.423] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:11:39.433] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24568 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53334.1726132252.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53334.1726132252.jsonl?X-Amz-Signature=40b7e4922ecc38099855f9e78ebc094b53e546c1c7be7377f6d95831156c1c39&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T121138Z"}
[2025-12-09 20:11:39.433] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:11:39.433] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:11:39.433] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:11:39.433] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:11:39.433] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:11:39.434] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:11:39.544] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53334.1726132252.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311099543, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132252969003, "etime": 1726132252969003, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53334, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:11:39.544] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:11:42.550] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24569 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53338.1726132256.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53338.1726132256.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T121142Z&X-Amz-Expires=604800&X-Amz-Signature=7f08ccfb9ee06233b63f5f6984feb0f04d066aaa401bf71eba19e3bf9eb89b1d&X-Amz-SignedHeaders=host"}
[2025-12-09 20:11:42.550] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:11:42.550] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:11:42.550] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:11:42.550] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:11:42.550] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:11:42.551] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:11:42.660] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-136_53338.1726132256.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311102660, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132256021915, "etime": 1726132256021915, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53338, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:11:42.660] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:11:45.670] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25802 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_33840.1726130414.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_33840.1726130414.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T121145Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=f1e77d62dd991b7eeccdcb5e4e146347410894b9b15a01fd273901a9f4b0f177"}
[2025-12-09 20:11:45.670] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:11:45.670] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:11:45.670] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:11:45.670] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:11:45.670] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:11:45.671] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:11:45.784] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_33840.1726130414.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311105784, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130414939435, "etime": 1726130414939435, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 33840, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:11:45.784] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:11:48.786] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25803 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_33860.1726130421.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_33860.1726130421.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=f7711e546a3c3bd5d1be6f06685d136ad6e317250b0b385a6a6cf2263f713fdc&X-Amz-Expires=604800&X-Amz-Date=20251209T121148Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:11:48.786] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:11:48.786] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:11:48.786] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:11:48.786] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:11:48.786] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:11:48.787] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:11:48.898] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_33860.1726130421.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311108897, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130421086662, "etime": 1726130421086662, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 33860, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:11:48.898] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:11:51.902] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24570 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_35930.1726130424.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_35930.1726130424.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=0b12dce92b6ef6f50ec5b54edaaf50410d56aa2506a6bfd8c9c6c67041fa7604&X-Amz-Date=20251209T121151Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:11:51.902] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:11:51.902] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:11:51.902] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:11:51.902] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:11:51.902] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:11:51.903] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:11:52.016] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_35930.1726130424.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311112016, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130424166404, "etime": 1726130424166404, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 35930, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:11:52.016] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:11:55.019] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24571 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_35948.1726130427.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_35948.1726130427.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=6c0aea2b9f73f8412961729622567268a37ee69bf318a6a4c4165f7fb1eeef82&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T121154Z&X-Amz-Expires=604800"}
[2025-12-09 20:11:55.019] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:11:55.020] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:11:55.020] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:11:55.020] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:11:55.020] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:11:55.021] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:11:55.133] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_35948.1726130427.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311115133, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130427241682, "etime": 1726130427241682, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 35948, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:11:55.133] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:11:58.137] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24143 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_52872.1726130411.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_52872.1726130411.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=00142a2b3b1bedc38d908592f29e83b6a845bb96cc52a14ebb2545b8a348f21b&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T121157Z&X-Amz-Expires=604800"}
[2025-12-09 20:11:58.137] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:11:58.137] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:11:58.137] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:11:58.137] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:11:58.137] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:11:58.138] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:11:58.249] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.pcap.TCP_192-168-112-135_51129_192-168-112-140_52872.1726130411.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311118249, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130411855319, "etime": 1726130411855319, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 52872, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:11:58.249] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:12:01.255] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25804 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_37014.1726130500.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_37014.1726130500.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=3db45be1138de3ba2c7b76a3a0289bbee7b4ef5ea4cc037c69805e2d089d9c60&X-Amz-Date=20251209T121200Z&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:12:01.255] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:12:01.255] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:12:01.255] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:12:01.255] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:12:01.255] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:12:01.256] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:12:01.366] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_37014.1726130500.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311121366, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130500091262, "etime": 1726130500091262, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 37014, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:12:01.366] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:12:04.363] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24144 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_54374.1726130506.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_54374.1726130506.jsonl?X-Amz-Signature=72e7f0ae5ed46289889a8416270ff1807655dad8d5225900a44d3cc499752dd6&X-Amz-Date=20251209T121203Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 20:12:04.363] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:12:04.363] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:12:04.363] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:12:04.363] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:12:04.363] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:12:04.364] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:12:04.465] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain2.pcap.TCP_192-168-112-135_51129_192-168-112-140_54374.1726130506.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311124465, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130506245061, "etime": 1726130506245061, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 54374, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:12:04.465] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:12:07.483] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25805 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_51470.1726130544.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_51470.1726130544.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T121206Z&X-Amz-Signature=63efc34205fa59c75c68152b6d82ac95a062a43d39cfce74350bd373f934db29"}
[2025-12-09 20:12:07.483] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:12:07.483] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:12:07.483] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:12:07.483] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:12:07.483] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:12:07.484] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:12:07.593] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_51470.1726130544.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311127593, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130544472411, "etime": 1726130544472411, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 51470, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:12:07.593] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:12:10.604] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24572 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_51490.1726130547.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_51490.1726130547.jsonl?X-Amz-Expires=604800&X-Amz-Signature=7b6a04acf2b0816ea93590301d1f9811a1f0947eead996a8a7abeb0e201665b9&X-Amz-Date=20251209T121210Z&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:12:10.604] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:12:10.604] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:12:10.604] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:12:10.604] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:12:10.604] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:12:10.605] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:12:10.716] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_51490.1726130547.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311130716, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130547543493, "etime": 1726130547543493, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 51490, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:12:10.716] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:12:13.720] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24573 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_51740.1726130538.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_51740.1726130538.jsonl?X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=a9482989343bba1daf510f0374286348c62084520f80aca2bbd57b370eca14c7&X-Amz-Date=20251209T121213Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 20:12:13.720] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:12:13.720] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:12:13.721] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:12:13.721] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:12:13.721] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:12:13.722] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:12:13.833] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.pcap.TCP_192-168-112-135_51129_192-168-112-140_51740.1726130538.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311133832, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130538314294, "etime": 1726130538314294, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 51740, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:12:13.833] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:12:16.824] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25806 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_41946.1726130604.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_41946.1726130604.jsonl?X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T121216Z&X-Amz-SignedHeaders=host&X-Amz-Signature=4054e9d4f6f640c030191cc0c5fe7bf9b23b3c166d10eeceb82dc1d26f18e1d5&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:12:16.824] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:12:16.824] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:12:16.824] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:12:16.824] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:12:16.824] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:12:16.825] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:12:16.930] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.pcap.TCP_192-168-112-135_51119_192-168-112-140_41946.1726130604.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311136930, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130604020234, "etime": 1726130604020234, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 41946, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:12:16.930] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:15:49.826] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24145 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-https-1.pcap.TCP_192-168-163-21_42261_192-168-163-23_443.1726208830.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-https-1.pcap.TCP_192-168-163-21_42261_192-168-163-23_443.1726208830.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T121549Z&X-Amz-Signature=a42407824836c1ed69ce83fca127084c92b4509ff7abfa1ebc92598d6fba1307"}
[2025-12-09 20:15:49.826] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:15:49.826] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:15:49.826] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:15:49.826] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:15:49.826] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:15:49.827] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:15:49.937] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-https-1.pcap.TCP_192-168-163-21_42261_192-168-163-23_443.1726208830.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311349936, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726208830209313, "etime": 1726208830209313, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 42261, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:15:49.937] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:15:52.957] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24574 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID60_behinderv4.1_aspx_winserver2012r2-tls1.2_1.pcap.TCP_10-0-4-15_4433_111-53-218-171_11605.1726284537.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID60_behinderv4.1_aspx_winserver2012r2-tls1.2_1.pcap.TCP_10-0-4-15_4433_111-53-218-171_11605.1726284537.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T121552Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=196c592c251b9aa005bf715deb2b54ff9e2081e2863612c90202e066eb234999"}
[2025-12-09 20:15:52.957] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:15:52.957] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:15:52.957] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:15:52.957] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:15:52.957] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:15:52.958] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:15:53.070] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID60_behinderv4.1_aspx_winserver2012r2-tls1.2_1.pcap.TCP_10-0-4-15_4433_111-53-218-171_11605.1726284537.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311353069, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726284537353911, "etime": 1726284537353911, "src_ip": "111.53.218.171", "dest_ip": "10.0.4.15", "src_port": 11605, "dest_port": 4433, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:15:53.070] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:15:56.095] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24146 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_domain_mogai.1726023698.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_domain_mogai.1726023698.jsonl?X-Amz-Signature=b1d2f7224da0f2481e020de3f7166c3314e6374ac3fbe6faf5db554fbbf0f5d6&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T121555Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:15:56.095] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:15:56.095] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:15:56.096] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:15:56.096] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:15:56.096] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:15:56.096] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:15:56.209] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_domain_mogai.1726023698.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311356208, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726023698586201, "etime": 1726023698586201, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.24", "src_port": 50196, "dest_port": 50050, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:15:56.209] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:15:59.208] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25807 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-http-1.pcap.TCP_192-168-163-21_42203_192-168-163-23_80.1726208539.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-http-1.pcap.TCP_192-168-163-21_42203_192-168-163-23_80.1726208539.jsonl?X-Amz-Date=20251209T121558Z&X-Amz-Expires=604800&X-Amz-Signature=a2cda8362c20f6f4a2439dd892e5bc9d29ee832adf0f0281267cdaf3be669566&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 20:15:59.208] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:15:59.208] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:15:59.208] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:15:59.208] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:15:59.208] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:15:59.209] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:15:59.319] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID64_godzillav4.01_php_linux-http-1.pcap.TCP_192-168-163-21_42203_192-168-163-23_80.1726208539.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311359318, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726208539303872, "etime": 1726208539303872, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 42203, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:15:59.319] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:16:02.331] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24147 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_domain_mogai.pcap.TCP_192-168-88-24_50050_192-168-88-28_50196.1726023698.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_domain_mogai.pcap.TCP_192-168-88-24_50050_192-168-88-28_50196.1726023698.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=e48343248b40e458484f236ab50d55befaac31d04a9d6279d45a53c03d91bc39&X-Amz-Date=20251209T121601Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:16:02.331] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:16:02.331] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:16:02.331] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:16:02.332] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:16:02.332] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:16:02.332] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:16:02.444] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_domain_mogai.pcap.TCP_192-168-88-24_50050_192-168-88-28_50196.1726023698.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311362444, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726023698586201, "etime": 1726023698586201, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.24", "src_port": 50196, "dest_port": 50050, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:16:02.444] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:16:05.470] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24575 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP.1726040056.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP.1726040056.jsonl?X-Amz-Date=20251209T121604Z&X-Amz-Signature=8b3e441a9699645d015eb64ded01227466b6486b1501f4fbc96b9230d31db33c&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:16:05.470] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:16:05.470] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:16:05.470] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:16:05.470] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:16:05.470] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:16:05.471] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:16:05.581] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP.1726040056.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311365580, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726040056943634, "etime": 1726040056943634, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49212, "dest_port": 50050, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:16:05.581] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:16:08.629] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25808 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP.pcap.TCP_192-168-88-24_50050_192-168-88-30_49212.1726040056.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP.pcap.TCP_192-168-88-24_50050_192-168-88-30_49212.1726040056.jsonl?X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T121608Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=1a899cfbdd7c9ef17f49d40baaed898765c99fc2e39d361b71cb8b504aa5b3fe&X-Amz-Expires=604800"}
[2025-12-09 20:16:08.629] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:16:08.629] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:16:08.630] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:16:08.630] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:16:08.630] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:16:08.631] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:16:08.741] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP.pcap.TCP_192-168-88-24_50050_192-168-88-30_49212.1726040056.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311368741, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726040056943634, "etime": 1726040056943634, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49212, "dest_port": 50050, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:16:08.741] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:16:11.784] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24576 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID23-tls1.3CS4.8_mac_ubuntu_jdk_domain3.1726211430.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID23-tls1.3CS4.8_mac_ubuntu_jdk_domain3.1726211430.jsonl?X-Amz-Signature=ad8d6f9d094515940698dcfe1d7b491e532e7a468a9cdceb65dd995cb16b4fbe&X-Amz-Date=20251209T121611Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 20:16:11.784] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:16:11.784] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:16:11.785] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:16:11.785] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:16:11.785] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:16:11.785] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:16:12.832] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID23-tls1.3CS4.8_mac_ubuntu_jdk_domain3.1726211430.jsonl|result:{"code": 0, "total_count": 19, "abnormal_count": 0, "normal_count": 19, "alert_count": 0, "timestamp": 1765311372831, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726211430937360, "etime": 1726211430937360, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49900, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211438047912, "etime": 1726211438047912, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49905, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211439044720, "etime": 1726211439044720, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49906, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211434963309, "etime": 1726211434963309, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49901, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211438030443, "etime": 1726211438030443, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49904, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211444143812, "etime": 1726211444143812, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49913, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211446169194, "etime": 1726211446169194, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49915, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211448202926, "etime": 1726211448202926, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49917, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211441077950, "etime": 1726211441077950, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49909, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211443118720, "etime": 1726211443118720, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49912, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211447189270, "etime": 1726211447189270, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49916, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211439060878, "etime": 1726211439060878, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49907, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211430936217, "etime": 1726211430936217, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49899, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211442108977, "etime": 1726211442108977, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49911, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211445157852, "etime": 1726211445157852, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49914, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211440059106, "etime": 1726211440059106, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49908, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211435990564, "etime": 1726211435990564, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49902, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211442091426, "etime": 1726211442091426, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49910, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211437016054, "etime": 1726211437016054, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49903, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:16:12.832] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:16:14.950] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25809 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID23-tls1.3CS4.8_mac_ubuntu_jdk_IP.1726211226.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID23-tls1.3CS4.8_mac_ubuntu_jdk_IP.1726211226.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T121614Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=c51196921e8eb059da8959e0a4296289b756e5cad7c3151e9838d8c7cc1f9c40&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:16:14.950] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:16:14.950] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:16:14.950] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:16:14.950] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:16:14.950] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:16:14.950] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:16:15.958] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID23-tls1.3CS4.8_mac_ubuntu_jdk_IP.1726211226.jsonl|result:{"code": 0, "total_count": 19, "abnormal_count": 0, "normal_count": 19, "alert_count": 0, "timestamp": 1765311375958, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726211238518215, "etime": 1726211238518215, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49813, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726211226314682, "etime": 1726211226314682, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49804, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726211226315591, "etime": 1726211226315591, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49805, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726211230330659, "etime": 1726211230330659, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49806, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726211236462429, "etime": 1726211236462429, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49811, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726211239546331, "etime": 1726211239546331, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49814, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726211241664043, "etime": 1726211241664043, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49817, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726211245746994, "etime": 1726211245746994, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49821, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726211235432555, "etime": 1726211235432555, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49809, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726211239572376, "etime": 1726211239572376, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49815, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726211243717323, "etime": 1726211243717323, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49819, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726211235453453, "etime": 1726211235453453, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49810, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726211237492946, "etime": 1726211237492946, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49812, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726211244735266, "etime": 1726211244735266, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49820, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726211234356598, "etime": 1726211234356598, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49807, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726211234424442, "etime": 1726211234424442, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49808, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726211240573289, "etime": 1726211240573289, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49816, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726211242687511, "etime": 1726211242687511, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49818, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726211246757975, "etime": 1726211246757975, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49822, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:16:15.958] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:16:18.096] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24148 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.1727232101.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.1727232101.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=d5e57f985fc5e1632577f985a6ccb9e71e75479a5d4e1139f2b87264a1a916ba&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T121617Z"}
[2025-12-09 20:16:18.096] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:16:18.096] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:16:18.096] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:16:18.096] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:16:18.096] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:16:18.096] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:16:19.103] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_domain2.1727232101.jsonl|result:{"code": 0, "total_count": 19, "abnormal_count": 0, "normal_count": 19, "alert_count": 0, "timestamp": 1765311379102, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727232119639666, "etime": 1727232119639666, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49241, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727232125648719, "etime": 1727232125648719, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49244, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727232122636829, "etime": 1727232122636829, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49242, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727232116628907, "etime": 1727232116628907, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49239, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727232109592276, "etime": 1727232109592276, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49236, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727232101567952, "etime": 1727232101567952, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49233, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727232122650773, "etime": 1727232122650773, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49243, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727232131674752, "etime": 1727232131674752, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49247, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727232137698976, "etime": 1727232137698976, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49251, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727232101568994, "etime": 1727232101568994, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49234, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727232116613994, "etime": 1727232116613994, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49238, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727232128663205, "etime": 1727232128663205, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49245, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727232134686353, "etime": 1727232134686353, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49249, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727232134699906, "etime": 1727232134699906, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49250, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727232128680946, "etime": 1727232128680946, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49246, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727232105581000, "etime": 1727232105581000, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49235, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727232113603216, "etime": 1727232113603216, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49237, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727232131688173, "etime": 1727232131688173, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49248, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727232119625195, "etime": 1727232119625195, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49240, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:16:19.103] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:16:21.235] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24577 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID23-tls1.3CS4.8_mac_ubuntu_jdk_domain2.1726211393.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID23-tls1.3CS4.8_mac_ubuntu_jdk_domain2.1726211393.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Date=20251209T121620Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=36671e455a05af8aebfcb508bbe13437b97cde4ea0ef0227542ca6ed5fdf48ec&X-Amz-SignedHeaders=host"}
[2025-12-09 20:16:21.236] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:16:21.236] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:16:21.236] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:16:21.236] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:16:21.236] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:16:21.236] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:16:22.246] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID23-tls1.3CS4.8_mac_ubuntu_jdk_domain2.1726211393.jsonl|result:{"code": 1, "total_count": 19, "abnormal_count": 1, "normal_count": 18, "alert_count": 1, "timestamp": 1765311382245, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726211393758786, "etime": 1726211393758786, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49879, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211402820524, "etime": 1726211402820524, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49883, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211407913781, "etime": 1726211407913781, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49889, "dest_port": 51129, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726211403852587, "etime": 1726211403852587, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49885, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211397783856, "etime": 1726211397783856, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49880, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211411992713, "etime": 1726211411992713, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49896, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211405874700, "etime": 1726211405874700, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49887, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211404860751, "etime": 1726211404860751, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49886, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211406889636, "etime": 1726211406889636, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49888, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211408931218, "etime": 1726211408931218, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49893, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211410977258, "etime": 1726211410977258, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49895, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211401826866, "etime": 1726211401826866, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49882, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211393757001, "etime": 1726211393757001, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49878, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211413007889, "etime": 1726211413007889, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49897, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211401806123, "etime": 1726211401806123, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49881, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211407931216, "etime": 1726211407931216, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49890, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211403834375, "etime": 1726211403834375, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49884, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211409949434, "etime": 1726211409949434, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49894, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211414029330, "etime": 1726211414029330, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49898, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:16:22.246] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:16:22.246] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:16:22.246] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:16:24.377] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24149 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP2.1727231967.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP2.1727231967.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T121623Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=dd2f0b0e92e31ab0980ee302c89133b71d7cefb2e24dced6ca2b8a6b1bd8e27f&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:16:24.378] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:16:24.378] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:16:24.378] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:16:24.378] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:16:24.378] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:16:24.378] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:16:25.441] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP2.1727231967.jsonl|result:{"code": 0, "total_count": 20, "abnormal_count": 0, "normal_count": 20, "alert_count": 0, "timestamp": 1765311385440, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727231975365309, "etime": 1727231975365309, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49199, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1727231986413742, "etime": 1727231986413742, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49202, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1727231986436102, "etime": 1727231986436102, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49203, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1727232001495323, "etime": 1727232001495323, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49211, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1727231989448753, "etime": 1727231989448753, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49206, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1727231995490246, "etime": 1727231995490246, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49209, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1727232007531798, "etime": 1727232007531798, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49214, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1727232010555997, "etime": 1727232010555997, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49215, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1727231979377004, "etime": 1727231979377004, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49200, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1727231983392836, "etime": 1727231983392836, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49201, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1727231992446250, "etime": 1727231992446250, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49207, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1727231971353033, "etime": 1727231971353033, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49198, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1727231995461791, "etime": 1727231995461791, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49208, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1727231998482879, "etime": 1727231998482879, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49210, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1727232001511906, "etime": 1727232001511906, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49212, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1727231967331218, "etime": 1727231967331218, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49197, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1727231967330495, "etime": 1727231967330495, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49196, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1727231989430176, "etime": 1727231989430176, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49205, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1727232004511393, "etime": 1727232004511393, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49213, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1727231986437360, "etime": 1727231986437360, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.140", "src_port": 49204, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:16:25.441] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:16:27.511] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24578 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID23-tls1.3CS4.8_mac_ubuntu_jdk_domain1.1726211358.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID23-tls1.3CS4.8_mac_ubuntu_jdk_domain1.1726211358.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T121627Z&X-Amz-Signature=00911e287fd38cab528c16a1ad99f4aaade0724e7ca25b1d7897b39b74bcbf18&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Expires=604800"}
[2025-12-09 20:16:27.511] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:16:27.511] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:16:27.511] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:16:27.511] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:16:27.511] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:16:27.511] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:16:28.516] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID23-tls1.3CS4.8_mac_ubuntu_jdk_domain1.1726211358.jsonl|result:{"code": 0, "total_count": 19, "abnormal_count": 0, "normal_count": 19, "alert_count": 0, "timestamp": 1765311388515, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726211366845958, "etime": 1726211366845958, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49862, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211374026962, "etime": 1726211374026962, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49873, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211362818480, "etime": 1726211362818480, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49861, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211371978349, "etime": 1726211371978349, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49870, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211377045153, "etime": 1726211377045153, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49876, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211358804878, "etime": 1726211358804878, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49859, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211369921659, "etime": 1726211369921659, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49867, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211366862888, "etime": 1726211366862888, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49863, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211374003768, "etime": 1726211374003768, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49872, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211370934535, "etime": 1726211370934535, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49868, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211376033127, "etime": 1726211376033127, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49875, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211358805643, "etime": 1726211358805643, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49860, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211368915186, "etime": 1726211368915186, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49866, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211367861096, "etime": 1726211367861096, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49864, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211378060622, "etime": 1726211378060622, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49877, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211372990825, "etime": 1726211372990825, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49871, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211370974911, "etime": 1726211370974911, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49869, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211368891447, "etime": 1726211368891447, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49865, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211375022383, "etime": 1726211375022383, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49874, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:16:28.516] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:16:30.638] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24579 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID24-tls1.3CS4.8_mac_ubuntu_openjdk_IP.1726209740.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID24-tls1.3CS4.8_mac_ubuntu_openjdk_IP.1726209740.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=34d609fcd624a6285d813abf26a21f35d871ee991722b9aa2ecfc23a039d53c5&X-Amz-Date=20251209T121630Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:16:30.638] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:16:30.638] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:16:30.638] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:16:30.638] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:16:30.638] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:16:30.639] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:16:31.544] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID24-tls1.3CS4.8_mac_ubuntu_openjdk_IP.1726209740.jsonl|result:{"code": 0, "total_count": 17, "abnormal_count": 0, "normal_count": 17, "alert_count": 0, "timestamp": 1765311391544, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726209740287297, "etime": 1726209740287297, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49633, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726209756467157, "etime": 1726209756467157, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49638, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726209766554240, "etime": 1726209766554240, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49642, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726209740288583, "etime": 1726209740288583, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49634, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726209781708246, "etime": 1726209781708246, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49649, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726209760482886, "etime": 1726209760482886, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49639, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726209748334070, "etime": 1726209748334070, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49636, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726209744306483, "etime": 1726209744306483, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49635, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726209766535715, "etime": 1726209766535715, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49641, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726209772583519, "etime": 1726209772583519, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49645, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726209769573566, "etime": 1726209769573566, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49644, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726209763511358, "etime": 1726209763511358, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49640, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726209775662132, "etime": 1726209775662132, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49647, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726209752408116, "etime": 1726209752408116, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49637, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726209775639823, "etime": 1726209775639823, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49646, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726209778666381, "etime": 1726209778666381, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49648, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726209769556670, "etime": 1726209769556670, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49643, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:16:31.544] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:16:33.795] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24580 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.1726212710.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.1726212710.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=8d1a87a311b578f2197c9cac98f94352be01ee60cc3250ef8c680dc17295c19f&X-Amz-Expires=604800&X-Amz-Date=20251209T121633Z"}
[2025-12-09 20:16:33.795] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:16:33.795] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:16:33.795] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:16:33.795] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:16:33.795] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:16:33.795] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:16:34.615] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID21-tls1.3CS4.8_mac_kali_jdk_IP1.1726212710.jsonl|result:{"code": 1, "total_count": 16, "abnormal_count": 1, "normal_count": 15, "alert_count": 1, "timestamp": 1765311394614, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726212714709050, "etime": 1726212714709050, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50124, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726212721829187, "etime": 1726212721829187, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50131, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726212720770251, "etime": 1726212720770251, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50129, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726212721802468, "etime": 1726212721802468, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50130, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726212710677896, "etime": 1726212710677896, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50122, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726212718748454, "etime": 1726212718748454, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50126, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726212725906338, "etime": 1726212725906338, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50135, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726212719751845, "etime": 1726212719751845, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50127, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726212723856379, "etime": 1726212723856379, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50133, "dest_port": 51119, "protocol": "tls", "result": "Antsword"}, {"stime": 1726212710678781, "etime": 1726212710678781, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50123, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726212724889659, "etime": 1726212724889659, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50134, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726212718733226, "etime": 1726212718733226, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50125, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726212726924441, "etime": 1726212726924441, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50136, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726212722835271, "etime": 1726212722835271, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50132, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726212727934034, "etime": 1726212727934034, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50137, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726212719767203, "etime": 1726212719767203, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50128, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:16:34.615] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:16:34.615] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:16:34.615] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:16:36.919] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24150 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID78_Z_Godzilla_ekp1.0_aspx_windowsserver2008r2_https.pcap.TCP_192-168-17-1_58782_192-168-17-132_443.1726121356.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID78_Z_Godzilla_ekp1.0_aspx_windowsserver2008r2_https.pcap.TCP_192-168-17-1_58782_192-168-17-132_443.1726121356.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T121636Z&X-Amz-Signature=f7a8a9ceaf1f236686485d7ec1a030785b2f4ae456782385d9c7123c8230ef70&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:16:36.919] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:16:36.919] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:16:36.919] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:16:36.919] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:16:36.919] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:16:36.920] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:16:36.992] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID78_Z_Godzilla_ekp1.0_aspx_windowsserver2008r2_https.pcap.TCP_192-168-17-1_58782_192-168-17-132_443.1726121356.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311396992, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726121356986947, "etime": 1726121356986947, "src_ip": "192.168.17.1", "dest_ip": "192.168.17.132", "src_port": 58782, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:16:36.992] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:16:40.062] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25810 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID22-tls1.3CS4.8_mac_kali_openjdk_IP1.1726212164.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID22-tls1.3CS4.8_mac_kali_openjdk_IP1.1726212164.jsonl?X-Amz-Expires=604800&X-Amz-Date=20251209T121639Z&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=779dae5cf8ac0410f7edae8c46b5754e8f5a5ecd22fe8119ac58338bdca53b0e"}
[2025-12-09 20:16:40.062] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:16:40.062] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:16:40.062] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:16:40.062] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:16:40.062] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:16:40.063] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:16:41.016] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID22-tls1.3CS4.8_mac_kali_openjdk_IP1.1726212164.jsonl|result:{"code": 1, "total_count": 17, "abnormal_count": 2, "normal_count": 15, "alert_count": 2, "timestamp": 1765311401015, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726212178637743, "etime": 1726212178637743, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 49928, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726212182712446, "etime": 1726212182712446, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 49934, "dest_port": 51119, "protocol": "tls", "result": "Antsword"}, {"stime": 1726212179656745, "etime": 1726212179656745, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 49930, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726212168558024, "etime": 1726212168558024, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 49923, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726212185767891, "etime": 1726212185767891, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 49937, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726212172574412, "etime": 1726212172574412, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 49924, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726212176600219, "etime": 1726212176600219, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 49925, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726212181713014, "etime": 1726212181713014, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 49933, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726212177617669, "etime": 1726212177617669, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 49926, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726212164535721, "etime": 1726212164535721, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 49921, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726212180677098, "etime": 1726212180677098, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 49931, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726212184750095, "etime": 1726212184750095, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 49936, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726212164536656, "etime": 1726212164536656, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 49922, "dest_port": 51119, "protocol": "tls", "result": "Antsword"}, {"stime": 1726212177655990, "etime": 1726212177655990, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 49927, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726212181694676, "etime": 1726212181694676, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 49932, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726212183731627, "etime": 1726212183731627, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 49935, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726212178654207, "etime": 1726212178654207, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 49929, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:16:41.016] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 2|max_alert: 1000
[2025-12-09 20:16:41.016] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:16:41.016] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:16:43.211] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24151 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_domain_mogaizwlkhflow1zwrkh.1726045043.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_domain_mogaizwlkhflow1zwrkh.1726045043.jsonl?X-Amz-Signature=2286bdaaa9f0ad5b2fca6f05ea12a0a504609e62bba5dfd1d58c717cb878aa90&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T121642Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:16:43.211] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:16:43.211] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:16:43.212] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:16:43.212] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:16:43.212] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:16:43.212] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:16:43.393] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_domain_mogaizwlkhflow1zwrkh.1726045043.jsonl|result:{"code": 0, "total_count": 3, "abnormal_count": 0, "normal_count": 3, "alert_count": 0, "timestamp": 1765311403393, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726045043846022, "etime": 1726045043846022, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49263, "dest_port": 50050, "protocol": "tls", "result": "Normal"}, {"stime": 1726045047324732, "etime": 1726045047324732, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49264, "dest_port": 50050, "protocol": "tls", "result": "Normal"}, {"stime": 1726045050209568, "etime": 1726045050209568, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49265, "dest_port": 50050, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:16:43.393] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:16:46.353] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25811 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_domain_mogaizwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49265.1726045050.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_domain_mogaizwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49265.1726045050.jsonl?X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=edf914d286cd558a3b6c484cc24c820cfef27c43cb713304f569022b9a607346&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T121645Z"}
[2025-12-09 20:16:46.353] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:16:46.353] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:16:46.353] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:16:46.353] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:16:46.353] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:16:46.354] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:16:46.431] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_domain_mogaizwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49265.1726045050.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311406431, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726045050209568, "etime": 1726045050209568, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49265, "dest_port": 50050, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:16:46.432] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:16:49.487] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25812 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-tls1.3.pcap.TCP_10-0-4-15_443_218-26-55-102_43326.1726308998.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-tls1.3.pcap.TCP_10-0-4-15_443_218-26-55-102_43326.1726308998.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Date=20251209T121648Z&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=747cfe2551217f18fa42881fb3ee40fbb0cd03527093edacc9a61542e7f81126"}
[2025-12-09 20:16:49.487] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:16:49.487] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:16:49.487] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:16:49.487] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:16:49.487] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:16:49.488] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:16:49.599] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-tls1.3.pcap.TCP_10-0-4-15_443_218-26-55-102_43326.1726308998.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311409598, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726308998337933, "etime": 1726308998337933, "src_ip": "218.26.55.102", "dest_ip": "10.0.4.15", "src_port": 43326, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}]}
[2025-12-09 20:16:49.599] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:16:49.599] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:16:49.599] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:16:52.609] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24581 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID77_Z_Godzilla_ekp1.1_aspx_windowsserver2008r2_https.pcap.TCP_192-168-17-1_35157_192-168-17-132_443.1726129243.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID77_Z_Godzilla_ekp1.1_aspx_windowsserver2008r2_https.pcap.TCP_192-168-17-1_35157_192-168-17-132_443.1726129243.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=83a726f066a4936019ce98666637f693c4f66debccfa5c1688a033756cca6c34&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T121652Z&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:16:52.609] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:16:52.609] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:16:52.609] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:16:52.609] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:16:52.609] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:16:52.610] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:16:52.720] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID77_Z_Godzilla_ekp1.1_aspx_windowsserver2008r2_https.pcap.TCP_192-168-17-1_35157_192-168-17-132_443.1726129243.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311412720, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129243752513, "etime": 1726129243752513, "src_ip": "192.168.17.1", "dest_ip": "192.168.17.132", "src_port": 35157, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:16:52.720] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:16:55.742] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25813 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID24-tls1.3CS4.8_mac_ubuntu_openjdk_domain2.1726210973.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID24-tls1.3CS4.8_mac_ubuntu_openjdk_domain2.1726210973.jsonl?X-Amz-Date=20251209T121655Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=bdf83bfdaad0c48a3d717ae82809b7f493cb0ec53165186178c1d0febd2abd76"}
[2025-12-09 20:16:55.742] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:16:55.742] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:16:55.742] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:16:55.742] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:16:55.742] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:16:55.743] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:16:56.580] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID24-tls1.3CS4.8_mac_ubuntu_openjdk_domain2.1726210973.jsonl|result:{"code": 0, "total_count": 15, "abnormal_count": 0, "normal_count": 15, "alert_count": 0, "timestamp": 1765311416579, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726210999058014, "etime": 1726210999058014, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49767, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211002087971, "etime": 1726211002087971, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49769, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211008105891, "etime": 1726211008105891, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49771, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726210973838057, "etime": 1726210973838057, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49757, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726210989969618, "etime": 1726210989969618, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49762, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726210996017811, "etime": 1726210996017811, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49764, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726210981904445, "etime": 1726210981904445, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49760, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726210973839122, "etime": 1726210973839122, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49758, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726210977867779, "etime": 1726210977867779, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49759, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726210996034586, "etime": 1726210996034586, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49765, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726210985948135, "etime": 1726210985948135, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49761, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726210999041787, "etime": 1726210999041787, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49766, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726210992990897, "etime": 1726210992990897, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49763, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211002070011, "etime": 1726211002070011, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49768, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211005085035, "etime": 1726211005085035, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49770, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:16:56.580] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:16:58.890] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24152 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID75_godzilla_3.0.3_aspx_windowsserver2008r2.pcap.TCP_192-168-17-1_36703_192-168-17-132_443.1726129505.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID75_godzilla_3.0.3_aspx_windowsserver2008r2.pcap.TCP_192-168-17-1_36703_192-168-17-132_443.1726129505.jsonl?X-Amz-Date=20251209T121658Z&X-Amz-SignedHeaders=host&X-Amz-Signature=c4faf98e36442a8501e827bbf660a795a5ca6f4e8b4befdc3f8d10f481771c5f&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 20:16:58.890] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:16:58.890] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:16:58.890] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:16:58.890] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:16:58.890] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:16:58.890] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:16:58.966] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID75_godzilla_3.0.3_aspx_windowsserver2008r2.pcap.TCP_192-168-17-1_36703_192-168-17-132_443.1726129505.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311418965, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129505442960, "etime": 1726129505442960, "src_ip": "192.168.17.1", "dest_ip": "192.168.17.132", "src_port": 36703, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:16:58.966] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:17:02.015] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24153 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.1726129515.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.1726129515.jsonl?X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T121701Z&X-Amz-SignedHeaders=host&X-Amz-Signature=07e31b75af3ad28c2a603e863ad816f3af1090ee4652f2e90ed846863d4170d3&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:17:02.016] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:17:02.016] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:17:02.016] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:17:02.016] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:17:02.016] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:17:02.017] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:17:02.859] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain1.1726129515.jsonl|result:{"code": 0, "total_count": 15, "abnormal_count": 0, "normal_count": 15, "alert_count": 0, "timestamp": 1765311422859, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129515036169, "etime": 1726129515036169, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 34308, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129519102820, "etime": 1726129519102820, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 34338, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129515037057, "etime": 1726129515037057, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 34324, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129540525621, "etime": 1726129540525621, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 43412, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129543587846, "etime": 1726129543587846, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 58164, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129537459588, "etime": 1726129537459588, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 43408, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129549746565, "etime": 1726129549746565, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 58182, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129523172277, "etime": 1726129523172277, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 50518, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129540582098, "etime": 1726129540582098, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 43414, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129527239896, "etime": 1726129527239896, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 50524, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129534385217, "etime": 1726129534385217, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 43376, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129546741149, "etime": 1726129546741149, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 58174, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129546667192, "etime": 1726129546667192, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 58168, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129534453295, "etime": 1726129534453295, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 43392, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129531312250, "etime": 1726129531312250, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 50538, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:17:02.859] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:17:05.163] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24582 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux_https-1.pcap.TCP_192-168-163-21_42089_192-168-163-23_443.1726207942.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux_https-1.pcap.TCP_192-168-163-21_42089_192-168-163-23_443.1726207942.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T121704Z&X-Amz-Signature=958f76bd8a510e5a96f9af651d908c1ee295a5f4547a2c43acaf262a750d1863&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 20:17:05.163] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:17:05.163] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:17:05.163] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:17:05.163] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:17:05.163] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:17:05.164] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:17:05.239] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux_https-1.pcap.TCP_192-168-163-21_42089_192-168-163-23_443.1726207942.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311425238, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726207942854398, "etime": 1726207942854398, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 42089, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:17:05.239] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:17:05.239] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:17:05.239] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:17:08.280] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25814 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID74_godzilla_2.96_aspx_windowsserver2008r2.pcap.TCP_192-168-17-1_37337_192-168-17-132_443.1726129614.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID74_godzilla_2.96_aspx_windowsserver2008r2.pcap.TCP_192-168-17-1_37337_192-168-17-132_443.1726129614.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T121707Z&X-Amz-Signature=911474072c7888957640f6d816f7cf87ebda09761cdf74efffb6d516b9b71f3f&X-Amz-Expires=604800"}
[2025-12-09 20:17:08.280] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:17:08.280] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:17:08.280] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:17:08.280] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:17:08.280] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:17:08.281] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:17:08.391] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID74_godzilla_2.96_aspx_windowsserver2008r2.pcap.TCP_192-168-17-1_37337_192-168-17-132_443.1726129614.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311428391, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129614772921, "etime": 1726129614772921, "src_ip": "192.168.17.1", "dest_ip": "192.168.17.132", "src_port": 37337, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:17:08.391] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:17:11.404] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25815 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID76_godzilla_4.01_aspx_windowsserver2008r2.pcap.TCP_192-168-17-1_35992_192-168-17-132_443.1726129385.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID76_godzilla_4.01_aspx_windowsserver2008r2.pcap.TCP_192-168-17-1_35992_192-168-17-132_443.1726129385.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=e214867b6c268f819f21f8fa1e540943230cc8795d58119f2c673b6c04b774ff&X-Amz-Date=20251209T121710Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:17:11.404] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:17:11.404] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:17:11.404] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:17:11.404] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:17:11.404] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:17:11.405] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:17:11.518] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID76_godzilla_4.01_aspx_windowsserver2008r2.pcap.TCP_192-168-17-1_35992_192-168-17-132_443.1726129385.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311431517, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129385695214, "etime": 1726129385695214, "src_ip": "192.168.17.1", "dest_ip": "192.168.17.132", "src_port": 35992, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:17:11.518] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:17:14.528] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24154 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.1726130399.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.1726130399.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T121714Z&X-Amz-Signature=8b57f8b929a4c0d6d6a878103fb7407e00460b747198266748c0f34d081fa208&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:17:14.528] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:17:14.528] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:17:14.528] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:17:14.528] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:17:14.528] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:17:14.529] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:17:15.320] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain1.1726130399.jsonl|result:{"code": 0, "total_count": 14, "abnormal_count": 0, "normal_count": 14, "alert_count": 0, "timestamp": 1765311435319, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130424233613, "etime": 1726130424233613, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 35934, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726130427241682, "etime": 1726130427241682, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 35948, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726130427312254, "etime": 1726130427312254, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 35960, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726130407773337, "etime": 1726130407773337, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 52870, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726130399636819, "etime": 1726130399636819, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 47654, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726130414939435, "etime": 1726130414939435, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 33840, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726130415005209, "etime": 1726130415005209, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 33856, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726130399635810, "etime": 1726130399635810, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 47642, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726130411855319, "etime": 1726130411855319, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 52872, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726130418008173, "etime": 1726130418008173, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 33858, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726130421152591, "etime": 1726130421152591, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 33868, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726130424166404, "etime": 1726130424166404, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 35930, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726130421086662, "etime": 1726130421086662, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 33860, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726130403707012, "etime": 1726130403707012, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 52856, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:17:15.320] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:17:17.671] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25816 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.1726130578.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.1726130578.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T121717Z&X-Amz-SignedHeaders=host&X-Amz-Signature=4d3d88c2a8ae78a04500d703797514a7fc4de701e183a0995b8bf30c5c49ad14"}
[2025-12-09 20:17:17.671] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:17:17.671] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:17:17.671] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:17:17.671] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:17:17.671] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:17:17.672] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:17:18.424] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_IP.1726130578.jsonl|result:{"code": 0, "total_count": 14, "abnormal_count": 0, "normal_count": 14, "alert_count": 0, "timestamp": 1765311438424, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130586675472, "etime": 1726130586675472, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 48286, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726130597951750, "etime": 1726130597951750, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 44024, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726130607100947, "etime": 1726130607100947, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 41972, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726130601018523, "etime": 1726130601018523, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 44042, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726130610171636, "etime": 1726130610171636, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 41988, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726130604020234, "etime": 1726130604020234, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 41946, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726130597888908, "etime": 1726130597888908, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 44022, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726130590746835, "etime": 1726130590746835, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 48288, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726130594814192, "etime": 1726130594814192, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 44018, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726130578537995, "etime": 1726130578537995, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 36554, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726130582597989, "etime": 1726130582597989, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 48270, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726130578536187, "etime": 1726130578536187, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 36538, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726130600951323, "etime": 1726130600951323, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 44036, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726130604086777, "etime": 1726130604086777, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 41956, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:17:18.424] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:17:20.774] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25817 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux-http-1.pcap.TCP_192-168-163-21_41979_192-168-163-23_80.1726207397.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux-http-1.pcap.TCP_192-168-163-21_41979_192-168-163-23_80.1726207397.jsonl?X-Amz-Date=20251209T121720Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=80b930c8a6b6a9a2d06a39e31d63681ad3ad37225aa06cbc43b24482262e040d&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:17:20.774] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:17:20.774] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:17:20.774] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:17:20.774] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:17:20.774] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:17:20.775] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:17:20.852] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID63_godzillav3.03_php_linux-http-1.pcap.TCP_192-168-163-21_41979_192-168-163-23_80.1726207397.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311440852, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726207397053204, "etime": 1726207397053204, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 41979, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:17:20.852] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:17:23.921] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24155 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.1726130530.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.1726130530.jsonl?X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=9b49deabf0d9c9b82eab9ed719524946240aa1b91ee179a7906199a06740413e&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T121723Z&X-Amz-Expires=604800"}
[2025-12-09 20:17:23.921] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:17:23.921] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:17:23.921] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:17:23.921] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:17:23.921] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:17:23.922] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:17:24.711] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain3.1726130530.jsonl|result:{"code": 0, "total_count": 14, "abnormal_count": 0, "normal_count": 14, "alert_count": 0, "timestamp": 1765311444711, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130544472411, "etime": 1726130544472411, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 51470, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726130530174603, "etime": 1726130530174603, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 47822, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726130544539578, "etime": 1726130544539578, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 51482, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726130547543493, "etime": 1726130547543493, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 51490, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726130550614119, "etime": 1726130550614119, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 51514, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726130534242035, "etime": 1726130534242035, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 51736, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726130553691921, "etime": 1726130553691921, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 32786, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726130543068344, "etime": 1726130543068344, "src_ip": "192.168.112.135", "dest_ip": "185.125.190.98", "src_port": 55098, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1726130556764604, "etime": 1726130556764604, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 32800, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726130530173006, "etime": 1726130530173006, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 47816, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726130541391931, "etime": 1726130541391931, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 51754, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726130541462031, "etime": 1726130541462031, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 51766, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726130538314294, "etime": 1726130538314294, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 51740, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726130547610682, "etime": 1726130547610682, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 51500, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:17:24.711] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:17:27.038] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25818 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID27-tls1.2CS4.8_centos_kali_jdk_domain1.1726131491.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID27-tls1.2CS4.8_centos_kali_jdk_domain1.1726131491.jsonl?X-Amz-Expires=604800&X-Amz-Date=20251209T121726Z&X-Amz-SignedHeaders=host&X-Amz-Signature=0b0b6eaa404041348c451971a10aeb325a2eb531330f6d9113780ed2beeef200&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:17:27.038] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:17:27.038] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:17:27.038] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:17:27.038] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:17:27.038] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:17:27.039] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:17:27.745] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID27-tls1.2CS4.8_centos_kali_jdk_domain1.1726131491.jsonl|result:{"code": 0, "total_count": 13, "abnormal_count": 0, "normal_count": 13, "alert_count": 0, "timestamp": 1765311447745, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726131506799815, "etime": 1726131506799815, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44538, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726131512854841, "etime": 1726131512854841, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44544, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726131515973672, "etime": 1726131515973672, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44550, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726131509796123, "etime": 1726131509796123, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44540, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726131515912048, "etime": 1726131515912048, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44548, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726131509856449, "etime": 1726131509856449, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44542, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726131491450015, "etime": 1726131491450015, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44528, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726131512914351, "etime": 1726131512914351, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44546, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726131495508059, "etime": 1726131495508059, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44530, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726131503666763, "etime": 1726131503666763, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44534, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726131506740386, "etime": 1726131506740386, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44536, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726131491448898, "etime": 1726131491448898, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44526, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726131499609338, "etime": 1726131499609338, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44532, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:17:27.746] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:17:30.165] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24583 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.1726129632.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.1726129632.jsonl?X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T121729Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=6603aa245176e32d8b36ea2d73fe834e5ef13173d71040b25b28b2d0b0ea8919&X-Amz-SignedHeaders=host"}
[2025-12-09 20:17:30.166] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:17:30.166] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:17:30.166] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:17:30.166] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:17:30.166] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:17:30.166] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:17:30.866] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain3.1726129632.jsonl|result:{"code": 0, "total_count": 13, "abnormal_count": 0, "normal_count": 13, "alert_count": 0, "timestamp": 1765311450865, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129653974338, "etime": 1726129653974338, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 36982, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129657051972, "etime": 1726129657051972, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 36992, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129636547837, "etime": 1726129636547837, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 35724, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129660062800, "etime": 1726129660062800, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 37004, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129644682614, "etime": 1726129644682614, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 56490, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129632475937, "etime": 1726129632475937, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 35710, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129640617536, "etime": 1726129640617536, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 35730, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129647757340, "etime": 1726129647757340, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 56494, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129632474958, "etime": 1726129632474958, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 35708, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129650834462, "etime": 1726129650834462, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 56522, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129653908234, "etime": 1726129653908234, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 36974, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129647824887, "etime": 1726129647824887, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 56508, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129656983253, "etime": 1726129656983253, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 36990, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:17:30.866] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:17:33.295] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24156 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.1726132238.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.1726132238.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T121732Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=ed302ddcff8f1733d60dbb8d0698722462f74ab36ce28a7e4cb8ceeb5157fb9e"}
[2025-12-09 20:17:33.295] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:17:33.295] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:17:33.295] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:17:33.295] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:17:33.295] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:17:33.296] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:17:34.145] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_IP.1726132238.jsonl|result:{"code": 0, "total_count": 12, "abnormal_count": 0, "normal_count": 12, "alert_count": 0, "timestamp": 1765311454145, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132252969003, "etime": 1726132252969003, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53334, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726132242809210, "etime": 1726132242809210, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53326, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726132253023796, "etime": 1726132253023796, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53336, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726132238749105, "etime": 1726132238749105, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53324, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726132238748089, "etime": 1726132238748089, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53322, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726132249914625, "etime": 1726132249914625, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53330, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726132256077876, "etime": 1726132256077876, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53340, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726132259074869, "etime": 1726132259074869, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53342, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726132256021915, "etime": 1726132256021915, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53338, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726132262129847, "etime": 1726132262129847, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53344, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726132246862528, "etime": 1726132246862528, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53328, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726132249971605, "etime": 1726132249971605, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53332, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:17:34.145] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:17:36.413] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24157 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID73_godzilla_1.10_aspx_windowsserver2008r2_https.pcap.TCP_192-168-17-1_38046_192-168-17-132_443.1726129728.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID73_godzilla_1.10_aspx_windowsserver2008r2_https.pcap.TCP_192-168-17-1_38046_192-168-17-132_443.1726129728.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=d23bcfcef92f1b84e33820d8ab3b443c23d6ccf13b31f4df61ed094e914fff51&X-Amz-Expires=604800&X-Amz-Date=20251209T121735Z&X-Amz-SignedHeaders=host"}
[2025-12-09 20:17:36.413] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:17:36.413] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:17:36.413] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:17:36.413] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:17:36.413] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:17:36.414] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:17:36.487] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID73_godzilla_1.10_aspx_windowsserver2008r2_https.pcap.TCP_192-168-17-1_38046_192-168-17-132_443.1726129728.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311456486, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129728267240, "etime": 1726129728267240, "src_ip": "192.168.17.1", "dest_ip": "192.168.17.132", "src_port": 38046, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:17:36.487] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:17:39.532] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24584 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.1726132156.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.1726132156.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T121739Z&X-Amz-Expires=604800&X-Amz-Signature=8b3519328316d5fca55c0a55f9033d1af9f7eb51ec7b8dca111924419a9e3a28&X-Amz-SignedHeaders=host"}
[2025-12-09 20:17:39.532] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:17:39.532] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:17:39.532] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:17:39.532] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:17:39.532] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:17:39.533] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:17:40.220] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain2.1726132156.jsonl|result:{"code": 0, "total_count": 12, "abnormal_count": 0, "normal_count": 12, "alert_count": 0, "timestamp": 1765311460219, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132178204905, "etime": 1726132178204905, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44896, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726132160888987, "etime": 1726132160888987, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44880, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726132175097382, "etime": 1726132175097382, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44890, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726132164940623, "etime": 1726132164940623, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44882, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726132156837251, "etime": 1726132156837251, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44878, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726132178151026, "etime": 1726132178151026, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44894, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726132168993637, "etime": 1726132168993637, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44884, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726132156836026, "etime": 1726132156836026, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44876, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726132172099217, "etime": 1726132172099217, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44888, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726132172046278, "etime": 1726132172046278, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44886, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726132175152807, "etime": 1726132175152807, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44892, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726132181204310, "etime": 1726132181204310, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44898, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:17:40.220] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:17:42.680] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24158 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.1726132198.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.1726132198.jsonl?X-Amz-Signature=6c46b0bb9a4d0a04d4c881b235bc27395be3e0dc35f87c691179e27d7e8ff20e&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T121742Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 20:17:42.680] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:17:42.680] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:17:42.680] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:17:42.680] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:17:42.680] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:17:42.681] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:17:43.325] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain3.1726132198.jsonl|result:{"code": 0, "total_count": 12, "abnormal_count": 0, "normal_count": 12, "alert_count": 0, "timestamp": 1765311463325, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132213139514, "etime": 1726132213139514, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44910, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726132198895715, "etime": 1726132198895715, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44902, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726132207011307, "etime": 1726132207011307, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44906, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726132219302359, "etime": 1726132219302359, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44920, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726132216248272, "etime": 1726132216248272, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44916, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726132222298719, "etime": 1726132222298719, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44922, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726132202949996, "etime": 1726132202949996, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44904, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726132198894650, "etime": 1726132198894650, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44900, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726132216193720, "etime": 1726132216193720, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44914, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726132213199706, "etime": 1726132213199706, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44912, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726132219245930, "etime": 1726132219245930, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44918, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726132210076668, "etime": 1726132210076668, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44908, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:17:43.325] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:17:45.803] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25819 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_https-1.pcap.TCP_192-168-163-21_41508_192-168-163-23_443.1726205247.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_https-1.pcap.TCP_192-168-163-21_41508_192-168-163-23_443.1726205247.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=93f49c26d97ff4b481d020e87aee0043ae87383956336e704b3aad2e88b6a455&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T121745Z&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:17:45.803] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:17:45.803] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:17:45.803] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:17:45.803] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:17:45.803] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:17:45.804] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:17:45.879] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_https-1.pcap.TCP_192-168-163-21_41508_192-168-163-23_443.1726205247.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311465878, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726205247630669, "etime": 1726205247630669, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 41508, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:17:45.879] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:17:45.879] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:17:45.879] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:17:48.923] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25820 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_https-1.pcap.TCP_192-168-163-21_41822_192-168-163-23_443.1726206667.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_https-1.pcap.TCP_192-168-163-21_41822_192-168-163-23_443.1726206667.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T121748Z&X-Amz-SignedHeaders=host&X-Amz-Signature=96386c459e3875d997fe60c49327f42cb96a1ac2cb9b126c9de478c040c13b4e"}
[2025-12-09 20:17:48.923] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:17:48.923] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:17:48.923] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:17:48.923] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:17:48.923] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:17:48.924] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:17:49.030] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_https-1.pcap.TCP_192-168-163-21_41822_192-168-163-23_443.1726206667.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311469030, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726206667249072, "etime": 1726206667249072, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 41822, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:17:49.030] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:17:49.030] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:17:49.030] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:17:52.046] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24585 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-tls1.3.pcap.TCP_10-0-4-15_443_218-26-55-102_43324.1726308973.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-tls1.3.pcap.TCP_10-0-4-15_443_218-26-55-102_43324.1726308973.jsonl?X-Amz-Date=20251209T121751Z&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=0d7efb0f7c3304828a5cfc03ed004d6be3468275f059dd00b7f7aef0c543f155&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:17:52.046] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:17:52.046] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:17:52.046] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:17:52.046] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:17:52.046] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:17:52.047] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:17:52.157] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-tls1.3.pcap.TCP_10-0-4-15_443_218-26-55-102_43324.1726308973.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311472157, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726308973025823, "etime": 1726308973025823, "src_ip": "218.26.55.102", "dest_ip": "10.0.4.15", "src_port": 43324, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:17:52.158] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:17:55.161] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24586 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID27-tls1.2CS4.8_centos_kali_jdk_IP.1726131737.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID27-tls1.2CS4.8_centos_kali_jdk_IP.1726131737.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T121754Z&X-Amz-Signature=d604e2387f2b76703557eb38687d1670e769ac5e4976862f47dd87a823d0347c&X-Amz-SignedHeaders=host&X-Amz-Expires=604800"}
[2025-12-09 20:17:55.161] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:17:55.161] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:17:55.162] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:17:55.162] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:17:55.162] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:17:55.162] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:17:55.836] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID27-tls1.2CS4.8_centos_kali_jdk_IP.1726131737.jsonl|result:{"code": 0, "total_count": 12, "abnormal_count": 0, "normal_count": 12, "alert_count": 0, "timestamp": 1765311475835, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726131748446949, "etime": 1726131748446949, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53142, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726131751498481, "etime": 1726131751498481, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53146, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726131745340819, "etime": 1726131745340819, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53136, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726131737236218, "etime": 1726131737236218, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53130, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726131751444658, "etime": 1726131751444658, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53144, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726131757548432, "etime": 1726131757548432, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53150, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726131743130308, "etime": 1726131743130308, "src_ip": "192.168.112.135", "dest_ip": "91.189.91.96", "src_port": 54536, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1726131754496294, "etime": 1726131754496294, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53148, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726131748392771, "etime": 1726131748392771, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53140, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726131737235225, "etime": 1726131737235225, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53128, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726131745395316, "etime": 1726131745395316, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53138, "dest_port": 51119, "protocol": "tls", "result": "Normal"}, {"stime": 1726131741287816, "etime": 1726131741287816, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 53132, "dest_port": 51119, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:17:55.836] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:17:58.294] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24587 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.1726129584.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.1726129584.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T121757Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=d87057920729d93e0ca46675bc004b03a68b377b2fded9c94b90aa70ca1b96f7&X-Amz-SignedHeaders=host"}
[2025-12-09 20:17:58.294] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:17:58.294] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:17:58.294] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:17:58.294] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:17:58.294] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:17:58.295] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:17:58.945] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID32-tls1.2CS4.8_ubuntu_ubuntu_openjdk_domain2.1726129584.jsonl|result:{"code": 0, "total_count": 12, "abnormal_count": 0, "normal_count": 12, "alert_count": 0, "timestamp": 1765311478945, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129584156504, "etime": 1726129584156504, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 52104, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129592277569, "etime": 1726129592277569, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 45842, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129605640973, "etime": 1726129605640973, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 33074, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129584155492, "etime": 1726129584155492, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 52090, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129599418463, "etime": 1726129599418463, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 45860, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129588557992, "etime": 1726129588557992, "src_ip": "192.168.112.135", "dest_ip": "185.125.190.98", "src_port": 40916, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1726129602495128, "etime": 1726129602495128, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 33044, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129602562634, "etime": 1726129602562634, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 33056, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129599484661, "etime": 1726129599484661, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 45862, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129588213011, "etime": 1726129588213011, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 52112, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129605568976, "etime": 1726129605568976, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 33072, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726129596344217, "etime": 1726129596344217, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 45844, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:17:58.945] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:18:01.414] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25821 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID27-tls1.2CS4.8_centos_kali_jdk_domain2.1726131653.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID27-tls1.2CS4.8_centos_kali_jdk_domain2.1726131653.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T121800Z&X-Amz-Signature=1fa09ac003a6dede78e3cc1fbb23d0eae8eced8cf6e7b180be271597b343d889"}
[2025-12-09 20:18:01.414] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:18:01.414] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:18:01.415] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:18:01.415] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:18:01.415] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:18:01.415] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:18:02.011] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID27-tls1.2CS4.8_centos_kali_jdk_domain2.1726131653.jsonl|result:{"code": 0, "total_count": 11, "abnormal_count": 0, "normal_count": 11, "alert_count": 0, "timestamp": 1765311482010, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726131677196698, "etime": 1726131677196698, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44688, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726131654820184, "etime": 1726131654820184, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44672, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726131654819117, "etime": 1726131654819117, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44670, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726131666977067, "etime": 1726131666977067, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44678, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726131662925620, "etime": 1726131662925620, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44676, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726131677196756, "etime": 1726131677196756, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44690, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726131677132622, "etime": 1726131677132622, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44686, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726131674080463, "etime": 1726131674080463, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44682, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726131671029055, "etime": 1726131671029055, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44680, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726131658873111, "etime": 1726131658873111, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44674, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726131674136277, "etime": 1726131674136277, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44684, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:18:02.011] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:18:04.543] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24159 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_http-1.pcap.TCP_192-168-163-21_41292_192-168-163-23_80.1726204011.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_http-1.pcap.TCP_192-168-163-21_41292_192-168-163-23_80.1726204011.jsonl?X-Amz-Signature=0de9e92e55d74ec2c5afa4a3b2929100be3de65072b00274b5dcdfa8b5c5c827&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T121804Z"}
[2025-12-09 20:18:04.543] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:18:04.543] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:18:04.543] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:18:04.543] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:18:04.543] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:18:04.544] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:18:04.619] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_http-1.pcap.TCP_192-168-163-21_41292_192-168-163-23_80.1726204011.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311484619, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726204011455758, "etime": 1726204011455758, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 41292, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:18:04.619] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:18:07.646] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25822 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_http-1.pcap.TCP_192-168-163-21_41718_192-168-163-23_80.1726206182.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_http-1.pcap.TCP_192-168-163-21_41718_192-168-163-23_80.1726206182.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T121807Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=bd83c39378c84ebdc4495ea85c785451310370e7e79a48f6b6c40c52d2e645a6&X-Amz-SignedHeaders=host"}
[2025-12-09 20:18:07.646] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:18:07.646] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:18:07.646] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:18:07.646] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:18:07.646] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:18:07.647] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:18:07.753] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_http-1.pcap.TCP_192-168-163-21_41718_192-168-163-23_80.1726206182.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311487753, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726206182110453, "etime": 1726206182110453, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 41718, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:18:07.753] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:18:10.763] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24160 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_https.pcap.TCP_172-28-208-1_62918_172-28-211-96_8443.1726646627.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_https.pcap.TCP_172-28-208-1_62918_172-28-211-96_8443.1726646627.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=168ece1c3490c725190d0782395a7c64605ba189d051654007a7037ddc16466f&X-Amz-Date=20251209T121810Z&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:18:10.763] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:18:10.763] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:18:10.763] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:18:10.763] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:18:10.763] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:18:10.764] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:18:10.873] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_https.pcap.TCP_172-28-208-1_62918_172-28-211-96_8443.1726646627.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311490873, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726646627631971, "etime": 1726646627631971, "src_ip": "172.28.208.1", "dest_ip": "172.28.211.96", "src_port": 62918, "dest_port": 8443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:18:10.873] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:18:13.879] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24161 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID27-tls1.2CS4.8_centos_kali_jdk_domain3.1726131696.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID27-tls1.2CS4.8_centos_kali_jdk_domain3.1726131696.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T121813Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=ab73d1e739054a28afd43b5c786877fd0c49ac36f05f49498f79a913a0551351&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 20:18:13.879] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:18:13.880] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:18:13.880] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:18:13.880] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:18:13.880] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:18:13.881] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:18:14.462] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID27-tls1.2CS4.8_centos_kali_jdk_domain3.1726131696.jsonl|result:{"code": 0, "total_count": 10, "abnormal_count": 0, "normal_count": 10, "alert_count": 0, "timestamp": 1765311494461, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726131696994967, "etime": 1726131696994967, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44702, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726131696993827, "etime": 1726131696993827, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44700, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726131708154480, "etime": 1726131708154480, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44708, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726131708209743, "etime": 1726131708209743, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44710, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726131711207836, "etime": 1726131711207836, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44712, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726131705102088, "etime": 1726131705102088, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44706, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726131711263685, "etime": 1726131711263685, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44716, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726131711263759, "etime": 1726131711263759, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44714, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726131701049963, "etime": 1726131701049963, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44704, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726131714261053, "etime": 1726131714261053, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44718, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:18:14.462] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:18:17.003] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24162 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain1.1726132102.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain1.1726132102.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T121816Z&X-Amz-Signature=e0e3c40e745aa909300116701901106ffb3b7dea4e3a2afaa6a9736faaaf7bd8"}
[2025-12-09 20:18:17.003] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:18:17.004] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:18:17.004] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:18:17.004] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:18:17.004] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:18:17.005] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:18:17.547] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID28-tls1.2CS4.8_centos_kali_openjdk_domain1.1726132102.jsonl|result:{"code": 0, "total_count": 10, "abnormal_count": 0, "normal_count": 10, "alert_count": 0, "timestamp": 1765311497546, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132110990322, "etime": 1726132110990322, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44842, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726132102860077, "etime": 1726132102860077, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44836, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726132114121975, "etime": 1726132114121975, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44846, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726132102861172, "etime": 1726132102861172, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44838, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726132106925041, "etime": 1726132106925041, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44840, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726132117175505, "etime": 1726132117175505, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44850, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726132117120758, "etime": 1726132117120758, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44848, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726132120173753, "etime": 1726132120173753, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44852, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726132120257583, "etime": 1726132120257583, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44854, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726132114057240, "etime": 1726132114057240, "src_ip": "192.168.112.136", "dest_ip": "192.168.112.135", "src_port": 44844, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:18:17.547] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:18:20.129] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24163 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain2.1726130487.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain2.1726130487.jsonl?X-Amz-Signature=c466c4e1076665a1c4d8b4bf97badf84e66e3002c92afc250669ae1eb6e27906&X-Amz-Date=20251209T121819Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:18:20.129] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:18:20.129] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:18:20.130] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:18:20.130] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:18:20.130] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:18:20.131] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:18:20.678] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID31-tls1.2CS4.8_ubuntu_ubuntu_jdk_domain2.1726130487.jsonl|result:{"code": 0, "total_count": 10, "abnormal_count": 0, "normal_count": 10, "alert_count": 0, "timestamp": 1765311500678, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726130495999516, "etime": 1726130495999516, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 36998, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726130503236949, "etime": 1726130503236949, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 54372, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726130487856048, "etime": 1726130487856048, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 38764, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726130506245061, "etime": 1726130506245061, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 54374, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726130491924477, "etime": 1726130491924477, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 38790, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726130503165571, "etime": 1726130503165571, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 54358, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726130487857094, "etime": 1726130487857094, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 38776, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726130503236536, "etime": 1726130503236536, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 54360, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726130500091262, "etime": 1726130500091262, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 37014, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726130506316604, "etime": 1726130506316604, "src_ip": "192.168.112.140", "dest_ip": "192.168.112.135", "src_port": 54386, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:18:20.678] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:18:23.242] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24164 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_http.pcap.TCP_172-28-208-1_62608_172-28-211-96_8080.1726644126.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_http.pcap.TCP_172-28-208-1_62608_172-28-211-96_8080.1726644126.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T121822Z&X-Amz-Signature=38add0ecacb43977c3b02c0af15e066a3cd1957f974f0ff254ec10e3de51e9fb"}
[2025-12-09 20:18:23.242] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:18:23.242] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:18:23.243] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:18:23.243] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:18:23.243] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:18:23.244] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:18:23.319] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_http.pcap.TCP_172-28-208-1_62608_172-28-211-96_8080.1726644126.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311503318, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726644126537811, "etime": 1726644126537811, "src_ip": "172.28.208.1", "dest_ip": "172.28.211.96", "src_port": 62608, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:18:23.319] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:18:26.357] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24588 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62980.1727519637.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62980.1727519637.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=361b28aa066926199ed4e3b6f7c44da8d4992c753c51c5bae7bd8161a97258b8&X-Amz-Date=20251209T121825Z"}
[2025-12-09 20:18:26.358] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:18:26.358] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:18:26.358] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:18:26.358] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:18:26.358] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:18:26.359] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:18:26.469] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62980.1727519637.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311506468, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727519637909236, "etime": 1727519637909236, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 62980, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:18:26.469] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:18:29.482] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25823 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62113.1727518664.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62113.1727518664.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T121828Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=8069d7d43613c37ee1da65806e3663a8745794f445f0474c9ae8588dcf285301"}
[2025-12-09 20:18:29.482] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:18:29.482] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:18:29.482] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:18:29.482] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:18:29.482] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:18:29.483] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:18:29.589] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62113.1727518664.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311509589, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727518664881158, "etime": 1727518664881158, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 62113, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:18:29.589] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:18:29.589] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:18:29.589] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:18:32.597] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25824 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_50940.1727436527.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_50940.1727436527.jsonl?X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=0cf1399569585a48c31b197e827d95ed17c5744bdba98ff6a7fecca129971021&X-Amz-Date=20251209T121832Z&X-Amz-Expires=604800"}
[2025-12-09 20:18:32.597] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:18:32.597] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:18:32.597] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:18:32.597] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:18:32.597] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:18:32.598] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:18:32.706] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_50940.1727436527.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311512705, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727436527179967, "etime": 1727436527179967, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 50940, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:18:32.706] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:18:32.706] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:18:32.706] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:18:35.715] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24589 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_https.pcap.TCP_172-28-208-1_62935_172-28-211-96_8443.1726646726.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_https.pcap.TCP_172-28-208-1_62935_172-28-211-96_8443.1726646726.jsonl?X-Amz-Signature=0b012a6335f54716f08682b7fb29869009982ea0ac0f36289818a08b9b83fc13&X-Amz-Date=20251209T121835Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:18:35.715] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:18:35.715] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:18:35.715] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:18:35.715] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:18:35.715] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:18:35.716] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:18:35.826] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_https.pcap.TCP_172-28-208-1_62935_172-28-211-96_8443.1726646726.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311515825, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726646726785679, "etime": 1726646726785679, "src_ip": "172.28.208.1", "dest_ip": "172.28.211.96", "src_port": 62935, "dest_port": 8443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:18:35.826] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:18:38.838] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24590 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_63540.1727520252.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_63540.1727520252.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T121838Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=0c2b9578c40623c12151342bcf86277e0d354b7b7368e760b0d9e11cfdfb6013"}
[2025-12-09 20:18:38.839] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:18:38.839] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:18:38.839] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:18:38.839] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:18:38.839] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:18:38.840] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:18:38.950] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_63540.1727520252.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311518950, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727520252457566, "etime": 1727520252457566, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 63540, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:18:38.950] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:18:38.950] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:18:38.950] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:18:41.953] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25825 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_63357.1727520061.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_63357.1727520061.jsonl?X-Amz-Signature=7e60ac3dd5c33ab4b699af41715789743d577688eb398b53ad023d80756beb18&X-Amz-Date=20251209T121841Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Expires=604800"}
[2025-12-09 20:18:41.953] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:18:41.953] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:18:41.953] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:18:41.953] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:18:41.953] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:18:41.954] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:18:42.066] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_63357.1727520061.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311522065, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727520061610068, "etime": 1727520061610068, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 63357, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:18:42.066] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:18:45.071] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24591 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_62813.1727519464.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_62813.1727519464.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=77a5030c5e9d00c76431261acb86f1f01ef52b95d629a1d61d09fd05850b2bd8&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T121844Z&X-Amz-Expires=604800"}
[2025-12-09 20:18:45.071] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:18:45.071] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:18:45.071] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:18:45.071] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:18:45.071] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:18:45.072] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:18:45.181] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_62813.1727519464.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311525181, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727519464188012, "etime": 1727519464188012, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 62813, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:18:45.181] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:18:48.180] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25826 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_61694.1727518196.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_61694.1727518196.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=8f45e82b48f555970f24c154172510ddf2addccc50ddc7fb2606035a377afbc1&X-Amz-Date=20251209T121847Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:18:48.181] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:18:48.181] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:18:48.181] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:18:48.181] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:18:48.181] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:18:48.182] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:18:48.294] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_61694.1727518196.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311528294, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727518196546293, "etime": 1727518196546293, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 61694, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:18:48.294] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:18:51.295] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24165 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_50566.1727436123.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_50566.1727436123.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T121850Z&X-Amz-Signature=a226bb9fbc366e3b5aa830dca098c2167e69593d72b93440cd9ce9d8134d9b56"}
[2025-12-09 20:18:51.296] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:18:51.296] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:18:51.296] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:18:51.296] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:18:51.296] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:18:51.297] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:18:51.407] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_50566.1727436123.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311531407, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727436123413351, "etime": 1727436123413351, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 50566, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:18:51.407] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:18:54.410] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24592 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_https.pcap.TCP_172-28-208-1_62936_172-28-211-96_8443.1726646726.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_https.pcap.TCP_172-28-208-1_62936_172-28-211-96_8443.1726646726.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T121853Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=446ed5c4a50e764856c628379135386493cae43e7ff296f1d70cd7225ca980e1&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 20:18:54.410] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:18:54.410] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:18:54.410] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:18:54.410] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:18:54.410] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:18:54.411] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:18:54.521] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_https.pcap.TCP_172-28-208-1_62936_172-28-211-96_8443.1726646726.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311534520, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726646726785982, "etime": 1726646726785982, "src_ip": "172.28.208.1", "dest_ip": "172.28.211.96", "src_port": 62936, "dest_port": 8443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:18:54.521] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:18:57.516] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24166 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-https.pcap.TCP_10-0-4-15_4433_111-53-218-171_11102.1726283919.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-https.pcap.TCP_10-0-4-15_4433_111-53-218-171_11102.1726283919.jsonl?X-Amz-Signature=9096282364f8d5ee44fbf39947dd06bbaf4b647ec871b2029404f468bfbda52b&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T121857Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:18:57.516] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:18:57.516] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:18:57.516] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:18:57.516] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:18:57.516] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:18:57.517] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:18:57.622] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-https.pcap.TCP_10-0-4-15_4433_111-53-218-171_11102.1726283919.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311537622, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726283919586131, "etime": 1726283919586131, "src_ip": "111.53.218.171", "dest_ip": "10.0.4.15", "src_port": 11102, "dest_port": 4433, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:18:57.622] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:18:57.622] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:18:57.622] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:19:00.626] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25827 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_http.pcap.TCP_172-28-208-1_62622_172-28-211-96_8080.1726644233.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_http.pcap.TCP_172-28-208-1_62622_172-28-211-96_8080.1726644233.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=157fd369fb8baad657184fb8fd8fecdb672f54b1b52745c096bbc44f599fc7d0&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T121900Z"}
[2025-12-09 20:19:00.626] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:19:00.626] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:19:00.627] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:19:00.627] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:19:00.627] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:19:00.627] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:19:00.736] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_http.pcap.TCP_172-28-208-1_62622_172-28-211-96_8080.1726644233.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311540735, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726644233062572, "etime": 1726644233062572, "src_ip": "172.28.208.1", "dest_ip": "172.28.211.96", "src_port": 62622, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:19:00.736] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:19:03.736] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25828 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_http.pcap.TCP_172-28-208-1_62621_172-28-211-96_8080.1726644233.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_http.pcap.TCP_172-28-208-1_62621_172-28-211-96_8080.1726644233.jsonl?X-Amz-Date=20251209T121903Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=acbd8fbb4eb0e3569579eb6b464a180c97330d7d51040089edb5d36d53edfcdc&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:19:03.736] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:19:03.736] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:19:03.736] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:19:03.736] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:19:03.737] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:19:03.737] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:19:03.843] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_http.pcap.TCP_172-28-208-1_62621_172-28-211-96_8080.1726644233.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311543842, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726644233062389, "etime": 1726644233062389, "src_ip": "172.28.208.1", "dest_ip": "172.28.211.96", "src_port": 62621, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:19:03.843] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:19:06.848] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24167 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_https.pcap.TCP_172-28-208-1_62953_172-28-211-96_8443.1726646865.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_https.pcap.TCP_172-28-208-1_62953_172-28-211-96_8443.1726646865.jsonl?X-Amz-Date=20251209T121906Z&X-Amz-Signature=29e2f3a9861b12a67ae3c5fe6ee31b1d7790a622a5d7e0aea19d866ea7df7269&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 20:19:06.849] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:19:06.849] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:19:06.849] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:19:06.849] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:19:06.849] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:19:06.850] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:19:06.959] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_https.pcap.TCP_172-28-208-1_62953_172-28-211-96_8443.1726646865.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311546959, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726646865227835, "etime": 1726646865227835, "src_ip": "172.28.208.1", "dest_ip": "172.28.211.96", "src_port": 62953, "dest_port": 8443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:19:06.959] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:19:09.966] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24168 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_50936.1727436524.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_50936.1727436524.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=d7bf2947b53ed18e082c764b180a4fdf5bea53b8b24d3f5541166afb324466f2&X-Amz-Expires=604800&X-Amz-Date=20251209T121909Z"}
[2025-12-09 20:19:09.966] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:19:09.966] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:19:09.966] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:19:09.966] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:19:09.966] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:19:09.967] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:19:10.077] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_50936.1727436524.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311550077, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727436524488301, "etime": 1727436524488301, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 50936, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:19:10.077] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:19:13.092] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24593 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62976.1727519635.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62976.1727519635.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=99704255db488d845c97aa315f1c4a7888dde38d5e971cd76ee946ca944af177&X-Amz-Expires=604800&X-Amz-Date=20251209T121912Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host"}
[2025-12-09 20:19:13.092] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:19:13.092] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:19:13.092] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:19:13.093] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:19:13.093] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:19:13.093] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:19:13.204] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62976.1727519635.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311553204, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727519635215763, "etime": 1727519635215763, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 62976, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:19:13.204] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:19:16.211] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25829 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID60_behinderv4.1_aspx_winserver2012r2-tls1.2_1.pcap.TCP_10-0-4-15_4433_111-53-218-171_11619.1726284624.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID60_behinderv4.1_aspx_winserver2012r2-tls1.2_1.pcap.TCP_10-0-4-15_4433_111-53-218-171_11619.1726284624.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Date=20251209T121915Z&X-Amz-SignedHeaders=host&X-Amz-Signature=df725dcacce6f6b6308109b7ee120e0599c29441dfe2eca4e7993115fb89fbe5"}
[2025-12-09 20:19:16.211] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:19:16.211] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:19:16.211] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:19:16.211] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:19:16.211] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:19:16.212] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:19:16.323] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID60_behinderv4.1_aspx_winserver2012r2-tls1.2_1.pcap.TCP_10-0-4-15_4433_111-53-218-171_11619.1726284624.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311556322, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726284624194161, "etime": 1726284624194161, "src_ip": "111.53.218.171", "dest_ip": "10.0.4.15", "src_port": 11619, "dest_port": 4433, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:19:16.323] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:19:16.323] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:19:16.323] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:19:19.321] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25830 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62111.1727518662.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62111.1727518662.jsonl?X-Amz-Date=20251209T121918Z&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=8fd9e308ddbea45166640bf0efcf348e99533443358505a889a0fa04a01699b5&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:19:19.321] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:19:19.321] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:19:19.322] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:19:19.322] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:19:19.322] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:19:19.323] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:19:19.426] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62111.1727518662.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311559426, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727518662980922, "etime": 1727518662980922, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 62111, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:19:19.426] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:19:22.434] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25831 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_63537.1727520249.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_63537.1727520249.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T121921Z&X-Amz-SignedHeaders=host&X-Amz-Signature=f5a826db51289e2e66c1ea1685c0c68ff114cd41f2e4ea088c86d252265592ab"}
[2025-12-09 20:19:22.434] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:19:22.434] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:19:22.434] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:19:22.434] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:19:22.434] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:19:22.435] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:19:22.549] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_63537.1727520249.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311562548, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727520249913160, "etime": 1727520249913160, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 63537, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:19:22.549] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:19:25.545] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24169 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_IP.1726816453.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_IP.1726816453.jsonl?X-Amz-Signature=446da0b81036fc88deee9351c45f59b8d14d3d0fce0df60d09e40469d0020335&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T121924Z"}
[2025-12-09 20:19:25.545] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:19:25.545] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:19:25.545] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:19:25.545] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:19:25.545] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:19:25.546] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:19:25.968] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_IP.1726816453.jsonl|result:{"code": 1, "total_count": 7, "abnormal_count": 7, "normal_count": 0, "alert_count": 7, "timestamp": 1765311565968, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726816620073716, "etime": 1726816620073716, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51868, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1726816695962690, "etime": 1726816695962690, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51871, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726816528714237, "etime": 1726816528714237, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51864, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726816453262985, "etime": 1726816453262985, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51862, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726816544146461, "etime": 1726816544146461, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51865, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726816604578792, "etime": 1726816604578792, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51867, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726816680523235, "etime": 1726816680523235, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51870, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:19:25.968] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 7|max_alert: 1000
[2025-12-09 20:19:25.968] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:19:25.968] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:19:28.666] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24170 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_IP.1726795336.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_IP.1726795336.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=8cd4401a9315550a29b8df70eec73902255d6ee980ff179027ec65084c88daed&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T121928Z"}
[2025-12-09 20:19:28.666] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:19:28.666] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:19:28.666] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:19:28.666] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:19:28.666] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:19:28.666] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:19:29.059] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_IP.1726795336.jsonl|result:{"code": 1, "total_count": 7, "abnormal_count": 7, "normal_count": 0, "alert_count": 7, "timestamp": 1765311569058, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726795411785346, "etime": 1726795411785346, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51108, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726795427218369, "etime": 1726795427218369, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51109, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726795487649673, "etime": 1726795487649673, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51111, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726795503111499, "etime": 1726795503111499, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51112, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1726795563520347, "etime": 1726795563520347, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51114, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726795578971037, "etime": 1726795578971037, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51115, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726795336342989, "etime": 1726795336342989, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51106, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:19:29.059] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 7|max_alert: 1000
[2025-12-09 20:19:29.059] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:19:29.059] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:19:31.774] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25832 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_domain.1726799420.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_domain.1726799420.jsonl?X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T121931Z&X-Amz-Expires=604800&X-Amz-Signature=e38c7a43a91a11a4087dc9623c2408da99f60710f98f96ed26df79b9315cb7aa"}
[2025-12-09 20:19:31.775] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:19:31.775] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:19:31.775] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:19:31.775] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:19:31.775] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:19:31.775] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:19:32.164] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID34-tls1.2CS4.8_windowsserver2008_kali_openjdk_domain.1726799420.jsonl|result:{"code": 1, "total_count": 7, "abnormal_count": 7, "normal_count": 0, "alert_count": 7, "timestamp": 1765311572164, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726799647723038, "etime": 1726799647723038, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51224, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726799663177744, "etime": 1726799663177744, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51225, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726799495966027, "etime": 1726799495966027, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51218, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726799571828221, "etime": 1726799571828221, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51221, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726799587285373, "etime": 1726799587285373, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51222, "dest_port": 446, "protocol": "tls", "result": "Antsword"}, {"stime": 1726799511389872, "etime": 1726799511389872, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51219, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726799420509946, "etime": 1726799420509946, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51216, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:19:32.164] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 7|max_alert: 1000
[2025-12-09 20:19:32.164] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:19:32.164] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:19:34.897] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24171 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.1726813550.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.1726813550.jsonl?X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=ef5dcfac8057b622f3891193bb177ece10cfd406130d7a2750c02639f78afde4&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T121934Z"}
[2025-12-09 20:19:34.897] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:19:34.897] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:19:34.897] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:19:34.897] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:19:34.897] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:19:34.898] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:19:35.287] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID33-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.1726813550.jsonl|result:{"code": 1, "total_count": 7, "abnormal_count": 7, "normal_count": 0, "alert_count": 7, "timestamp": 1765311575287, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726813550942625, "etime": 1726813550942625, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51762, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726813793688295, "etime": 1726813793688295, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51771, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726813626421720, "etime": 1726813626421720, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51764, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726813702346496, "etime": 1726813702346496, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51767, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726813717803763, "etime": 1726813717803763, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51768, "dest_port": 446, "protocol": "tls", "result": "Antsword"}, {"stime": 1726813641874483, "etime": 1726813641874483, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51765, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726813778251253, "etime": 1726813778251253, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51770, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:19:35.288] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 7|max_alert: 1000
[2025-12-09 20:19:35.288] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:19:35.288] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:19:38.010] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24594 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_50563.1727436120.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_50563.1727436120.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T121937Z&X-Amz-Signature=f3914c049a7a5fe25302712bac7a5b9a74317c57ac22b53a5d1541a05603e56c&X-Amz-Expires=604800"}
[2025-12-09 20:19:38.010] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:19:38.010] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:19:38.010] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:19:38.011] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:19:38.011] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:19:38.011] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:19:38.085] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_50563.1727436120.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311578084, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727436120775585, "etime": 1727436120775585, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 50563, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:19:38.085] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:19:41.112] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24172 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_62811.1727519462.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_62811.1727519462.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T121940Z&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=a402e00a1d883653a19c40bfb9ba7934953b69dc9e5d108438c84b86174d156b"}
[2025-12-09 20:19:41.113] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:19:41.113] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:19:41.113] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:19:41.113] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:19:41.113] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:19:41.114] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:19:41.223] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_62811.1727519462.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311581222, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727519462216316, "etime": 1727519462216316, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 62811, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:19:41.223] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:19:44.235] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24595 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_63355.1727520059.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_63355.1727520059.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T121943Z&X-Amz-Signature=6b72d5b3c3a5b182e2af3f3bf84dec22fd943817ccceb3549824aa88895e1f0f&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:19:44.235] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:19:44.235] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:19:44.236] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:19:44.236] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:19:44.236] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:19:44.237] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:19:44.346] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_63355.1727520059.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311584345, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727520059453180, "etime": 1727520059453180, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 63355, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:19:44.346] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:19:47.348] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24596 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_61690.1727518193.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_61690.1727518193.jsonl?X-Amz-Expires=604800&X-Amz-Signature=42f11ddb8fdf1d68ca4f203aa6eb39c78dc6c9aefa373da692a44e2a82ef5990&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T121946Z"}
[2025-12-09 20:19:47.348] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:19:47.348] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:19:47.348] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:19:47.348] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:19:47.348] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:19:47.349] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:19:47.459] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_61690.1727518193.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311587459, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727518193719441, "etime": 1727518193719441, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 61690, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:19:47.459] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:19:50.461] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24597 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_https.pcap.TCP_172-28-208-1_62740_172-28-211-96_8443.1726645187.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_https.pcap.TCP_172-28-208-1_62740_172-28-211-96_8443.1726645187.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=c5b5330e22519762702518e3f2724061f4a14c3a3153814ea7f659ebde5e97e8&X-Amz-Date=20251209T121949Z"}
[2025-12-09 20:19:50.462] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:19:50.462] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:19:50.462] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:19:50.462] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:19:50.462] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:19:50.463] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:19:50.573] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_https.pcap.TCP_172-28-208-1_62740_172-28-211-96_8443.1726645187.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311590573, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726645187405335, "etime": 1726645187405335, "src_ip": "172.28.208.1", "dest_ip": "172.28.211.96", "src_port": 62740, "dest_port": 8443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:19:50.573] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:19:53.578] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24173 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_https_whoami.pcap.TCP_192-168-52-1_25209_192-168-52-129_443.1725956951.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_https_whoami.pcap.TCP_192-168-52-1_25209_192-168-52-129_443.1725956951.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T121953Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=279f6d352c2bf8f48039072c31c596a1c1472c3d2cf31dc5bb9573c531b43adf"}
[2025-12-09 20:19:53.578] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:19:53.578] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:19:53.578] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:19:53.578] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:19:53.578] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:19:53.579] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:19:53.689] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_https_whoami.pcap.TCP_192-168-52-1_25209_192-168-52-129_443.1725956951.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311593688, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1725956951388497, "etime": 1725956951388497, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 25209, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}]}
[2025-12-09 20:19:53.689] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:19:53.689] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:19:53.689] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:19:56.697] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25833 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-tls1.3.pcap.TCP_10-0-4-15_443_218-26-55-102_43323.1726308966.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-tls1.3.pcap.TCP_10-0-4-15_443_218-26-55-102_43323.1726308966.jsonl?X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=cfb33de6043de6718960274af7fc2bddc341770e1f967950c4cc29a9743468fd&X-Amz-Expires=604800&X-Amz-Date=20251209T121956Z"}
[2025-12-09 20:19:56.698] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:19:56.698] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:19:56.698] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:19:56.698] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:19:56.698] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:19:56.699] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:19:56.809] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-tls1.3.pcap.TCP_10-0-4-15_443_218-26-55-102_43323.1726308966.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311596808, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726308966105971, "etime": 1726308966105971, "src_ip": "218.26.55.102", "dest_ip": "10.0.4.15", "src_port": 43323, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:19:56.809] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:19:56.809] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:19:56.809] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:19:59.819] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24174 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-https.pcap.TCP_10-0-4-15_4433_111-53-218-171_11098.1726283912.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-https.pcap.TCP_10-0-4-15_4433_111-53-218-171_11098.1726283912.jsonl?X-Amz-Date=20251209T121959Z&X-Amz-Signature=0ad2b51a6090add06b3c331a2bd9dc275450ff8b70d4b8cc56d66443f1b4e4f6&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 20:19:59.819] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:19:59.819] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:19:59.820] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:19:59.820] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:19:59.820] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:19:59.821] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:19:59.931] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-https.pcap.TCP_10-0-4-15_4433_111-53-218-171_11098.1726283912.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311599930, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726283912691028, "etime": 1726283912691028, "src_ip": "111.53.218.171", "dest_ip": "10.0.4.15", "src_port": 11098, "dest_port": 4433, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:19:59.931] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:20:02.936] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25834 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_http.pcap.TCP_172-28-208-1_62395_172-28-211-96_8080.1726642569.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_http.pcap.TCP_172-28-208-1_62395_172-28-211-96_8080.1726642569.jsonl?X-Amz-Date=20251209T122002Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=e7c65fa90713b08eb104b33a69dc8ca5bc688e70282b6b50cfeee588cbecfd97&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:20:02.936] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:20:02.936] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:20:02.936] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:20:02.936] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:20:02.936] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:20:02.937] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:20:03.050] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_http.pcap.TCP_172-28-208-1_62395_172-28-211-96_8080.1726642569.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311603049, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726642569465439, "etime": 1726642569465439, "src_ip": "172.28.208.1", "dest_ip": "172.28.211.96", "src_port": 62395, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:20:03.050] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:20:06.050] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24598 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_53296_192-168-32-40_443.1726127499.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_53296_192-168-32-40_443.1726127499.jsonl?X-Amz-Signature=20584141767f030ace5ed8907af16f9178c09d2d51291c1d9484f8aff3ccab43&X-Amz-Date=20251209T122005Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:20:06.050] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:20:06.050] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:20:06.050] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:20:06.050] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:20:06.051] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:20:06.051] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:20:06.137] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_https.pcap.TCP_192-168-32-1_53296_192-168-32-40_443.1726127499.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311606136, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726127499935902, "etime": 1726127499935902, "src_ip": "192.168.32.1", "dest_ip": "192.168.32.40", "src_port": 53296, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:20:06.137] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:20:06.137] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:20:06.137] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:20:09.168] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25835 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_http.pcap.TCP_172-28-208-1_62482_172-28-211-96_8080.1726643269.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_http.pcap.TCP_172-28-208-1_62482_172-28-211-96_8080.1726643269.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Date=20251209T122008Z&X-Amz-SignedHeaders=host&X-Amz-Signature=3bb7a8c3f30add9c89b19184dec74a97a559bdadb83d683cb15ee5c83f63ab8d"}
[2025-12-09 20:20:09.169] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:20:09.169] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:20:09.169] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:20:09.169] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:20:09.169] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:20:09.170] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:20:09.278] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_http.pcap.TCP_172-28-208-1_62482_172-28-211-96_8080.1726643269.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311609277, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726643269345701, "etime": 1726643269345701, "src_ip": "172.28.208.1", "dest_ip": "172.28.211.96", "src_port": 62482, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:20:09.278] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:20:12.285] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24599 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_http.pcap.TCP_172-28-208-1_62436_172-28-211-96_8080.1726642849.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_http.pcap.TCP_172-28-208-1_62436_172-28-211-96_8080.1726642849.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T122011Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=4d25f14344d01fe66ef5e58bb879d33981e100137bb7ea559e3c12ed47e2fc20"}
[2025-12-09 20:20:12.285] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:20:12.285] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:20:12.286] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:20:12.286] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:20:12.286] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:20:12.287] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:20:12.397] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_http.pcap.TCP_172-28-208-1_62436_172-28-211-96_8080.1726642849.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311612397, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726642849330442, "etime": 1726642849330442, "src_ip": "172.28.208.1", "dest_ip": "172.28.211.96", "src_port": 62436, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:20:12.397] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:20:15.400] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25836 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_http.pcap.TCP_172-28-208-1_62453_172-28-211-96_8080.1726642989.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_http.pcap.TCP_172-28-208-1_62453_172-28-211-96_8080.1726642989.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=68a0dc9ca63aa466c326f6f3dfad445845d10bb259097fb26f30ea61b3ea14fa&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T122014Z&X-Amz-Expires=604800"}
[2025-12-09 20:20:15.400] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:20:15.400] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:20:15.400] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:20:15.400] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:20:15.400] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:20:15.401] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:20:15.511] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_http.pcap.TCP_172-28-208-1_62453_172-28-211-96_8080.1726642989.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311615511, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726642989595738, "etime": 1726642989595738, "src_ip": "172.28.208.1", "dest_ip": "172.28.211.96", "src_port": 62453, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:20:15.511] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:20:18.517] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25837 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_http.pcap.TCP_172-28-208-1_62447_172-28-211-96_8080.1726642946.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_http.pcap.TCP_172-28-208-1_62447_172-28-211-96_8080.1726642946.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=4a9020de94b9c66a9ffadb1ece82aeec47bfae32ff86717033a6f05c55c886a4&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T122018Z"}
[2025-12-09 20:20:18.517] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:20:18.517] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:20:18.517] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:20:18.517] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:20:18.517] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:20:18.518] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:20:18.628] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_http.pcap.TCP_172-28-208-1_62447_172-28-211-96_8080.1726642946.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311618628, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726642946352391, "etime": 1726642946352391, "src_ip": "172.28.208.1", "dest_ip": "172.28.211.96", "src_port": 62447, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:20:18.628] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:20:21.629] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25838 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_http.pcap.TCP_192-168-32-1_58000_192-168-32-40_80.1726196734.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_http.pcap.TCP_192-168-32-1_58000_192-168-32-40_80.1726196734.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T122021Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=50db714f741342b1be65eb8c4ae4e113dc585e40449ad88974944960d0f6638f"}
[2025-12-09 20:20:21.629] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:20:21.629] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:20:21.629] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:20:21.629] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:20:21.629] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:20:21.630] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:20:21.738] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID79_antsword_2.1.8.1_php_http.pcap.TCP_192-168-32-1_58000_192-168-32-40_80.1726196734.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311621737, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726196734772351, "etime": 1726196734772351, "src_ip": "192.168.32.1", "dest_ip": "192.168.32.40", "src_port": 58000, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:20:21.738] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:20:24.747] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24600 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62986.1727519643.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62986.1727519643.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T122024Z&X-Amz-Signature=b6c97275969af3db1fd6ee755f92452d8099bde6a3dfd6f02a8b28978eb657ff&X-Amz-SignedHeaders=host"}
[2025-12-09 20:20:24.747] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:20:24.747] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:20:24.747] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:20:24.747] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:20:24.747] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:20:24.748] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:20:24.858] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62986.1727519643.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311624858, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727519643045627, "etime": 1727519643045627, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 62986, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:20:24.858] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:20:27.863] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25839 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62121.1727518671.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62121.1727518671.jsonl?X-Amz-Signature=4b49f58ce339db3f2edd463d5dc37786285d8f5da091cdace601e199f1fa134d&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T122027Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:20:27.864] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:20:27.864] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:20:27.864] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:20:27.864] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:20:27.864] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:20:27.865] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:20:27.974] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62121.1727518671.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311627973, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727518671363171, "etime": 1727518671363171, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 62121, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:20:27.974] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:20:30.981] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25840 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_50946.1727436533.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_50946.1727436533.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=be148b592c159a5eb2de82fe7ff960dcd5a4a88ffa0a58b92e36cdf84afb9f33&X-Amz-Expires=604800&X-Amz-Date=20251209T122030Z"}
[2025-12-09 20:20:30.981] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:20:30.981] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:20:30.981] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:20:30.981] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:20:30.981] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:20:30.982] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:20:31.095] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_50946.1727436533.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311631094, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727436533173627, "etime": 1727436533173627, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 50946, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:20:31.095] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:20:34.103] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24601 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-137_22_192-168-126-139_51146.1726796463.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-137_22_192-168-126-139_51146.1726796463.jsonl?X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T122033Z&X-Amz-Signature=e4a6421fdb043eed239c470b9659855ec442c66ddb65099016f30bd790795acf&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:20:34.103] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:20:34.103] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:20:34.103] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:20:34.103] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:20:34.103] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:20:34.104] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:20:34.214] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-137_22_192-168-126-139_51146.1726796463.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311634214, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726796463705132, "etime": 1726796463705132, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.137", "src_port": 51146, "dest_port": 22, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:20:34.214] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:20:37.217] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24602 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-137_22_192-168-126-139_51804.1726814723.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-137_22_192-168-126-139_51804.1726814723.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T122036Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=448b6947b25bc835c35f90c2147b43046db0572e03592d32949815838a5f0ce8"}
[2025-12-09 20:20:37.217] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:20:37.217] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:20:37.217] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:20:37.217] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:20:37.217] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:20:37.218] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:20:37.330] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-137_22_192-168-126-139_51804.1726814723.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311637330, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726814723520596, "etime": 1726814723520596, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.137", "src_port": 51804, "dest_port": 22, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:20:37.330] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:20:40.332] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24175 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-137_22_192-168-126-139_51901.1726817548.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-137_22_192-168-126-139_51901.1726817548.jsonl?X-Amz-Expires=604800&X-Amz-Signature=4f0c97ce4ca3975075b6f539ff9151e4884568710bddd7a1f70b364159320dff&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T122039Z&X-Amz-SignedHeaders=host"}
[2025-12-09 20:20:40.332] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:20:40.332] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:20:40.332] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:20:40.332] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:20:40.332] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:20:40.333] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:20:40.446] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-137_22_192-168-126-139_51901.1726817548.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311640446, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726817548826889, "etime": 1726817548826889, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.137", "src_port": 51901, "dest_port": 22, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:20:40.446] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:20:43.452] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24176 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-137_22_192-168-126-139_51264.1726800660.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-137_22_192-168-126-139_51264.1726800660.jsonl?X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=ad5ba5dc93fb88c21035908809c2e45915f822a4fe44ea3e13904939fab16408&X-Amz-Date=20251209T122042Z"}
[2025-12-09 20:20:43.452] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:20:43.452] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:20:43.452] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:20:43.452] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:20:43.452] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:20:43.453] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:20:43.563] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-137_22_192-168-126-139_51264.1726800660.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311643562, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726800660429479, "etime": 1726800660429479, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.137", "src_port": 51264, "dest_port": 22, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:20:43.563] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:20:46.568] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24603 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_https.pcap.TCP_192-168-37-1_43405_192-168-37-136_8443.1727255896.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_https.pcap.TCP_192-168-37-1_43405_192-168-37-136_8443.1727255896.jsonl?X-Amz-Date=20251209T122045Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=e1f8de40caa3e513b7665a0fc5edaea2866a153d8934390e57b845d6c366cec2"}
[2025-12-09 20:20:46.569] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:20:46.569] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:20:46.569] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:20:46.569] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:20:46.569] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:20:46.570] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:20:46.682] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_https.pcap.TCP_192-168-37-1_43405_192-168-37-136_8443.1727255896.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311646682, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727255896596916, "etime": 1727255896596916, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 43405, "dest_port": 8443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:20:46.682] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:20:46.682] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:20:46.682] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:20:49.684] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24177 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-tls1.3.pcap.TCP_10-0-4-15_443_218-26-55-102_43325.1726308992.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-tls1.3.pcap.TCP_10-0-4-15_443_218-26-55-102_43325.1726308992.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=74a99eba8aec06e1d09fa4e3ebbd1a68caf6295f0b350ce0d58f8fe979526e39&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T122049Z&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:20:49.684] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:20:49.684] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:20:49.685] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:20:49.685] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:20:49.685] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:20:49.686] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:20:49.799] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-tls1.3.pcap.TCP_10-0-4-15_443_218-26-55-102_43325.1726308992.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311649799, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726308992317846, "etime": 1726308992317846, "src_ip": "218.26.55.102", "dest_ip": "10.0.4.15", "src_port": 43325, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:20:49.799] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:20:49.799] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:20:49.799] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:20:52.803] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25841 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_https.pcap.TCP_192-168-37-1_43404_192-168-37-136_8443.1727255892.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_https.pcap.TCP_192-168-37-1_43404_192-168-37-136_8443.1727255892.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=ad7ed8a362a4ec6efd0cd6353e882e43291d7863ac37484b0cd32a5a5fa693b4&X-Amz-Date=20251209T122052Z&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:20:52.803] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:20:52.803] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:20:52.803] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:20:52.803] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:20:52.804] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:20:52.804] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:20:52.915] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_https.pcap.TCP_192-168-37-1_43404_192-168-37-136_8443.1727255892.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311652914, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727255892775960, "etime": 1727255892775960, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 43404, "dest_port": 8443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:20:52.915] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:20:52.915] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:20:52.915] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:20:55.930] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24178 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_63545.1727520257.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_63545.1727520257.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=0afb9110cc06662bf9ee4369c94617991653fe561a5b65a6df96d545509fb07c&X-Amz-Date=20251209T122055Z"}
[2025-12-09 20:20:55.930] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:20:55.931] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:20:55.931] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:20:55.931] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:20:55.931] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:20:55.932] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:20:56.044] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_63545.1727520257.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311656044, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727520257279740, "etime": 1727520257279740, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 63545, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:20:56.044] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:20:56.044] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:20:56.044] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:20:59.044] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25842 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID71_Z_Godzilla_ekp1.1_jsp_linux-http.pcap.TCP_192-168-0-3_62462_192-168-0-202_8080.1726715909.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID71_Z_Godzilla_ekp1.1_jsp_linux-http.pcap.TCP_192-168-0-3_62462_192-168-0-202_8080.1726715909.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=8dc65fee531524a04f6785cb69a11f25e6ac1c27fe277ab64b0ec6e7ae4454e3&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T122058Z&X-Amz-Expires=604800"}
[2025-12-09 20:20:59.045] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:20:59.045] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:20:59.045] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:20:59.045] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:20:59.045] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:20:59.046] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:20:59.156] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID71_Z_Godzilla_ekp1.1_jsp_linux-http.pcap.TCP_192-168-0-3_62462_192-168-0-202_8080.1726715909.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311659155, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726715909865737, "etime": 1726715909865737, "src_ip": "192.168.0.3", "dest_ip": "192.168.0.202", "src_port": 62462, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:20:59.156] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:21:02.164] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24604 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_https.pcap.TCP_192-168-37-1_43406_192-168-37-136_8443.1727255901.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_https.pcap.TCP_192-168-37-1_43406_192-168-37-136_8443.1727255901.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=517a5bad591d88d19a22038bb3afc501616f1595a202dabb3dbfc764d248ccd3&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T122101Z"}
[2025-12-09 20:21:02.164] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:21:02.164] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:21:02.165] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:21:02.165] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:21:02.165] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:21:02.166] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:21:02.276] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_https.pcap.TCP_192-168-37-1_43406_192-168-37-136_8443.1727255901.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311662275, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727255901501127, "etime": 1727255901501127, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 43406, "dest_port": 8443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:21:02.276] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:21:02.276] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:21:02.276] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:21:05.283] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24179 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_50930.1727436517.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_50930.1727436517.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=438eacd78a4a7219dd1023133e0e4f1b9cd88efd8d19c1d610632db631e61b09&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T122104Z&X-Amz-SignedHeaders=host"}
[2025-12-09 20:21:05.283] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:21:05.283] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:21:05.283] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:21:05.283] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:21:05.283] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:21:05.284] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:21:05.394] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_50930.1727436517.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311665393, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727436517064545, "etime": 1727436517064545, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 50930, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:21:05.394] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:21:08.394] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24180 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_https.pcap.TCP_192-168-37-1_43403_192-168-37-136_8443.1727255889.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_https.pcap.TCP_192-168-37-1_43403_192-168-37-136_8443.1727255889.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=ef4c2686257d4b6b4c941340c32ce6ca8ddb61e9732750c3df3ac602becfd29c&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T122107Z"}
[2025-12-09 20:21:08.394] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:21:08.394] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:21:08.395] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:21:08.395] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:21:08.395] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:21:08.395] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:21:08.505] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_https.pcap.TCP_192-168-37-1_43403_192-168-37-136_8443.1727255889.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311668504, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727255889353821, "etime": 1727255889353821, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 43403, "dest_port": 8443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:21:08.505] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:21:08.505] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:21:08.505] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:21:11.514] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24605 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62106.1727518658.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62106.1727518658.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=ce52bd324361a0413f0d5664e7ed612bad0b11d016c06e14e24b38aa51142f4e&X-Amz-Date=20251209T122111Z"}
[2025-12-09 20:21:11.514] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:21:11.514] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:21:11.514] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:21:11.514] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:21:11.514] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:21:11.515] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:21:11.626] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62106.1727518658.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311671626, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727518658614789, "etime": 1727518658614789, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 62106, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:21:11.627] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:21:14.626] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25843 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_https.pcap.TCP_192-168-37-1_43401_192-168-37-136_8443.1727255881.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_https.pcap.TCP_192-168-37-1_43401_192-168-37-136_8443.1727255881.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=ff2adacec3503c6927b2faced700b8bdd4c766833556f57b886a6b0ff88459e6&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T122114Z"}
[2025-12-09 20:21:14.626] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:21:14.626] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:21:14.626] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:21:14.626] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:21:14.626] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:21:14.627] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:21:14.732] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_https.pcap.TCP_192-168-37-1_43401_192-168-37-136_8443.1727255881.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311674731, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727255881500869, "etime": 1727255881500869, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 43401, "dest_port": 8443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:21:14.732] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:21:14.732] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:21:14.732] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:21:17.751] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24606 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62972.1727519631.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62972.1727519631.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T122117Z&X-Amz-Signature=c4a6ced53e27fd9a683e3ae4b693fb3fffdc6e62304243516a9f3290da280ecc"}
[2025-12-09 20:21:17.751] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:21:17.751] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:21:17.751] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:21:17.751] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:21:17.751] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:21:17.752] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:21:17.867] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62972.1727519631.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311677866, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727519631027401, "etime": 1727519631027401, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 62972, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:21:17.867] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:21:20.857] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25844 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62969.1727519628.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62969.1727519628.jsonl?X-Amz-Expires=604800&X-Amz-Date=20251209T122120Z&X-Amz-Signature=419ce18ff4adeb7a5036db2f43381c4f35e32883514e85bd358fdf75e9b459f9&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:21:20.857] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:21:20.858] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:21:20.858] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:21:20.858] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:21:20.858] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:21:20.859] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:21:20.968] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62969.1727519628.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311680967, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727519628526946, "etime": 1727519628526946, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 62969, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:21:20.968] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:21:23.976] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25845 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62102.1727518653.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62102.1727518653.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=88f1c3c2199c04bacba302f2436cdbae5eb7dae906974b9fc5146afa63f335f1&X-Amz-Date=20251209T122123Z"}
[2025-12-09 20:21:23.976] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:21:23.976] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:21:23.976] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:21:23.976] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:21:23.977] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:21:23.977] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:21:24.088] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62102.1727518653.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311684087, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727518653901400, "etime": 1727518653901400, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 62102, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:21:24.088] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:21:27.095] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24181 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID60_behinderv4.1_aspx_winserver2012r2-tls1.3_1.pcap.TCP_10-0-4-15_443_218-26-55-102_43318.1726308782.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID60_behinderv4.1_aspx_winserver2012r2-tls1.3_1.pcap.TCP_10-0-4-15_443_218-26-55-102_43318.1726308782.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T122126Z&X-Amz-Signature=1652c0fdd33ce2fa0258956f8fc3f23b86df78b4de6b8450bdd592f2fcee2702"}
[2025-12-09 20:21:27.095] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:21:27.095] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:21:27.096] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:21:27.096] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:21:27.096] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:21:27.097] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:21:27.208] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID60_behinderv4.1_aspx_winserver2012r2-tls1.3_1.pcap.TCP_10-0-4-15_443_218-26-55-102_43318.1726308782.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311687207, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726308782934894, "etime": 1726308782934894, "src_ip": "218.26.55.102", "dest_ip": "10.0.4.15", "src_port": 43318, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:21:27.208] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:21:30.201] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24607 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_50926.1727436513.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_50926.1727436513.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T122129Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=d7663ec1182bd6fe5268adaffa0b22c715637083b75377b2f22c3efc7fc78974&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:21:30.201] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:21:30.201] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:21:30.201] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:21:30.201] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:21:30.201] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:21:30.202] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:21:30.300] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_50926.1727436513.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311690300, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727436513735489, "etime": 1727436513735489, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 50926, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:21:30.300] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:21:33.312] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24182 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_61701.1727518203.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_61701.1727518203.jsonl?X-Amz-Signature=975686ce271d0fe7b28b5f7cc4370ac513f0eda0f66f4177f42ae7e824e1f2d0&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T122132Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:21:33.312] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:21:33.312] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:21:33.312] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:21:33.312] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:21:33.312] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:21:33.313] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:21:33.423] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_61701.1727518203.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311693422, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727518203714139, "etime": 1727518203714139, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 61701, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:21:33.423] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:21:36.425] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25846 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-tls1.3.pcap.TCP_10-0-4-15_443_218-26-55-102_43322.1726308954.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-tls1.3.pcap.TCP_10-0-4-15_443_218-26-55-102_43322.1726308954.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=aeadcc886b5fc808838b5a964a6d3dfe5150643d503f927ec0272e948c2008cd&X-Amz-Date=20251209T122135Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 20:21:36.425] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:21:36.425] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:21:36.425] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:21:36.425] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:21:36.425] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:21:36.426] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:21:36.539] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-tls1.3.pcap.TCP_10-0-4-15_443_218-26-55-102_43322.1726308954.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311696539, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726308954717737, "etime": 1726308954717737, "src_ip": "218.26.55.102", "dest_ip": "10.0.4.15", "src_port": 43322, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:21:36.539] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:21:39.544] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24183 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_63363.1727520066.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_63363.1727520066.jsonl?X-Amz-Signature=49d39c84c509fafaa34daef68635e55816eca4bb64e69468114cf2ea9eafcdf5&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Date=20251209T122139Z"}
[2025-12-09 20:21:39.545] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:21:39.545] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:21:39.545] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:21:39.545] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:21:39.545] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:21:39.546] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:21:39.657] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_63363.1727520066.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311699657, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727520066601887, "etime": 1727520066601887, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 63363, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:21:39.657] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:21:42.660] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24184 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_50577.1727436132.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_50577.1727436132.jsonl?X-Amz-Date=20251209T122142Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=93558f473eac0eb777fbe21d05e4384edd75348ee463240dca17a92308c726fd&X-Amz-Expires=604800"}
[2025-12-09 20:21:42.660] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:21:42.660] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:21:42.661] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:21:42.661] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:21:42.661] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:21:42.662] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:21:42.771] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_50577.1727436132.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311702771, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727436132979219, "etime": 1727436132979219, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 50577, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:21:42.771] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:21:45.775] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24185 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62983.1727519640.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62983.1727519640.jsonl?X-Amz-Signature=5d60a62f8ce1152901b18407825ea9e2a37a96a27a4587fc2ccf17da0538c259&X-Amz-Date=20251209T122145Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:21:45.776] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:21:45.776] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:21:45.776] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:21:45.776] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:21:45.776] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:21:45.777] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:21:45.887] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62983.1727519640.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311705886, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727519640388395, "etime": 1727519640388395, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 62983, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:21:45.887] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:21:45.887] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:21:45.887] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:21:48.894] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24608 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_62820.1727519469.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_62820.1727519469.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T122148Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=f6b69b50c1840ccd6bca6c3635b00535cf0a6ae3c892905b50c0c504f9769a5b"}
[2025-12-09 20:21:48.894] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:21:48.894] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:21:48.894] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:21:48.894] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:21:48.894] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:21:48.895] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:21:49.005] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_62820.1727519469.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311709005, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727519469900594, "etime": 1727519469900594, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 62820, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:21:49.005] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:21:52.007] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25847 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_http.pcap.TCP_192-168-37-1_43087_192-168-37-136_8080.1727255555.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_http.pcap.TCP_192-168-37-1_43087_192-168-37-136_8080.1727255555.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T122151Z&X-Amz-Signature=bd077afffe6f5feeb3d7e7b24ec10c5a3a5baf99c30eddd193bedfe18af09ad9&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:21:52.008] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:21:52.008] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:21:52.008] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:21:52.008] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:21:52.008] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:21:52.009] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:21:52.121] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_http.pcap.TCP_192-168-37-1_43087_192-168-37-136_8080.1727255555.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311712121, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727255555653239, "etime": 1727255555653239, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 43087, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:21:52.121] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:21:55.114] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24186 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62117.1727518668.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62117.1727518668.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=c4d7d1dc6c21c102e42c1b61e13ae3f9117589dbeb2f7ebc64db6ca110da75d1&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T122154Z"}
[2025-12-09 20:21:55.114] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:21:55.114] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:21:55.114] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:21:55.114] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:21:55.114] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:21:55.115] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:21:55.228] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62117.1727518668.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311715228, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727518668398428, "etime": 1727518668398428, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 62117, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:21:55.228] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:21:58.218] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25848 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_50943.1727436530.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_50943.1727436530.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T122157Z&X-Amz-SignedHeaders=host&X-Amz-Signature=9dd8d11ed297dffbbb885504af6ecd4b0e713db4fadf7794e5b400cc13cef866&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:21:58.218] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:21:58.218] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:21:58.218] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:21:58.218] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:21:58.218] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:21:58.219] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:21:58.332] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_50943.1727436530.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311718331, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727436530014283, "etime": 1727436530014283, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 50943, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:21:58.332] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:22:01.339] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24609 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-https.pcap.TCP_10-0-4-15_4433_111-53-218-171_11104.1726283958.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-https.pcap.TCP_10-0-4-15_4433_111-53-218-171_11104.1726283958.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T122200Z&X-Amz-SignedHeaders=host&X-Amz-Signature=6d934fcec05234a242e826d9cd2dc86821fac87902483913ae2e8111ac9d0458&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:22:01.339] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:22:01.339] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:22:01.340] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:22:01.340] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:22:01.340] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:22:01.341] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:22:01.452] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-https.pcap.TCP_10-0-4-15_4433_111-53-218-171_11104.1726283958.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311721451, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726283958068160, "etime": 1726283958068160, "src_ip": "111.53.218.171", "dest_ip": "10.0.4.15", "src_port": 11104, "dest_port": 4433, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:22:01.452] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:22:01.452] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:22:01.452] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:22:04.447] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25849 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_https-1.pcap.TCP_192-168-163-21_41527_192-168-163-23_443.1726205287.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_https-1.pcap.TCP_192-168-163-21_41527_192-168-163-23_443.1726205287.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=e0c01f794036ab29f83684b95e0fb9faf2281733253586a82c701b256cc67160&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T122203Z"}
[2025-12-09 20:22:04.447] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:22:04.447] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:22:04.447] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:22:04.447] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:22:04.447] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:22:04.448] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:22:04.555] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_https-1.pcap.TCP_192-168-163-21_41527_192-168-163-23_443.1726205287.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311724554, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726205287191196, "etime": 1726205287191196, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 41527, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:22:04.555] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:22:07.570] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25850 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_63525.1727520238.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_63525.1727520238.jsonl?X-Amz-Date=20251209T122207Z&X-Amz-Signature=9d18221305b64fabbffe2e5a2a3264df402fb275d4a58292219d973797777314&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 20:22:07.570] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:22:07.570] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:22:07.570] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:22:07.570] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:22:07.570] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:22:07.571] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:22:07.680] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_63525.1727520238.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311727680, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727520238937790, "etime": 1727520238937790, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 63525, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:22:07.680] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:22:10.690] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25851 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62968.1727519627.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62968.1727519627.jsonl?X-Amz-Signature=f500b36eb836b037dc4b9456a6563ce97cd2744a89163eef20ad5423ed638416&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T122210Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:22:10.690] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:22:10.690] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:22:10.690] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:22:10.690] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:22:10.690] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:22:10.691] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:22:10.802] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62968.1727519627.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311730801, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727519627533582, "etime": 1727519627533582, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 62968, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:22:10.802] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:22:13.812] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24610 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_50920.1727436507.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_50920.1727436507.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T122213Z&X-Amz-Signature=294e9cebbb9fc71965f3c661d9cb03de5f43c6da4aa42f367ad3128246eb7143&X-Amz-Expires=604800"}
[2025-12-09 20:22:13.812] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:22:13.812] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:22:13.812] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:22:13.812] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:22:13.812] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:22:13.813] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:22:13.925] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_50920.1727436507.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311733924, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727436507101811, "etime": 1727436507101811, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 50920, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:22:13.925] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:22:16.923] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25852 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62099.1727518652.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62099.1727518652.jsonl?X-Amz-Signature=f698e5fac9bb452a46ac8e25a4f26231a7d6e778f10133c29aa24971a95cc853&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T122216Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:22:16.923] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:22:16.923] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:22:16.923] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:22:16.923] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:22:16.923] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:22:16.924] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:22:17.034] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_62099.1727518652.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311737033, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727518652362099, "etime": 1727518652362099, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 62099, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:22:17.034] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:22:20.044] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24611 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_https-1.pcap.TCP_192-168-163-21_41851_192-168-163-23_443.1726206852.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_https-1.pcap.TCP_192-168-163-21_41851_192-168-163-23_443.1726206852.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=ce74d4d6d0efc8ac7a7d2c5e4b788e763cfd81f6a998113fdd5ce1c5aaa57d05&X-Amz-Date=20251209T122219Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 20:22:20.044] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:22:20.044] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:22:20.044] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:22:20.044] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:22:20.044] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:22:20.045] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:22:20.155] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_https-1.pcap.TCP_192-168-163-21_41851_192-168-163-23_443.1726206852.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311740155, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726206852448153, "etime": 1726206852448153, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 41851, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:22:20.155] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:22:23.162] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24187 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40759_192-168-37-136_8443.1727405709.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40759_192-168-37-136_8443.1727405709.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=44839d5ebc0a2840dca170ac67c566082e4f38991057e9e33c0f1823f2d425ed&X-Amz-Date=20251209T122222Z"}
[2025-12-09 20:22:23.162] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:22:23.162] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:22:23.162] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:22:23.162] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:22:23.162] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:22:23.163] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:22:23.272] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40759_192-168-37-136_8443.1727405709.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311743272, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727405709356334, "etime": 1727405709356334, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 40759, "dest_port": 8443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:22:23.272] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:22:23.272] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:22:23.272] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:22:26.286] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24612 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-https.pcap.TCP_10-0-4-15_4433_111-53-218-171_11105.1726283996.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-https.pcap.TCP_10-0-4-15_4433_111-53-218-171_11105.1726283996.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T122225Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=4588c264e09d3b7c2070dd8d9d77fe510b977dbceb22a51272eb960fa360cb43"}
[2025-12-09 20:22:26.286] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:22:26.286] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:22:26.286] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:22:26.286] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:22:26.286] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:22:26.287] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:22:26.396] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-https.pcap.TCP_10-0-4-15_4433_111-53-218-171_11105.1726283996.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311746396, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726283996892289, "etime": 1726283996892289, "src_ip": "111.53.218.171", "dest_ip": "10.0.4.15", "src_port": 11105, "dest_port": 4433, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:22:26.396] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:22:26.396] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:22:26.396] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:22:29.389] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25853 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40638_192-168-37-136_8443.1727405654.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40638_192-168-37-136_8443.1727405654.jsonl?X-Amz-Signature=f728f80b0ce17667d0aefda62dd8feb3026341863269cea534e2f4809c26c593&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T122228Z&X-Amz-SignedHeaders=host"}
[2025-12-09 20:22:29.390] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:22:29.390] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:22:29.390] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:22:29.390] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:22:29.390] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:22:29.391] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:22:29.491] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40638_192-168-37-136_8443.1727405654.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311749490, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727405654601098, "etime": 1727405654601098, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 40638, "dest_port": 8443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:22:29.491] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:22:29.491] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:22:29.491] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:22:32.492] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25854 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_http.pcap.TCP_192-168-37-1_43069_192-168-37-136_8080.1727255551.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_http.pcap.TCP_192-168-37-1_43069_192-168-37-136_8080.1727255551.jsonl?X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=8d29f31015890745e620f9578d8c023fd6774a98d0260f58b11a952af753decf&X-Amz-Date=20251209T122232Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:22:32.492] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:22:32.492] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:22:32.492] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:22:32.492] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:22:32.492] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:22:32.493] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:22:32.609] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_http.pcap.TCP_192-168-37-1_43069_192-168-37-136_8080.1727255551.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311752608, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727255551654359, "etime": 1727255551654359, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 43069, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:22:32.609] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:22:35.594] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24188 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_http.pcap.TCP_192-168-37-1_43064_192-168-37-136_8080.1727255542.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_http.pcap.TCP_192-168-37-1_43064_192-168-37-136_8080.1727255542.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=a0b62296116507012a9d84433072631bbc4b98444ac5f2c5d9ca40310afb6290&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T122235Z"}
[2025-12-09 20:22:35.594] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:22:35.594] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:22:35.595] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:22:35.595] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:22:35.595] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:22:35.596] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:22:35.708] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_http.pcap.TCP_192-168-37-1_43064_192-168-37-136_8080.1727255542.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311755707, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727255542751069, "etime": 1727255542751069, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 43064, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:22:35.708] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:22:38.705] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25855 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_http.pcap.TCP_192-168-37-1_43068_192-168-37-136_8080.1727255548.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_http.pcap.TCP_192-168-37-1_43068_192-168-37-136_8080.1727255548.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T122238Z&X-Amz-Expires=604800&X-Amz-Signature=4b3e826582dff8604501b9bd24d623e11d7f197f3ab8c3dfbee2eb49e5850121&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host"}
[2025-12-09 20:22:38.706] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:22:38.706] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:22:38.706] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:22:38.706] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:22:38.706] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:22:38.707] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:22:38.814] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_http.pcap.TCP_192-168-37-1_43068_192-168-37-136_8080.1727255548.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311758814, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727255548956706, "etime": 1727255548956706, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 43068, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:22:38.814] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:22:41.807] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24613 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_http.pcap.TCP_192-168-37-1_43067_192-168-37-136_8080.1727255545.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_http.pcap.TCP_192-168-37-1_43067_192-168-37-136_8080.1727255545.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=7eba6fcc62b54a8c2ffd83d566f1bd3bd0f9977fa436df0203dcc7450352185b&X-Amz-Date=20251209T122241Z"}
[2025-12-09 20:22:41.807] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:22:41.807] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:22:41.807] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:22:41.807] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:22:41.807] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:22:41.808] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:22:41.913] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_http.pcap.TCP_192-168-37-1_43067_192-168-37-136_8080.1727255545.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311761912, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727255545887926, "etime": 1727255545887926, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 43067, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:22:41.913] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:22:44.919] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24189 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_http.pcap.TCP_192-168-37-1_43062_192-168-37-136_8080.1727255540.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_http.pcap.TCP_192-168-37-1_43062_192-168-37-136_8080.1727255540.jsonl?X-Amz-Signature=2497fb104358bfab5820ea3d77e86d48bf5d1551e976541776a89f370940eb1d&X-Amz-Date=20251209T122244Z&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host"}
[2025-12-09 20:22:44.919] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:22:44.919] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:22:44.919] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:22:44.919] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:22:44.919] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:22:44.920] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:22:45.031] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_http.pcap.TCP_192-168-37-1_43062_192-168-37-136_8080.1727255540.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311765031, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727255540412612, "etime": 1727255540412612, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 43062, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:22:45.031] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:22:48.037] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25856 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_https.pcap.TCP_172-28-208-1_62923_172-28-211-96_8443.1726646667.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_https.pcap.TCP_172-28-208-1_62923_172-28-211-96_8443.1726646667.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T122247Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=a739a5850e850ebc4b217e69621619d72a92c7ac4bf680390f42b0718667873d&X-Amz-SignedHeaders=host"}
[2025-12-09 20:22:48.037] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:22:48.037] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:22:48.037] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:22:48.037] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:22:48.037] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:22:48.038] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:22:48.149] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_https.pcap.TCP_172-28-208-1_62923_172-28-211-96_8443.1726646667.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311768148, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726646667772350, "etime": 1726646667772350, "src_ip": "172.28.208.1", "dest_ip": "172.28.211.96", "src_port": 62923, "dest_port": 8443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:22:48.149] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:22:51.151] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25857 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_https.pcap.TCP_172-28-208-1_62948_172-28-211-96_8443.1726646799.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_https.pcap.TCP_172-28-208-1_62948_172-28-211-96_8443.1726646799.jsonl?X-Amz-Signature=ac7f9771ce04a43a28e7c94edea6ba6492d7fba63aaed08f5344d28076523391&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T122250Z&X-Amz-Expires=604800"}
[2025-12-09 20:22:51.151] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:22:51.152] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:22:51.152] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:22:51.152] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:22:51.152] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:22:51.153] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:22:51.253] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_https.pcap.TCP_172-28-208-1_62948_172-28-211-96_8443.1726646799.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311771252, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726646799959259, "etime": 1726646799959259, "src_ip": "172.28.208.1", "dest_ip": "172.28.211.96", "src_port": 62948, "dest_port": 8443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:22:51.253] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:22:54.265] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24614 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_https.pcap.TCP_192-168-37-1_43393_192-168-37-136_8443.1727255879.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_https.pcap.TCP_192-168-37-1_43393_192-168-37-136_8443.1727255879.jsonl?X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=287bdf5292554a961a2c5ea938fb037009add473aa11aeba928047fe30777060&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T122253Z"}
[2025-12-09 20:22:54.265] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:22:54.265] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:22:54.265] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:22:54.265] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:22:54.265] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:22:54.266] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:22:54.376] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_https.pcap.TCP_192-168-37-1_43393_192-168-37-136_8443.1727255879.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311774376, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727255879068856, "etime": 1727255879068856, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 43393, "dest_port": 8443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:22:54.376] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:22:54.376] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:22:54.376] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:22:57.369] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24615 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-https.pcap.TCP_10-0-4-15_4433_111-53-218-171_11103.1726283937.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-https.pcap.TCP_10-0-4-15_4433_111-53-218-171_11103.1726283937.jsonl?X-Amz-Date=20251209T122256Z&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=af3c30213310666affe9bf1078e335c9f7bfc7515ffd57c7dd78d259462def59&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 20:22:57.369] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:22:57.369] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:22:57.369] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:22:57.369] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:22:57.369] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:22:57.370] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:22:57.471] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-https.pcap.TCP_10-0-4-15_4433_111-53-218-171_11103.1726283937.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311777470, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726283937692307, "etime": 1726283937692307, "src_ip": "111.53.218.171", "dest_ip": "10.0.4.15", "src_port": 11103, "dest_port": 4433, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:22:57.471] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:22:57.471] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:22:57.471] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:23:00.489] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24190 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID76_godzilla_4.01_aspx_windowsserver2008r2.pcap.TCP_192-168-17-1_36032_192-168-17-132_443.1726129392.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID76_godzilla_4.01_aspx_windowsserver2008r2.pcap.TCP_192-168-17-1_36032_192-168-17-132_443.1726129392.jsonl?X-Amz-Signature=8c4fb09b710ba1e761a261e9b2bd1c14711f0d3151673d5c0963c2194cab26eb&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T122300Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:23:00.489] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:23:00.489] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:23:00.489] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:23:00.489] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:23:00.489] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:23:00.490] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:23:00.596] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID76_godzilla_4.01_aspx_windowsserver2008r2.pcap.TCP_192-168-17-1_36032_192-168-17-132_443.1726129392.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311780595, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726129392239068, "etime": 1726129392239068, "src_ip": "192.168.17.1", "dest_ip": "192.168.17.132", "src_port": 36032, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:23:00.596] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:23:03.608] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24616 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40754_192-168-37-136_8443.1727405702.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40754_192-168-37-136_8443.1727405702.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T122303Z&X-Amz-Expires=604800&X-Amz-Signature=d99f95742f6e65cb8ea002a2f387d5eb70b652957d88509aa7a5ed0a5ddcabd0&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host"}
[2025-12-09 20:23:03.608] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:23:03.608] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:23:03.608] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:23:03.608] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:23:03.608] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:23:03.609] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:23:03.711] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40754_192-168-37-136_8443.1727405702.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311783711, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727405702934112, "etime": 1727405702934112, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 40754, "dest_port": 8443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:23:03.711] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:23:03.711] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:23:03.711] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:23:06.722] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25858 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_https.pcap.TCP_192-168-37-1_43400_192-168-37-136_8443.1727255881.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_https.pcap.TCP_192-168-37-1_43400_192-168-37-136_8443.1727255881.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=7b21ce7fe7219aa6b7c4bb092e28ea73be3ca5ec0b06f100c83ee45c79fed156&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T122306Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:23:06.722] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:23:06.722] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:23:06.722] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:23:06.722] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:23:06.722] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:23:06.723] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:23:06.819] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_https.pcap.TCP_192-168-37-1_43400_192-168-37-136_8443.1727255881.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311786819, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727255881398747, "etime": 1727255881398747, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 43400, "dest_port": 8443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:23:06.819] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:23:06.819] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:23:06.819] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:23:09.843] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25859 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_https.pcap.TCP_192-168-37-1_43402_192-168-37-136_8443.1727255889.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_https.pcap.TCP_192-168-37-1_43402_192-168-37-136_8443.1727255889.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=3ba72a8737ff93d2c282f093619728aa6695fc1f17b850dd2195670ffd7e305b&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T122309Z"}
[2025-12-09 20:23:09.843] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:23:09.843] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:23:09.844] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:23:09.844] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:23:09.844] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:23:09.845] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:23:09.959] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_https.pcap.TCP_192-168-37-1_43402_192-168-37-136_8443.1727255889.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311789959, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727255889222715, "etime": 1727255889222715, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 43402, "dest_port": 8443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:23:09.959] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:23:09.959] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:23:09.959] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:23:12.961] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25860 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40732_192-168-37-136_8443.1727405688.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40732_192-168-37-136_8443.1727405688.jsonl?X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=c4e93d6a663c391109b71494483e351ed7317745d47b912e01de173b5d67a97a&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T122312Z"}
[2025-12-09 20:23:12.961] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:23:12.961] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:23:12.962] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:23:12.962] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:23:12.962] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:23:12.963] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:23:13.071] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40732_192-168-37-136_8443.1727405688.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311793071, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727405688501612, "etime": 1727405688501612, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 40732, "dest_port": 8443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:23:13.072] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:23:13.072] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:23:13.072] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:23:16.068] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24191 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40747_192-168-37-136_8443.1727405701.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40747_192-168-37-136_8443.1727405701.jsonl?X-Amz-Signature=113cbe0f275b6c34adc2168bb47f46317913c5ea7e5daeb57d7964f75f20c1e3&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Date=20251209T122315Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 20:23:16.068] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:23:16.068] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:23:16.068] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:23:16.068] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:23:16.068] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:23:16.069] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:23:16.166] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40747_192-168-37-136_8443.1727405701.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311796166, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727405701612895, "etime": 1727405701612895, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 40747, "dest_port": 8443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:23:16.166] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:23:16.166] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:23:16.166] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:23:19.185] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24617 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_https.pcap.TCP_172-28-208-1_62962_172-28-211-96_8443.1726646945.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_https.pcap.TCP_172-28-208-1_62962_172-28-211-96_8443.1726646945.jsonl?X-Amz-Date=20251209T122318Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=b6d4bda50dfffbe4adf454f7cc382f3486f211cc2a6a876cf9e069a4d0feb652&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:23:19.186] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:23:19.186] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:23:19.186] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:23:19.186] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:23:19.186] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:23:19.187] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:23:19.300] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_https.pcap.TCP_172-28-208-1_62962_172-28-211-96_8443.1726646945.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311799300, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726646945446147, "etime": 1726646945446147, "src_ip": "172.28.208.1", "dest_ip": "172.28.211.96", "src_port": 62962, "dest_port": 8443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:23:19.300] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:23:22.296] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24192 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40756_192-168-37-136_8443.1727405704.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40756_192-168-37-136_8443.1727405704.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=8dc0b1f01b75c1c488ee7a1d316cd4a64ab3a7de30b68ae649100d4df3f80aea&X-Amz-Date=20251209T122321Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:23:22.296] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:23:22.296] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:23:22.296] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:23:22.296] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:23:22.296] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:23:22.297] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:23:22.402] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40756_192-168-37-136_8443.1727405704.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311802402, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727405704483359, "etime": 1727405704483359, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 40756, "dest_port": 8443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:23:22.402] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:23:22.402] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:23:22.402] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:23:25.412] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25861 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40633_192-168-37-136_8443.1727405643.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40633_192-168-37-136_8443.1727405643.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T122324Z&X-Amz-Signature=e7785f4bf65c1e1c7e62b0caf909845dad04ea56d847b525951f0c2b09efc04e&X-Amz-Expires=604800"}
[2025-12-09 20:23:25.412] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:23:25.412] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:23:25.413] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:23:25.413] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:23:25.413] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:23:25.414] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:23:25.526] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40633_192-168-37-136_8443.1727405643.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311805526, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727405643016396, "etime": 1727405643016396, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 40633, "dest_port": 8443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:23:25.526] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:23:25.526] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:23:25.526] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:23:28.536] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25862 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50447.1727159684.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50447.1727159684.jsonl?X-Amz-Signature=41743c0c8d0f03bd5c04bb219f6da00f672776c574e411caff5683c37f619819&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T122328Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:23:28.536] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:23:28.536] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:23:28.537] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:23:28.537] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:23:28.537] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:23:28.538] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:23:28.649] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.pcap.TCP_192-168-32-41_9443_192-168-32-46_50447.1727159684.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311808648, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727159684785795, "etime": 1727159684785795, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50447, "dest_port": 9443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:23:28.649] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:23:28.649] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:23:28.649] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:23:31.654] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24618 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40634_192-168-37-136_8443.1727405644.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40634_192-168-37-136_8443.1727405644.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T122331Z&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=1c6db2c615d02f9f494d471bf6957e252377c2c2c159539c95d1d45ff25c4779"}
[2025-12-09 20:23:31.654] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:23:31.654] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:23:31.654] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:23:31.654] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:23:31.654] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:23:31.655] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:23:31.763] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40634_192-168-37-136_8443.1727405644.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311811762, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727405644825860, "etime": 1727405644825860, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 40634, "dest_port": 8443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:23:31.763] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:23:31.763] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:23:31.763] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:23:34.773] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25863 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40632_192-168-37-136_8443.1727405641.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40632_192-168-37-136_8443.1727405641.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T122334Z&X-Amz-SignedHeaders=host&X-Amz-Signature=9bdcba8170453c1caf2dc06203fc07dbd6b2cfb92eeebe6fb96857e76264b5b2"}
[2025-12-09 20:23:34.773] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:23:34.773] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:23:34.773] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:23:34.773] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:23:34.773] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:23:34.774] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:23:34.883] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40632_192-168-37-136_8443.1727405641.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311814882, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727405641339056, "etime": 1727405641339056, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 40632, "dest_port": 8443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:23:34.883] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:23:34.883] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:23:34.883] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:23:37.886] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24619 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40636_192-168-37-136_8443.1727405649.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40636_192-168-37-136_8443.1727405649.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=35b44815c4458dc4ceb00c451f2a51cbecffc2317356b86135c97bd2769b9ba9&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T122337Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:23:37.886] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:23:37.886] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:23:37.887] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:23:37.887] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:23:37.887] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:23:37.888] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:23:37.997] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40636_192-168-37-136_8443.1727405649.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311817997, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727405649883214, "etime": 1727405649883214, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 40636, "dest_port": 8443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:23:37.997] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:23:37.997] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:23:37.997] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:23:40.997] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25864 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_http.pcap.TCP_172-28-208-1_62615_172-28-211-96_8080.1726644178.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_http.pcap.TCP_172-28-208-1_62615_172-28-211-96_8080.1726644178.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=69597894e17c85ee0311df4eef2d5b1e003156314639da53e5aabba0a14a85b1&X-Amz-Date=20251209T122340Z"}
[2025-12-09 20:23:40.997] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:23:40.997] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:23:40.997] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:23:40.997] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:23:40.997] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:23:40.998] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:23:41.104] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_http.pcap.TCP_172-28-208-1_62615_172-28-211-96_8080.1726644178.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311821103, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726644178661885, "etime": 1726644178661885, "src_ip": "172.28.208.1", "dest_ip": "172.28.211.96", "src_port": 62615, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:23:41.104] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:23:44.118] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24620 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_http.pcap.TCP_172-28-208-1_62612_172-28-211-96_8080.1726644151.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_http.pcap.TCP_172-28-208-1_62612_172-28-211-96_8080.1726644151.jsonl?X-Amz-Date=20251209T122343Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=eeeaf38b918bf7a003991d4048fdb9d0775eeb359358b17a3937a18a3524e7c5&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:23:44.118] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:23:44.118] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:23:44.118] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:23:44.118] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:23:44.118] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:23:44.119] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:23:44.228] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_http.pcap.TCP_172-28-208-1_62612_172-28-211-96_8080.1726644151.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311824228, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726644151833556, "etime": 1726644151833556, "src_ip": "172.28.208.1", "dest_ip": "172.28.211.96", "src_port": 62612, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:23:44.228] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:23:47.230] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24193 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_http.pcap.TCP_172-28-208-1_62633_172-28-211-96_8080.1726644320.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_http.pcap.TCP_172-28-208-1_62633_172-28-211-96_8080.1726644320.jsonl?X-Amz-Date=20251209T122346Z&X-Amz-Signature=61bb98067c3fab9f6e806f95a91d8e204f16ad663b7d41a58b1ec4bbde7ffeda&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:23:47.230] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:23:47.230] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:23:47.230] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:23:47.230] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:23:47.230] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:23:47.231] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:23:47.344] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_http.pcap.TCP_172-28-208-1_62633_172-28-211-96_8080.1726644320.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311827344, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726644320237168, "etime": 1726644320237168, "src_ip": "172.28.208.1", "dest_ip": "172.28.211.96", "src_port": 62633, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:23:47.345] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:23:50.335] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24621 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https.pcap.TCP_192-168-112-1_55620_192-168-112-135_443.1727254933.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https.pcap.TCP_192-168-112-1_55620_192-168-112-135_443.1727254933.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=be40c498005b78bca3acb036eaf59a1a6fda1cbc8cf0201852d0e66e75a36adf&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T122349Z"}
[2025-12-09 20:23:50.335] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:23:50.335] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:23:50.336] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:23:50.336] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:23:50.336] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:23:50.337] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:23:50.441] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https.pcap.TCP_192-168-112-1_55620_192-168-112-135_443.1727254933.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311830441, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727254933580721, "etime": 1727254933580721, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 55620, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:23:50.441] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:23:50.441] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:23:50.441] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:23:53.447] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25865 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_63532.1727520246.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_63532.1727520246.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=b51712e6487d75013e52015319e32e2b6799f0f27d63068a9a1df76157e8a0dc&X-Amz-Date=20251209T122352Z&X-Amz-Expires=604800"}
[2025-12-09 20:23:53.448] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:23:53.448] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:23:53.448] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:23:53.448] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:23:53.448] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:23:53.449] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:23:53.560] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_63532.1727520246.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311833559, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727520246114102, "etime": 1727520246114102, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 63532, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:23:53.560] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:23:53.560] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:23:53.560] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:23:56.552] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24622 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_63530.1727520244.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_63530.1727520244.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=b478fc37e882b425bc564f58d13bc3e67559b3bc6862119b917505b1c36d7473&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Date=20251209T122356Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:23:56.552] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:23:56.552] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:23:56.552] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:23:56.552] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:23:56.552] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:23:56.553] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:23:56.664] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_63530.1727520244.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311836663, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727520244299975, "etime": 1727520244299975, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 63530, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:23:56.664] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:23:56.664] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:23:56.664] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:23:59.663] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24623 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_http.pcap.TCP_172-28-208-1_62638_172-28-211-96_8080.1726644371.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_http.pcap.TCP_172-28-208-1_62638_172-28-211-96_8080.1726644371.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T122359Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=2383fd805ecc0bba9f2231909ff7837eb7795a753bfd12e3a126a017cf5de572"}
[2025-12-09 20:23:59.663] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:23:59.663] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:23:59.663] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:23:59.663] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:23:59.663] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:23:59.664] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:23:59.765] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID56_behinderv4.0.7_jsp_win10_http.pcap.TCP_172-28-208-1_62638_172-28-211-96_8080.1726644371.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311839764, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726644371257948, "etime": 1726644371257948, "src_ip": "172.28.208.1", "dest_ip": "172.28.211.96", "src_port": 62638, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:23:59.765] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:24:02.782] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24194 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40630_192-168-37-136_8443.1727405639.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40630_192-168-37-136_8443.1727405639.jsonl?X-Amz-Expires=604800&X-Amz-Signature=20f302f6e52fcdc201bb4b383444264fc60ec4e68fefe1b1795b064d4d691150&X-Amz-Date=20251209T122402Z&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:24:02.782] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:24:02.782] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:24:02.783] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:24:02.783] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:24:02.783] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:24:02.784] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:24:02.893] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_https.pcap.TCP_192-168-37-1_40630_192-168-37-136_8443.1727405639.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311842893, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727405639447823, "etime": 1727405639447823, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 40630, "dest_port": 8443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:24:02.893] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:24:02.893] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:24:02.894] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:24:05.898] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24195 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_https.pcap.TCP_172-28-208-1_62747_172-28-211-96_8443.1726645204.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_https.pcap.TCP_172-28-208-1_62747_172-28-211-96_8443.1726645204.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=86c7c32092ce9c320b0a330a2803e4d38128846a83613c6bcb83240122045863&X-Amz-Date=20251209T122405Z"}
[2025-12-09 20:24:05.898] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:24:05.898] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:24:05.899] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:24:05.899] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:24:05.899] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:24:05.899] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:24:06.005] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_https.pcap.TCP_172-28-208-1_62747_172-28-211-96_8443.1726645204.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311846005, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726645204908922, "etime": 1726645204908922, "src_ip": "172.28.208.1", "dest_ip": "172.28.211.96", "src_port": 62747, "dest_port": 8443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:24:06.005] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:24:09.010] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24624 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_https.pcap.TCP_172-28-208-1_62761_172-28-211-96_8443.1726645354.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_https.pcap.TCP_172-28-208-1_62761_172-28-211-96_8443.1726645354.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=0053fa3f0d6b0c02ee928fc98ce6a8abea13ebfa52f2e03880874a9947daa07d&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T122408Z&X-Amz-Expires=604800"}
[2025-12-09 20:24:09.011] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:24:09.011] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:24:09.011] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:24:09.011] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:24:09.011] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:24:09.012] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:24:09.124] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_https.pcap.TCP_172-28-208-1_62761_172-28-211-96_8443.1726645354.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311849123, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726645354957404, "etime": 1726645354957404, "src_ip": "172.28.208.1", "dest_ip": "172.28.211.96", "src_port": 62761, "dest_port": 8443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:24:09.124] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:24:12.123] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24625 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_https.pcap.TCP_172-28-208-1_62763_172-28-211-96_8443.1726645377.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_https.pcap.TCP_172-28-208-1_62763_172-28-211-96_8443.1726645377.jsonl?X-Amz-Signature=ae7bc8e77897b12ccf1193f4e3da1d5d3fc645d0d1fb82382758fc86318e189f&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T122411Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 20:24:12.123] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:24:12.123] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:24:12.124] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:24:12.124] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:24:12.124] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:24:12.125] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:24:12.232] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_https.pcap.TCP_172-28-208-1_62763_172-28-211-96_8443.1726645377.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311852232, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726645377556937, "etime": 1726645377556937, "src_ip": "172.28.208.1", "dest_ip": "172.28.211.96", "src_port": 62763, "dest_port": 8443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:24:12.232] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:24:15.247] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24196 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_https.pcap.TCP_172-28-208-1_62769_172-28-211-96_8443.1726645414.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_https.pcap.TCP_172-28-208-1_62769_172-28-211-96_8443.1726645414.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=5e3443ce104841a7cab276c1a3b6180a1373eee0b5c6bfa50f48808647e2666f&X-Amz-Date=20251209T122414Z&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 20:24:15.247] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:24:15.247] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:24:15.247] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:24:15.247] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:24:15.247] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:24:15.248] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:24:15.357] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_https.pcap.TCP_172-28-208-1_62769_172-28-211-96_8443.1726645414.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311855357, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726645414318084, "etime": 1726645414318084, "src_ip": "172.28.208.1", "dest_ip": "172.28.211.96", "src_port": 62769, "dest_port": 8443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:24:15.357] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:24:18.360] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25866 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_https.pcap.TCP_172-28-208-1_62759_172-28-211-96_8443.1726645333.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_https.pcap.TCP_172-28-208-1_62759_172-28-211-96_8443.1726645333.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=dcba42d159c11f90d2232504632b497a72dfa987557158820e428b3c8f305a38&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T122417Z"}
[2025-12-09 20:24:18.360] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:24:18.360] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:24:18.360] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:24:18.360] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:24:18.360] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:24:18.361] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:24:18.470] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_https.pcap.TCP_172-28-208-1_62759_172-28-211-96_8443.1726645333.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311858470, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726645333342185, "etime": 1726645333342185, "src_ip": "172.28.208.1", "dest_ip": "172.28.211.96", "src_port": 62759, "dest_port": 8443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:24:18.470] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:24:21.480] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24626 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_https.pcap.TCP_172-28-208-1_62768_172-28-211-96_8443.1726645401.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_https.pcap.TCP_172-28-208-1_62768_172-28-211-96_8443.1726645401.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=bbafbbae2c2f19ec17192fb1cb30309e6e9e30074d170ce9f0906bed3c4d3450&X-Amz-Date=20251209T122420Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:24:21.481] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:24:21.481] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:24:21.481] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:24:21.481] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:24:21.481] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:24:21.482] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:24:21.592] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_https.pcap.TCP_172-28-208-1_62768_172-28-211-96_8443.1726645401.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311861591, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726645401524068, "etime": 1726645401524068, "src_ip": "172.28.208.1", "dest_ip": "172.28.211.96", "src_port": 62768, "dest_port": 8443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:24:21.592] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:24:24.584] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24627 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_https_cat.pcap.TCP_192-168-52-1_11809_192-168-52-129_443.1726018281.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_https_cat.pcap.TCP_192-168-52-1_11809_192-168-52-129_443.1726018281.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=e7815b1fe5339892be4fc410be2c0ceb15e8246dc5bb8541c69b7fcd68ba427f&X-Amz-Date=20251209T122424Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host"}
[2025-12-09 20:24:24.584] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:24:24.584] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:24:24.584] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:24:24.585] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:24:24.585] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:24:24.585] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:24:24.692] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_https_cat.pcap.TCP_192-168-52-1_11809_192-168-52-129_443.1726018281.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311864692, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726018281983387, "etime": 1726018281983387, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 11809, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:24:24.693] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:24:24.693] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:24:24.693] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:24:27.690] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25867 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_tls1.2_cat.pcap.TCP_192-168-52-1_12308_192-168-52-129_443.1726018582.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_tls1.2_cat.pcap.TCP_192-168-52-1_12308_192-168-52-129_443.1726018582.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T122427Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=38b977ae60f230743783607d0484f3c01c7dc02d28067f025420eaa0b8cd862d&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:24:27.690] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:24:27.690] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:24:27.690] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:24:27.690] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:24:27.690] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:24:27.691] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:24:27.791] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_tls1.2_cat.pcap.TCP_192-168-52-1_12308_192-168-52-129_443.1726018582.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311867791, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726018582509135, "etime": 1726018582509135, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 12308, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:24:27.791] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:24:27.791] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:24:27.791] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:24:30.810] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24628 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_http-1.pcap.TCP_192-168-163-21_41731_192-168-163-23_80.1726206221.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_http-1.pcap.TCP_192-168-163-21_41731_192-168-163-23_80.1726206221.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=0f106bf653607af47335037ef9779cfe3ad6fe5f75673b522ca30356c66c7d62&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T122430Z&X-Amz-SignedHeaders=host"}
[2025-12-09 20:24:30.810] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:24:30.810] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:24:30.810] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:24:30.810] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:24:30.810] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:24:30.811] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:24:30.924] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID62_godzillav2.96_php_linux_http-1.pcap.TCP_192-168-163-21_41731_192-168-163-23_80.1726206221.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311870923, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726206221855430, "etime": 1726206221855430, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 41731, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:24:30.924] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:24:33.926] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25868 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_http-1.pcap.TCP_192-168-163-21_41374_192-168-163-23_80.1726204412.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_http-1.pcap.TCP_192-168-163-21_41374_192-168-163-23_80.1726204412.jsonl?X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=ef56f7b65b8009e00ce56632e1d8a72723e506ab748929cd7d56ce027639c1cd&X-Amz-Date=20251209T122433Z"}
[2025-12-09 20:24:33.926] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:24:33.926] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:24:33.927] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:24:33.927] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:24:33.927] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:24:33.927] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:24:34.040] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID61_godzillav1.10_php_linux_http-1.pcap.TCP_192-168-163-21_41374_192-168-163-23_80.1726204412.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311874039, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726204412622978, "etime": 1726204412622978, "src_ip": "192.168.163.21", "dest_ip": "192.168.163.23", "src_port": 41374, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:24:34.040] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:24:37.051] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24629 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_cat.pcap.TCP_192-168-52-1_42745_192-168-52-129_443.1726042680.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_cat.pcap.TCP_192-168-52-1_42745_192-168-52-129_443.1726042680.jsonl?X-Amz-Date=20251209T122436Z&X-Amz-Expires=604800&X-Amz-Signature=7edd998494cb795f8c92e420c4dda1cb2ad7c91e4a4b9081774686b1d180f7e8&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host"}
[2025-12-09 20:24:37.051] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:24:37.051] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:24:37.051] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:24:37.051] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:24:37.051] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:24:37.052] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:24:37.166] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_cat.pcap.TCP_192-168-52-1_42745_192-168-52-129_443.1726042680.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311877165, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726042680219384, "etime": 1726042680219384, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 42745, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:24:37.166] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:24:37.166] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:24:37.166] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:24:40.176] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24630 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai_tls1.2_cat.pcap.TCP_192-168-52-1_42875_192-168-52-129_443.1726042781.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai_tls1.2_cat.pcap.TCP_192-168-52-1_42875_192-168-52-129_443.1726042781.jsonl?X-Amz-Signature=fb2c36c3a825b19acc5370c0ccd1a3a2d0e2435d23d4910f864f84042e7d306d&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T122439Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:24:40.177] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:24:40.177] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:24:40.177] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:24:40.177] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:24:40.177] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:24:40.178] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:24:40.289] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai_tls1.2_cat.pcap.TCP_192-168-52-1_42875_192-168-52-129_443.1726042781.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311880288, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726042781516166, "etime": 1726042781516166, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 42875, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:24:40.289] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:24:40.289] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:24:40.289] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:24:43.289] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25869 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https.pcap.TCP_192-168-112-1_55632_192-168-112-135_443.1727254937.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https.pcap.TCP_192-168-112-1_55632_192-168-112-135_443.1727254937.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=f20afbaee08be87b9c6e75815337b2f04aa431e90cd71c89f080733ede9b90d6&X-Amz-Date=20251209T122442Z"}
[2025-12-09 20:24:43.289] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:24:43.289] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:24:43.290] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:24:43.290] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:24:43.290] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:24:43.291] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:24:43.398] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https.pcap.TCP_192-168-112-1_55632_192-168-112-135_443.1727254937.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311883397, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727254937968710, "etime": 1727254937968710, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 55632, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:24:43.398] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:24:43.398] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:24:43.398] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:24:46.401] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25870 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https.pcap.TCP_192-168-112-1_55606_192-168-112-135_443.1727254929.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https.pcap.TCP_192-168-112-1_55606_192-168-112-135_443.1727254929.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=79792d1e476704d7495d042a0b7906702eaf256b2fe9924e559f48a5cf74ce21&X-Amz-Date=20251209T122445Z"}
[2025-12-09 20:24:46.401] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:24:46.401] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:24:46.402] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:24:46.402] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:24:46.402] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:24:46.403] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:24:46.516] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https.pcap.TCP_192-168-112-1_55606_192-168-112-135_443.1727254929.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311886515, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727254929784880, "etime": 1727254929784880, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 55606, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:24:46.516] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:24:46.516] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:24:46.516] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:24:49.505] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25871 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https.pcap.TCP_192-168-112-1_55638_192-168-112-135_443.1727254941.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https.pcap.TCP_192-168-112-1_55638_192-168-112-135_443.1727254941.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T122449Z&X-Amz-SignedHeaders=host&X-Amz-Signature=4e5af231d071da9b37103d08a17947e21867b80d59eaa0adc7681d90d76ed8c5&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:24:49.505] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:24:49.505] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:24:49.506] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:24:49.506] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:24:49.506] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:24:49.507] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:24:49.612] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https.pcap.TCP_192-168-112-1_55638_192-168-112-135_443.1727254941.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311889612, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727254941432083, "etime": 1727254941432083, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 55638, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:24:49.612] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:24:49.612] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:24:49.612] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:24:52.620] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24197 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai1_https_cat.pcap.TCP_192-168-52-1_41055_192-168-52-129_443.1726041749.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai1_https_cat.pcap.TCP_192-168-52-1_41055_192-168-52-129_443.1726041749.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=d5341cdc44281a219f94a4108b9fab0c2db2be078d644b37d4d1945e65d32532&X-Amz-Date=20251209T122452Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:24:52.620] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:24:52.621] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:24:52.621] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:24:52.621] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:24:52.621] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:24:52.622] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:24:52.730] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai1_https_cat.pcap.TCP_192-168-52-1_41055_192-168-52-129_443.1726041749.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311892729, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726041749434582, "etime": 1726041749434582, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 41055, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:24:52.730] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:24:52.730] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:24:52.730] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:24:55.739] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24631 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https.pcap.TCP_192-168-112-1_55626_192-168-112-135_443.1727254935.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https.pcap.TCP_192-168-112-1_55626_192-168-112-135_443.1727254935.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=bfd773c9af5b4e90790c2e02a3de620c6ad2ccf9482c4c71b099edeff041a2cb&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T122455Z&X-Amz-SignedHeaders=host"}
[2025-12-09 20:24:55.739] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:24:55.739] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:24:55.740] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:24:55.740] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:24:55.740] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:24:55.740] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:24:55.852] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https.pcap.TCP_192-168-112-1_55626_192-168-112-135_443.1727254935.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311895851, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727254935262592, "etime": 1727254935262592, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 55626, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:24:55.852] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:24:55.852] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:24:55.852] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:24:58.864] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25872 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https.pcap.TCP_192-168-112-1_55641_192-168-112-135_443.1727254943.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https.pcap.TCP_192-168-112-1_55641_192-168-112-135_443.1727254943.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=b470a3a0ce7fc113cf452245181cacaf41dbfc57a48b2f1770c57ebc411fb23d&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T122458Z"}
[2025-12-09 20:24:58.864] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:24:58.864] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:24:58.864] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:24:58.864] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:24:58.864] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:24:58.865] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:24:58.972] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https.pcap.TCP_192-168-112-1_55641_192-168-112-135_443.1727254943.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311898972, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727254943957055, "etime": 1727254943957055, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 55641, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:24:58.972] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:24:58.972] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:24:58.972] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:25:01.979] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24632 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54132_192-168-37-136_8080.1727405500.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54132_192-168-37-136_8080.1727405500.jsonl?X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T122501Z&X-Amz-Expires=604800&X-Amz-Signature=5b71c485785071a4d10fb11f7ee9d1a7607753daef5e01da3ab8aae36173cb68"}
[2025-12-09 20:25:01.980] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:25:01.980] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:25:01.980] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:25:01.980] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:25:01.980] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:25:01.981] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:25:02.096] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_54132_192-168-37-136_8080.1727405500.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311902095, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727405500406742, "etime": 1727405500406742, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 54132, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:25:02.096] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:25:05.080] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25873 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_36459_192-168-37-136_8080.1727405543.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_36459_192-168-37-136_8080.1727405543.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=ef856226f503c76d60167232938fecca0e1312e54ac26f6ee83af71795e8ca97&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T122504Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:25:05.080] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:25:05.080] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:25:05.081] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:25:05.081] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:25:05.081] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:25:05.082] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:25:05.188] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID89_antsword_2.1.10_jsp_http.pcap.TCP_192-168-37-1_36459_192-168-37-136_8080.1727405543.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311905187, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727405543422550, "etime": 1727405543422550, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 36459, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:25:05.188] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:25:08.191] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24633 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_50558.1727436116.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_50558.1727436116.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T122507Z&X-Amz-Signature=6642f956a913e7fb274e23564e28104ef4c296a2eedffb923706b46bf280f657&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:25:08.191] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:25:08.191] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:25:08.192] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:25:08.192] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:25:08.192] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:25:08.193] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:25:08.304] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID99_antsword_2.1.12_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_50558.1727436116.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311908304, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727436116178811, "etime": 1727436116178811, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 50558, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:25:08.304] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:25:11.310] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25874 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_63543.1727520254.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_63543.1727520254.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=8a4e062476f8414728fe7079f09b812e1c076856e53c2a957dd57f619d58465d&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T122510Z"}
[2025-12-09 20:25:11.310] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:25:11.310] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:25:11.310] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:25:11.310] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:25:11.310] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:25:11.311] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:25:11.391] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_https.pcap.TCP_192-168-42-130_443_192-168-42-130_63543.1727520254.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311911391, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727520254561361, "etime": 1727520254561361, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 63543, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:25:11.391] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:25:11.391] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:25:11.391] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:25:14.420] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24634 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_61686.1727518189.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_61686.1727518189.jsonl?X-Amz-Signature=d27824693185180dedce5517e307e42a545d2af5d68f55473c3e3c6b3e38d55e&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T122513Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 20:25:14.420] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:25:14.420] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:25:14.421] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:25:14.421] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:25:14.421] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:25:14.421] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:25:14.531] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_61686.1727518189.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311914531, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727518189693866, "etime": 1727518189693866, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 61686, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:25:14.531] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:25:17.524] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24635 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https4.pcap.TCP_192-168-112-1_53571_192-168-112-135_443.1726624889.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https4.pcap.TCP_192-168-112-1_53571_192-168-112-135_443.1726624889.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T122517Z&X-Amz-Signature=c8f99f1c232a039ecd1ec79c46179b73f36d9953229643d0565b0d60f938cd5f&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:25:17.524] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:25:17.524] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:25:17.524] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:25:17.524] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:25:17.524] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:25:17.524] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:25:17.612] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https4.pcap.TCP_192-168-112-1_53571_192-168-112-135_443.1726624889.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311917611, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726624889032475, "etime": 1726624889032475, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 53571, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:25:17.612] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:25:17.612] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:25:17.612] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:25:20.639] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24636 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_http_cat.pcap.TCP_192-168-52-1_13386_192-168-52-129_80.1726193434.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_http_cat.pcap.TCP_192-168-52-1_13386_192-168-52-129_80.1726193434.jsonl?X-Amz-Date=20251209T122520Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=15d0227751b85c2360a20d09f6f6432039738cea8e1365258bde4e281e89bb5f&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:25:20.639] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:25:20.639] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:25:20.639] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:25:20.639] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:25:20.639] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:25:20.640] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:25:20.741] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_http_cat.pcap.TCP_192-168-52-1_13386_192-168-52-129_80.1726193434.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311920741, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726193434093173, "etime": 1726193434093173, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 13386, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:25:20.741] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:25:23.753] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24637 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_61684.1727518187.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_61684.1727518187.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=628e7a9a39a9453ead400680986ac1f395a0374a50d6c4dad28307c1e488b5f4&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T122523Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:25:23.753] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:25:23.753] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:25:23.753] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:25:23.753] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:25:23.753] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:25:23.754] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:25:23.864] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID100_antsword_2.1.13_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_61684.1727518187.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311923863, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727518187387787, "etime": 1727518187387787, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 61684, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:25:23.864] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:25:26.871] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24638 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_http.pcap.TCP_172-28-208-1_62399_172-28-211-96_8080.1726642576.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_http.pcap.TCP_172-28-208-1_62399_172-28-211-96_8080.1726642576.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T122526Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=b3c104203ce9f714cb13cab861a342dff2d094895a81b1259732ced4ffb516a6"}
[2025-12-09 20:25:26.871] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:25:26.871] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:25:26.872] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:25:26.872] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:25:26.872] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:25:26.873] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:25:26.982] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_http.pcap.TCP_172-28-208-1_62399_172-28-211-96_8080.1726642576.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311926982, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726642576392496, "etime": 1726642576392496, "src_ip": "172.28.208.1", "dest_ip": "172.28.211.96", "src_port": 62399, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:25:26.982] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:25:29.990] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24198 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https5.pcap.TCP_192-168-112-1_53626_192-168-112-135_443.1726625055.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https5.pcap.TCP_192-168-112-1_53626_192-168-112-135_443.1726625055.jsonl?X-Amz-Date=20251209T122529Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=9d5346cf3cad2d4814c16c89eb1ef505b334f724e82c4cc199b805984571b270"}
[2025-12-09 20:25:29.990] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:25:29.990] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:25:29.991] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:25:29.991] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:25:29.991] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:25:29.992] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:25:30.101] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https5.pcap.TCP_192-168-112-1_53626_192-168-112-135_443.1726625055.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311930101, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726625055492940, "etime": 1726625055492940, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 53626, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:25:30.101] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:25:30.101] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:25:30.101] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:25:33.105] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25875 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_http.pcap.TCP_172-28-208-1_62477_172-28-211-96_8080.1726643244.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_http.pcap.TCP_172-28-208-1_62477_172-28-211-96_8080.1726643244.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T122532Z&X-Amz-Expires=604800&X-Amz-Signature=b1f6205e74d811f6d8c71a7a27496972e1cadf1d9e3326ca1c1b105fe20ba16b&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:25:33.106] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:25:33.106] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:25:33.106] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:25:33.106] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:25:33.106] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:25:33.107] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:25:33.217] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID53_behinderv2.0.1_jsp_linux_http.pcap.TCP_172-28-208-1_62477_172-28-211-96_8080.1726643244.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311933216, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726643244246421, "etime": 1726643244246421, "src_ip": "172.28.208.1", "dest_ip": "172.28.211.96", "src_port": 62477, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:25:33.217] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:25:36.220] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24199 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http6.pcap.TCP_192-168-112-1_53643_192-168-112-135_443.1726625086.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http6.pcap.TCP_192-168-112-1_53643_192-168-112-135_443.1726625086.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T122535Z&X-Amz-Signature=26fd45872fa909cd321b03bfc70948b99562464467ce546a2fc85016cc8dc3d7&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Expires=604800"}
[2025-12-09 20:25:36.220] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:25:36.220] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:25:36.220] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:25:36.220] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:25:36.220] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:25:36.221] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:25:36.326] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http6.pcap.TCP_192-168-112-1_53643_192-168-112-135_443.1726625086.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311936325, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726625086764321, "etime": 1726625086764321, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 53643, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:25:36.326] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:25:36.326] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:25:36.326] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:25:39.324] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24200 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https4.pcap.TCP_192-168-112-1_53576_192-168-112-135_443.1726624911.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https4.pcap.TCP_192-168-112-1_53576_192-168-112-135_443.1726624911.jsonl?X-Amz-Date=20251209T122538Z&X-Amz-Signature=96462e9d7cac9ba8d7f39c56b66666e60bcc6fbb17667e0a4fd573a9ab962ef3&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:25:39.324] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:25:39.324] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:25:39.324] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:25:39.324] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:25:39.324] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:25:39.325] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:25:39.430] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https4.pcap.TCP_192-168-112-1_53576_192-168-112-135_443.1726624911.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311939430, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726624911643889, "etime": 1726624911643889, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 53576, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:25:39.430] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:25:39.430] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:25:39.430] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:25:42.427] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24639 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_62806.1727519458.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_62806.1727519458.jsonl?X-Amz-Signature=9f53f7b4bee6ad2427334fcc17581bc373c1930f1d7f4af89221ecee9e43abdf&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T122541Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 20:25:42.427] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:25:42.427] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:25:42.427] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:25:42.427] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:25:42.427] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:25:42.428] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:25:42.533] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_62806.1727519458.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311942532, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727519458314212, "etime": 1727519458314212, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 62806, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:25:42.533] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:25:45.541] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25876 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https4.pcap.TCP_192-168-112-1_53562_192-168-112-135_443.1726624883.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https4.pcap.TCP_192-168-112-1_53562_192-168-112-135_443.1726624883.jsonl?X-Amz-Signature=0210c1b71aff8cd1d9f1b3275b2525b772330219d13b1aeda7599ba6292b3790&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T122544Z"}
[2025-12-09 20:25:45.541] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:25:45.541] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:25:45.541] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:25:45.541] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:25:45.541] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:25:45.542] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:25:45.651] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https4.pcap.TCP_192-168-112-1_53562_192-168-112-135_443.1726624883.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311945650, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726624883134346, "etime": 1726624883134346, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 53562, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:25:45.651] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:25:45.651] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:25:45.651] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:25:48.646] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25877 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_63347.1727520052.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_63347.1727520052.jsonl?X-Amz-Date=20251209T122548Z&X-Amz-Signature=8d46001ceb1a14f7e03e32190b124736d9b15b0ef08e17bec4956c218da5ac9a&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 20:25:48.646] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:25:48.646] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:25:48.647] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:25:48.647] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:25:48.647] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:25:48.648] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:25:48.752] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID102_antsword_2.1.15_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_63347.1727520052.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311948751, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727520052286627, "etime": 1727520052286627, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 63347, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:25:48.752] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:25:51.766] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25878 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https4.pcap.TCP_192-168-112-1_53570_192-168-112-135_443.1726624884.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https4.pcap.TCP_192-168-112-1_53570_192-168-112-135_443.1726624884.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T122551Z&X-Amz-Signature=fc13aa578e253049d415c8c972da7ef20a55ffafa5ccdd3296a8f12edd81df64"}
[2025-12-09 20:25:51.766] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:25:51.766] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:25:51.766] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:25:51.766] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:25:51.766] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:25:51.767] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:25:51.876] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https4.pcap.TCP_192-168-112-1_53570_192-168-112-135_443.1726624884.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311951875, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726624884608075, "etime": 1726624884608075, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 53570, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:25:51.876] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:25:51.876] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:25:51.876] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:25:54.884] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24640 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https5.pcap.TCP_192-168-112-1_53622_192-168-112-135_443.1726625040.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https5.pcap.TCP_192-168-112-1_53622_192-168-112-135_443.1726625040.jsonl?X-Amz-Date=20251209T122554Z&X-Amz-Signature=5e7a7912c660cb318c6df89fa7758d5f8b431c8b16bf383c986948841ffb63bf&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 20:25:54.884] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:25:54.884] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:25:54.885] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:25:54.885] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:25:54.885] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:25:54.885] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:25:54.996] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https5.pcap.TCP_192-168-112-1_53622_192-168-112-135_443.1726625040.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311954995, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726625040053280, "etime": 1726625040053280, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 53622, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:25:54.996] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:25:54.996] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:25:54.996] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:25:58.002] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25879 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_http.pcap.TCP_192-168-37-1_26048_192-168-37-136_8080.1727255460.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_http.pcap.TCP_192-168-37-1_26048_192-168-37-136_8080.1727255460.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=569ae5b5f9c77ce29588afa727dca32a725caf6b22d9a2eb19fcdbe022d33903&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T122557Z&X-Amz-Expires=604800"}
[2025-12-09 20:25:58.002] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:25:58.002] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:25:58.002] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:25:58.002] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:25:58.002] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:25:58.003] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:25:58.106] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID90_antsword_2.1.11.1_jsp_http.pcap.TCP_192-168-37-1_26048_192-168-37-136_8080.1727255460.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311958106, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727255460891158, "etime": 1727255460891158, "src_ip": "192.168.37.1", "dest_ip": "192.168.37.136", "src_port": 26048, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:25:58.106] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:26:01.120] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25880 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https4.pcap.TCP_192-168-112-1_53577_192-168-112-135_443.1726624914.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https4.pcap.TCP_192-168-112-1_53577_192-168-112-135_443.1726624914.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=5a57e5324491b94c9c16bbf17c42e17f070641d0854e94cc077ab6f46dcd4641&X-Amz-Date=20251209T122600Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:26:01.120] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:26:01.120] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:26:01.120] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:26:01.120] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:26:01.120] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:26:01.121] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:26:01.231] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https4.pcap.TCP_192-168-112-1_53577_192-168-112-135_443.1726624914.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311961231, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726624914190866, "etime": 1726624914190866, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 53577, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:26:01.231] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:26:01.231] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:26:01.231] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:26:04.222] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24641 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http6.pcap.TCP_192-168-112-1_53639_192-168-112-135_443.1726625081.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http6.pcap.TCP_192-168-112-1_53639_192-168-112-135_443.1726625081.jsonl?X-Amz-Date=20251209T122603Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=a65c1d6df56d543904e93bee919ea7c18e840e22631aa00cdd14cc54aca6c97c&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:26:04.223] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:26:04.223] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:26:04.223] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:26:04.223] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:26:04.223] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:26:04.224] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:26:04.328] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_http6.pcap.TCP_192-168-112-1_53639_192-168-112-135_443.1726625081.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311964328, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726625081765499, "etime": 1726625081765499, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 53639, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:26:04.328] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:26:04.328] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:26:04.328] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:26:07.344] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25881 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https5.pcap.TCP_192-168-112-1_53623_192-168-112-135_443.1726625042.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https5.pcap.TCP_192-168-112-1_53623_192-168-112-135_443.1726625042.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=3691709f26d34cadf515cff09db1d0dce5073cc0be23289338f4614f3521a5c6&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T122606Z&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:26:07.344] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:26:07.344] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:26:07.344] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:26:07.344] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:26:07.344] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:26:07.345] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:26:07.455] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID82_antsword_2.1.11.1_php_https5.pcap.TCP_192-168-112-1_53623_192-168-112-135_443.1726625042.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765311967455, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726625042092086, "etime": 1726625042092086, "src_ip": "192.168.112.1", "dest_ip": "192.168.112.135", "src_port": 53623, "dest_port": 443, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:26:07.455] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:26:07.455] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:26:07.455] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:26:10.451] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24642 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_62804.1727519456.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_62804.1727519456.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T122609Z&X-Amz-Expires=604800&X-Amz-Signature=3750fb71e110f7e1281629e55a4308fb12d5d3cb2510c66e1435b9a8c005ba8a&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host"}
[2025-12-09 20:26:10.451] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:26:10.451] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:26:10.451] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:26:10.451] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:26:10.451] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:26:10.452] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:26:10.549] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID101_antsword_2.1.14_aspx_win10_http.pcap.TCP_192-168-42-130_80_192-168-42-130_62804.1727519456.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765311970549, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727519456154580, "etime": 1727519456154580, "src_ip": "192.168.42.130", "dest_ip": "192.168.42.130", "src_port": 62804, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:26:10.549] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:29:09.890] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24201 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID41-httpCS4.8_windowsserver2016_kali_jdk_IP.1727336159.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID41-httpCS4.8_windowsserver2016_kali_jdk_IP.1727336159.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=3af7814c984dfac99f9f3de502cdc8118ab83981ec0dfe2fb7f700bc5d0454d3&X-Amz-Date=20251209T122909Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Expires=604800"}
[2025-12-09 20:29:09.890] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:29:09.890] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:29:09.890] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:29:09.890] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:29:09.890] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:29:09.891] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:29:13.404] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID41-httpCS4.8_windowsserver2016_kali_jdk_IP.1727336159.jsonl|result:{"code": 0, "total_count": 66, "abnormal_count": 0, "normal_count": 66, "alert_count": 0, "timestamp": 1765312153402, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727336244733165, "etime": 1727336244733165, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50458, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336226404540, "etime": 1727336226404540, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50442, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336231499439, "etime": 1727336231499439, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50447, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336226326993, "etime": 1727336226326993, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50441, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336219217860, "etime": 1727336219217860, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50434, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336273453308, "etime": 1727336273453308, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50488, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336241686445, "etime": 1727336241686445, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50455, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336236608317, "etime": 1727336236608317, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50452, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336251031126, "etime": 1727336251031126, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50465, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336279610059, "etime": 1727336279610059, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50495, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336280624346, "etime": 1727336280624346, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50496, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336272420913, "etime": 1727336272420913, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50487, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336255093205, "etime": 1727336255093205, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50469, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336159188057, "etime": 1727336159188057, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50432, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336269359905, "etime": 1727336269359905, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50484, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336275531900, "etime": 1727336275531900, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50491, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336244907834, "etime": 1727336244907834, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50459, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336224295816, "etime": 1727336224295816, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50439, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336235592282, "etime": 1727336235592282, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50451, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336265248788, "etime": 1727336265248788, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50479, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336229451955, "etime": 1727336229451955, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50445, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336259155119, "etime": 1727336259155119, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50473, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336221249116, "etime": 1727336221249116, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50436, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336275483161, "etime": 1727336275483161, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50490, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336159202203, "etime": 1727336159202203, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50433, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336278577027, "etime": 1727336278577027, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50494, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336242701914, "etime": 1727336242701914, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50456, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336243718015, "etime": 1727336243718015, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50457, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336246938883, "etime": 1727336246938883, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50461, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336276546181, "etime": 1727336276546181, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50492, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336271407105, "etime": 1727336271407105, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50486, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336253061343, "etime": 1727336253061343, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50467, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336277562932, "etime": 1727336277562932, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50493, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336248984231, "etime": 1727336248984231, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50463, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336260170530, "etime": 1727336260170530, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50474, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336261187136, "etime": 1727336261187136, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50475, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336233545567, "etime": 1727336233545567, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50449, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336222264456, "etime": 1727336222264456, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50437, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336230483931, "etime": 1727336230483931, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50446, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336263217891, "etime": 1727336263217891, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50477, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336266264613, "etime": 1727336266264613, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50480, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336264233548, "etime": 1727336264233548, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50478, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336256108189, "etime": 1727336256108189, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50470, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336225311829, "etime": 1727336225311829, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50440, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336228438356, "etime": 1727336228438356, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50444, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336252045869, "etime": 1727336252045869, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50466, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336254077327, "etime": 1727336254077327, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50468, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336257123886, "etime": 1727336257123886, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50471, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336258139752, "etime": 1727336258139752, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50472, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336274467766, "etime": 1727336274467766, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50489, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336223279965, "etime": 1727336223279965, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50438, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336227420589, "etime": 1727336227420589, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50443, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336239657082, "etime": 1727336239657082, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50453, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336240672072, "etime": 1727336240672072, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50454, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336270374160, "etime": 1727336270374160, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50485, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336249999090, "etime": 1727336249999090, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50464, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336267315873, "etime": 1727336267315873, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50482, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336220240724, "etime": 1727336220240724, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50435, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336234579141, "etime": 1727336234579141, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50450, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336268327205, "etime": 1727336268327205, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50483, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336280628133, "etime": 1727336280628133, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50497, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336245920916, "etime": 1727336245920916, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50460, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336267280376, "etime": 1727336267280376, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50481, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336232531267, "etime": 1727336232531267, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50448, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336247952078, "etime": 1727336247952078, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50462, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727336262201984, "etime": 1727336262201984, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50476, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:29:13.404] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:29:13.404] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25882 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID11-tls1.2CS4.8_win8.1_ubuntu_jdk_IP.1727153689.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID11-tls1.2CS4.8_win8.1_ubuntu_jdk_IP.1727153689.jsonl?X-Amz-Signature=15c0c1c793626a571ea779f919979f816d156a3765b3a32acf89d4fb0d5ba3ea&X-Amz-Expires=604800&X-Amz-Date=20251209T122912Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:29:13.404] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:29:13.404] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:29:13.404] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:29:13.404] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:29:13.404] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:29:13.404] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:29:14.815] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID11-tls1.2CS4.8_win8.1_ubuntu_jdk_IP.1727153689.jsonl|result:{"code": 1, "total_count": 27, "abnormal_count": 1, "normal_count": 26, "alert_count": 1, "timestamp": 1765312154814, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727153762129422, "etime": 1727153762129422, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49389, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153760066519, "etime": 1727153760066519, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49387, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153768472504, "etime": 1727153768472504, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49396, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153751269292, "etime": 1727153751269292, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49377, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153754488716, "etime": 1727153754488716, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49381, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153691191174, "etime": 1727153691191174, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49376, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153752395693, "etime": 1727153752395693, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49379, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153772704023, "etime": 1727153772704023, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49401, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153755534570, "etime": 1727153755534570, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49382, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153759020528, "etime": 1727153759020528, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49386, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153756928484, "etime": 1727153756928484, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49384, "dest_port": 443, "protocol": "tls", "result": "Behinder"}, {"stime": 1727153756567827, "etime": 1727153756567827, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49383, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153757972834, "etime": 1727153757972834, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49385, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153689151982, "etime": 1727153689151982, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49375, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727153751327074, "etime": 1727153751327074, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49378, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153762232147, "etime": 1727153762232147, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49390, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153766365771, "etime": 1727153766365771, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49394, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153767426000, "etime": 1727153767426000, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49395, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153765331457, "etime": 1727153765331457, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49393, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153769521916, "etime": 1727153769521916, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49397, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153764285141, "etime": 1727153764285141, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49392, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153761097635, "etime": 1727153761097635, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49388, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153770567833, "etime": 1727153770567833, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49398, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153771613390, "etime": 1727153771613390, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49399, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153763254365, "etime": 1727153763254365, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49391, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153753442328, "etime": 1727153753442328, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49380, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153772675957, "etime": 1727153772675957, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49400, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:29:14.815] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:29:14.815] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:29:14.815] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:29:16.163] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24643 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID41-httpCS4.8_windowsserver2016_kali_jdk_domain2.1727337377.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID41-httpCS4.8_windowsserver2016_kali_jdk_domain2.1727337377.jsonl?X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=4f779931dae0612f1b66b1fca4a83129814de183c0e409990ab7e575cca25ee2&X-Amz-Date=20251209T122915Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:29:16.164] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:29:16.164] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:29:16.164] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:29:16.164] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:29:16.164] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:29:16.164] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:29:19.219] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID41-httpCS4.8_windowsserver2016_kali_jdk_domain2.1727337377.jsonl|result:{"code": 0, "total_count": 63, "abnormal_count": 0, "normal_count": 63, "alert_count": 0, "timestamp": 1765312159217, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727337377361039, "etime": 1727337377361039, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51958, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337460860446, "etime": 1727337460860446, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51984, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337473079393, "etime": 1727337473079393, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51997, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337491329699, "etime": 1727337491329699, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52015, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337466954219, "etime": 1727337466954219, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51990, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337445579360, "etime": 1727337445579360, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51968, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337449641744, "etime": 1727337449641744, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51972, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337439454487, "etime": 1727337439454487, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51962, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337454766630, "etime": 1727337454766630, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51978, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337455784571, "etime": 1727337455784571, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51979, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337482001230, "etime": 1727337482001230, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52004, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337438439017, "etime": 1727337438439017, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51961, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337485048342, "etime": 1727337485048342, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52007, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337470001208, "etime": 1727337470001208, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51993, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337472066163, "etime": 1727337472066163, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51996, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337457813547, "etime": 1727337457813547, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51981, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337456798287, "etime": 1727337456798287, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51980, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337474111933, "etime": 1727337474111933, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51998, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337479970148, "etime": 1727337479970148, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52002, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337465938608, "etime": 1727337465938608, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51989, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337494392298, "etime": 1727337494392298, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52018, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337475126323, "etime": 1727337475126323, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51999, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337470035158, "etime": 1727337470035158, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51994, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337490318074, "etime": 1727337490318074, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52014, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337458829254, "etime": 1727337458829254, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51982, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337480986060, "etime": 1727337480986060, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52003, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337453751623, "etime": 1727337453751623, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51977, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337377334882, "etime": 1727337377334882, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51957, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337483016712, "etime": 1727337483016712, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52005, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337488236263, "etime": 1727337488236263, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52011, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337478954915, "etime": 1727337478954915, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52001, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337450657802, "etime": 1727337450657802, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51973, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337438391924, "etime": 1727337438391924, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51960, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337493376321, "etime": 1727337493376321, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52017, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337448626331, "etime": 1727337448626331, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51971, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337443532274, "etime": 1727337443532274, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51966, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337463907755, "etime": 1727337463907755, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51987, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337461876605, "etime": 1727337461876605, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51985, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337486064057, "etime": 1727337486064057, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52008, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337441485586, "etime": 1727337441485586, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51964, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337467970633, "etime": 1727337467970633, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51991, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337468985862, "etime": 1727337468985862, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51992, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337447610822, "etime": 1727337447610822, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51970, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337471048323, "etime": 1727337471048323, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51995, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337452735949, "etime": 1727337452735949, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51976, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337492360861, "etime": 1727337492360861, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52016, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337451700849, "etime": 1727337451700849, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51974, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337462891018, "etime": 1727337462891018, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51986, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337444564677, "etime": 1727337444564677, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51967, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337487204446, "etime": 1727337487204446, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52010, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337446594768, "etime": 1727337446594768, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51969, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337437376246, "etime": 1727337437376246, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51959, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337451732897, "etime": 1727337451732897, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51975, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337486196414, "etime": 1727337486196414, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52009, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337494395814, "etime": 1727337494395814, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52019, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337464923406, "etime": 1727337464923406, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51988, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337459845184, "etime": 1727337459845184, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51983, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337442519193, "etime": 1727337442519193, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51965, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337484032436, "etime": 1727337484032436, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52006, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337440471703, "etime": 1727337440471703, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51963, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337489251565, "etime": 1727337489251565, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52012, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337476158180, "etime": 1727337476158180, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52000, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337490274836, "etime": 1727337490274836, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52013, "dest_port": 8070, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:29:19.219] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:29:19.388] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24202 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_domain6zwlkhflow1zwrkh.1726642702.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_domain6zwlkhflow1zwrkh.1726642702.jsonl?X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=be16e727c8463084774f970e3e12be15350bb52c58be12f0ee4a29f6aec1d409&X-Amz-Expires=604800&X-Amz-Date=20251209T122918Z"}
[2025-12-09 20:29:19.388] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:29:19.388] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:29:19.388] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:29:19.388] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:29:19.388] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:29:19.388] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:29:19.433] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_domain6zwlkhflow1zwrkh.1726642702.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312159433, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726642702522896, "etime": 1726642702522896, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49294, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:29:19.433] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:29:19.433] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:29:19.433] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:29:22.607] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24644 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_domain6zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49294.1726642702.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_domain6zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49294.1726642702.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T122922Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=3666f9253fc38abd1ea242e32c2ca0ea7a1df055e991664290e5acf4bee0719b&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:29:22.607] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:29:22.607] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:29:22.607] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:29:22.607] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:29:22.607] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:29:22.608] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:29:22.702] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_domain6zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49294.1726642702.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312162701, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726642702522896, "etime": 1726642702522896, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49294, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:29:22.702] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:29:22.702] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:29:22.702] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:29:25.728] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25883 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID48-httpCS4.8_windowsserver2022_ubuntu_openjdk_domain2.1727317242.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID48-httpCS4.8_windowsserver2022_ubuntu_openjdk_domain2.1727317242.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=52d810fae2685e54716ad381564d379e75ecf09ebc07509e63fdc321dd3ef1f2&X-Amz-Date=20251209T122925Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 20:29:25.729] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:29:25.729] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:29:25.729] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:29:25.729] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:29:25.729] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:29:25.730] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:29:28.859] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID48-httpCS4.8_windowsserver2022_ubuntu_openjdk_domain2.1727317242.jsonl|result:{"code": 0, "total_count": 59, "abnormal_count": 0, "normal_count": 59, "alert_count": 0, "timestamp": 1765312168858, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727317353191092, "etime": 1727317353191092, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49856, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317318972485, "etime": 1727317318972485, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49822, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317313847526, "etime": 1727317313847526, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49816, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317307660331, "etime": 1727317307660331, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49809, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317325144517, "etime": 1727317325144517, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49829, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317335847363, "etime": 1727317335847363, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49838, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317352175643, "etime": 1727317352175643, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49855, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317305629355, "etime": 1727317305629355, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49807, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317310793443, "etime": 1727317310793443, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49813, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317303426238, "etime": 1727317303426238, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49804, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317308692411, "etime": 1727317308692411, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49810, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317351159851, "etime": 1727317351159851, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49854, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317336863769, "etime": 1727317336863769, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49839, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317326161339, "etime": 1727317326161339, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49830, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317350066427, "etime": 1727317350066427, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49852, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317309707336, "etime": 1727317309707336, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49811, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317320062645, "etime": 1727317320062645, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49824, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317321081765, "etime": 1727317321081765, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49825, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317242386496, "etime": 1727317242386496, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49801, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317339910275, "etime": 1727317339910275, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49842, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317242403988, "etime": 1727317242403988, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49802, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317317957602, "etime": 1727317317957602, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49821, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317348034759, "etime": 1727317348034759, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49850, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317332801325, "etime": 1727317332801325, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49835, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317351082383, "etime": 1727317351082383, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49853, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317314909975, "etime": 1727317314909975, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49818, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317306645928, "etime": 1727317306645928, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49808, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317347019441, "etime": 1727317347019441, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49849, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317315925875, "etime": 1727317315925875, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49819, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317328191429, "etime": 1727317328191429, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49832, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317354207842, "etime": 1727317354207842, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49857, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317355254679, "etime": 1727317355254679, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49858, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317304624353, "etime": 1727317304624353, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49806, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317342957047, "etime": 1727317342957047, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49845, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317316942505, "etime": 1727317316942505, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49820, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317355270108, "etime": 1727317355270108, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49859, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317310723191, "etime": 1727317310723191, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49812, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317329207482, "etime": 1727317329207482, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49833, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317324128930, "etime": 1727317324128930, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49828, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317312816542, "etime": 1727317312816542, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49815, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317340925537, "etime": 1727317340925537, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49843, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317322097173, "etime": 1727317322097173, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49826, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317349051717, "etime": 1727317349051717, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49851, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317337878749, "etime": 1727317337878749, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49840, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317338894557, "etime": 1727317338894557, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49841, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317333816187, "etime": 1727317333816187, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49836, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317302410458, "etime": 1727317302410458, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49803, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317313899614, "etime": 1727317313899614, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49817, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317323113456, "etime": 1727317323113456, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49827, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317331786315, "etime": 1727317331786315, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49834, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317327176331, "etime": 1727317327176331, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49831, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317344987831, "etime": 1727317344987831, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49847, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317346003783, "etime": 1727317346003783, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49848, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317304440950, "etime": 1727317304440950, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49805, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317341942043, "etime": 1727317341942043, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49844, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317343973275, "etime": 1727317343973275, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49846, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317319988650, "etime": 1727317319988650, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49823, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317311801066, "etime": 1727317311801066, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49814, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317334832519, "etime": 1727317334832519, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49837, "dest_port": 8990, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:29:28.859] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:29:28.910] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24645 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_domain_mogai5zwlkhflow1zwrkh.1726645602.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_domain_mogai5zwlkhflow1zwrkh.1726645602.jsonl?X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T122928Z&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=a06b8a3e105ea5b96b92eb49da01ade391ad656f6e15e286cf982e9c87d40c17"}
[2025-12-09 20:29:28.910] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:29:28.910] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:29:28.910] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:29:28.910] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:29:28.910] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:29:28.910] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:29:28.972] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_domain_mogai5zwlkhflow1zwrkh.1726645602.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312168971, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726645602850235, "etime": 1726645602850235, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49303, "dest_port": 50050, "protocol": "tls", "result": "Godzilla"}]}
[2025-12-09 20:29:28.972] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:29:28.972] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:29:28.972] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:29:32.100] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24203 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_domain_mogai5zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49303.1726645602.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_domain_mogai5zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49303.1726645602.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T122931Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=3a8dba7d11a6c20a7c8ad79f94f705548f2bb29e17c5ca5f7b2154eb057303a6&X-Amz-SignedHeaders=host"}
[2025-12-09 20:29:32.100] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:29:32.100] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:29:32.100] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:29:32.100] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:29:32.101] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:29:32.101] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:29:32.200] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_domain_mogai5zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49303.1726645602.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312172199, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726645602850235, "etime": 1726645602850235, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49303, "dest_port": 50050, "protocol": "tls", "result": "Godzilla"}]}
[2025-12-09 20:29:32.200] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:29:32.200] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:29:32.200] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:29:35.234] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24646 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID14-tls1.2CS4.8_win8_kali_openjdk_domain.1727156603.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID14-tls1.2CS4.8_win8_kali_openjdk_domain.1727156603.jsonl?X-Amz-Date=20251209T122934Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=dc51ba34b1dee891f7b69ad693153ba129d420d0f55aa13e070b68abd375e3e7&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:29:35.234] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:29:35.234] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:29:35.235] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:29:35.235] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:29:35.235] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:29:35.236] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:29:36.610] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID14-tls1.2CS4.8_win8_kali_openjdk_domain.1727156603.jsonl|result:{"code": 1, "total_count": 25, "abnormal_count": 2, "normal_count": 23, "alert_count": 2, "timestamp": 1765312176609, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727156665870503, "etime": 1727156665870503, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50308, "dest_port": 5443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727156682453359, "etime": 1727156682453359, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50323, "dest_port": 5443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156675651378, "etime": 1727156675651378, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50317, "dest_port": 5443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156683593674, "etime": 1727156683593674, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50324, "dest_port": 5443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156603131708, "etime": 1727156603131708, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50306, "dest_port": 8001, "protocol": "tls", "result": "Normal"}, {"stime": 1727156688334177, "etime": 1727156688334177, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50329, "dest_port": 5443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156689474126, "etime": 1727156689474126, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50330, "dest_port": 5443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156677929515, "etime": 1727156677929515, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50319, "dest_port": 5443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156689603851, "etime": 1727156689603851, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50331, "dest_port": 5443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156672250578, "etime": 1727156672250578, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50314, "dest_port": 5443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156667701525, "etime": 1727156667701525, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50309, "dest_port": 5443, "protocol": "tls", "result": "Behinder"}, {"stime": 1727156681330074, "etime": 1727156681330074, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50322, "dest_port": 5443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156684731708, "etime": 1727156684731708, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50325, "dest_port": 5443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156686057192, "etime": 1727156686057192, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50327, "dest_port": 5443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156676791684, "etime": 1727156676791684, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50318, "dest_port": 5443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156674512939, "etime": 1727156674512939, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50316, "dest_port": 5443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156680208934, "etime": 1727156680208934, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50321, "dest_port": 5443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156669972732, "etime": 1727156669972732, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50311, "dest_port": 5443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156671112756, "etime": 1727156671112756, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50313, "dest_port": 5443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156684903761, "etime": 1727156684903761, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50326, "dest_port": 5443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156668834042, "etime": 1727156668834042, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50310, "dest_port": 5443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156673379052, "etime": 1727156673379052, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50315, "dest_port": 5443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156687195826, "etime": 1727156687195826, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50328, "dest_port": 5443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156605655443, "etime": 1727156605655443, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50307, "dest_port": 5443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156679071441, "etime": 1727156679071441, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50320, "dest_port": 5443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:29:36.610] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 2|max_alert: 1000
[2025-12-09 20:29:36.610] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:29:36.610] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:29:38.364] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24204 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID46-httpCS4.8_windowsserver2022_kali_openjdk_domain3.1727331322.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID46-httpCS4.8_windowsserver2022_kali_openjdk_domain3.1727331322.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T122937Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=b05686c1c3acfc505f62f0d7a100c9e679eed02d662a808dc3812c08215006d8"}
[2025-12-09 20:29:38.364] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:29:38.364] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:29:38.364] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:29:38.364] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:29:38.364] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:29:38.365] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:29:41.191] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID46-httpCS4.8_windowsserver2022_kali_openjdk_domain3.1727331322.jsonl|result:{"code": 0, "total_count": 54, "abnormal_count": 0, "normal_count": 54, "alert_count": 0, "timestamp": 1765312181190, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727331392776733, "etime": 1727331392776733, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51514, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331413792969, "etime": 1727331413792969, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51534, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331322347919, "etime": 1727331322347919, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51496, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331431230214, "etime": 1727331431230214, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51553, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331427165032, "etime": 1727331427165032, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51549, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331397917383, "etime": 1727331397917383, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51520, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331387667793, "etime": 1727331387667793, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51509, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331392844522, "etime": 1727331392844522, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51515, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331409729636, "etime": 1727331409729636, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51530, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331394870644, "etime": 1727331394870644, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51517, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331414808057, "etime": 1727331414808057, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51535, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331385623514, "etime": 1727331385623514, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51506, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331402995484, "etime": 1727331402995484, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51525, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331430213925, "etime": 1727331430213925, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51552, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331431238003, "etime": 1727331431238003, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51554, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331383385865, "etime": 1727331383385865, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51503, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331388683132, "etime": 1727331388683132, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51510, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331399949070, "etime": 1727331399949070, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51522, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331422011955, "etime": 1727331422011955, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51543, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331322363673, "etime": 1727331322363673, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51497, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331405674918, "etime": 1727331405674918, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51526, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331395886197, "etime": 1727331395886197, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51518, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331417854793, "etime": 1727331417854793, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51538, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331406683393, "etime": 1727331406683393, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51527, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331424042663, "etime": 1727331424042663, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51545, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331396902051, "etime": 1727331396902051, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51519, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331411761769, "etime": 1727331411761769, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51532, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331412776618, "etime": 1727331412776618, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51533, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331415824889, "etime": 1727331415824889, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51536, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331416838979, "etime": 1727331416838979, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51537, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331382371085, "etime": 1727331382371085, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51501, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331384401483, "etime": 1727331384401483, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51504, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331389714403, "etime": 1727331389714403, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51511, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331419886164, "etime": 1727331419886164, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51540, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331419982118, "etime": 1727331419982118, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51541, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331426073321, "etime": 1727331426073321, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51547, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331427089442, "etime": 1727331427089442, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51548, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331401980968, "etime": 1727331401980968, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51524, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331390734843, "etime": 1727331390734843, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51512, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331400964423, "etime": 1727331400964423, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51523, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331423026757, "etime": 1727331423026757, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51544, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331407700025, "etime": 1727331407700025, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51528, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331391761656, "etime": 1727331391761656, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51513, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331408714888, "etime": 1727331408714888, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51529, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331385417173, "etime": 1727331385417173, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51505, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331410745545, "etime": 1727331410745545, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51531, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331393854792, "etime": 1727331393854792, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51516, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331420995129, "etime": 1727331420995129, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51542, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331386636357, "etime": 1727331386636357, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51508, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331398933141, "etime": 1727331398933141, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51521, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331418870632, "etime": 1727331418870632, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51539, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331425058283, "etime": 1727331425058283, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51546, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331428183006, "etime": 1727331428183006, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51550, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727331429198940, "etime": 1727331429198940, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51551, "dest_port": 8090, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:29:41.191] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:29:41.490] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24647 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID46-httpCS4.8_windowsserver2022_kali_openjdk_domain1.1727322671.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID46-httpCS4.8_windowsserver2022_kali_openjdk_domain1.1727322671.jsonl?X-Amz-Date=20251209T122940Z&X-Amz-SignedHeaders=host&X-Amz-Signature=214739d73d0db3bcdac4f7d73964a4d07e95b1c45e976778c6f032f8c5b852a2&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 20:29:41.490] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:29:41.490] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:29:41.490] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:29:41.490] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:29:41.490] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:29:41.490] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:29:43.982] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID46-httpCS4.8_windowsserver2022_kali_openjdk_domain1.1727322671.jsonl|result:{"code": 0, "total_count": 52, "abnormal_count": 0, "normal_count": 52, "alert_count": 0, "timestamp": 1765312183981, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727322769261457, "etime": 1727322769261457, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51349, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322742995637, "etime": 1727322742995637, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51323, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322773385940, "etime": 1727322773385940, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51354, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322778464168, "etime": 1727322778464168, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51359, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322768245380, "etime": 1727322768245380, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51348, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322744012747, "etime": 1727322744012747, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51324, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322774401861, "etime": 1727322774401861, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51355, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322776433169, "etime": 1727322776433169, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51357, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322765199893, "etime": 1727322765199893, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51345, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322733762500, "etime": 1727322733762500, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51313, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322762152233, "etime": 1727322762152233, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51342, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322734776644, "etime": 1727322734776644, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51314, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322741980811, "etime": 1727322741980811, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51322, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322754979654, "etime": 1727322754979654, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51334, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322735882149, "etime": 1727322735882149, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51316, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322748698953, "etime": 1727322748698953, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51327, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322766214702, "etime": 1727322766214702, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51346, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322770276862, "etime": 1727322770276862, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51350, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322751942230, "etime": 1727322751942230, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51331, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322740965361, "etime": 1727322740965361, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51321, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322736886769, "etime": 1727322736886769, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51317, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322671630627, "etime": 1727322671630627, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51309, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322750929137, "etime": 1727322750929137, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51330, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322753964743, "etime": 1727322753964743, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51333, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322746668989, "etime": 1727322746668989, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51325, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322760121021, "etime": 1727322760121021, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51340, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322761136304, "etime": 1727322761136304, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51341, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322767230519, "etime": 1727322767230519, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51347, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322777449137, "etime": 1727322777449137, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51358, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322747693347, "etime": 1727322747693347, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51326, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322738934492, "etime": 1727322738934492, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51319, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322755996069, "etime": 1727322755996069, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51335, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322757084893, "etime": 1727322757084893, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51337, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322772370638, "etime": 1727322772370638, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51353, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322759105073, "etime": 1727322759105073, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51339, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322770342837, "etime": 1727322770342837, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51351, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322775417972, "etime": 1727322775417972, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51356, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322739948882, "etime": 1727322739948882, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51320, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322771354878, "etime": 1727322771354878, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51352, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322758089287, "etime": 1727322758089287, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51338, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322752949050, "etime": 1727322752949050, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51332, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322750730138, "etime": 1727322750730138, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51329, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322731653193, "etime": 1727322731653193, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51310, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322732729837, "etime": 1727322732729837, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51312, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322737918821, "etime": 1727322737918821, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51318, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322757011578, "etime": 1727322757011578, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51336, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322731717116, "etime": 1727322731717116, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51311, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322749722095, "etime": 1727322749722095, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51328, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322763167387, "etime": 1727322763167387, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51343, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322735808036, "etime": 1727322735808036, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51315, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322764183021, "etime": 1727322764183021, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51344, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322671609275, "etime": 1727322671609275, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51308, "dest_port": 8090, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:29:43.982] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:29:44.630] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25884 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID46-httpCS4.8_windowsserver2022_kali_openjdk_IP.1727321865.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID46-httpCS4.8_windowsserver2022_kali_openjdk_IP.1727321865.jsonl?X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T122944Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=00feead95f31542842843bc4429350374cfc90e375548f754cec38f4e342539a"}
[2025-12-09 20:29:44.630] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:29:44.630] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:29:44.630] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:29:44.630] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:29:44.630] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:29:44.631] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:29:46.978] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID46-httpCS4.8_windowsserver2022_kali_openjdk_IP.1727321865.jsonl|result:{"code": 0, "total_count": 49, "abnormal_count": 0, "normal_count": 49, "alert_count": 0, "timestamp": 1765312186977, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727321944103954, "etime": 1727321944103954, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51042, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321959215947, "etime": 1727321959215947, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51059, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321927833202, "etime": 1727321927833202, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51024, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321929869501, "etime": 1727321929869501, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51028, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321960229478, "etime": 1727321960229478, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51060, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321962260254, "etime": 1727321962260254, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51062, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321963354992, "etime": 1727321963354992, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51064, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321965385311, "etime": 1727321965385311, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51066, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321928854159, "etime": 1727321928854159, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51027, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321946135409, "etime": 1727321946135409, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51044, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321941042002, "etime": 1727321941042002, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51039, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321865716654, "etime": 1727321865716654, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51007, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321952322829, "etime": 1727321952322829, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51051, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321939010930, "etime": 1727321939010930, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51037, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321945120166, "etime": 1727321945120166, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51043, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321963276013, "etime": 1727321963276013, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51063, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321969454918, "etime": 1727321969454918, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51071, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321925789855, "etime": 1727321925789855, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51022, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321931901568, "etime": 1727321931901568, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51030, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321940025882, "etime": 1727321940025882, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51038, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321958995533, "etime": 1727321958995533, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51058, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321925729269, "etime": 1727321925729269, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51021, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321954354527, "etime": 1727321954354527, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51055, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321968432299, "etime": 1727321968432299, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51069, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321947151230, "etime": 1727321947151230, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51045, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321961244579, "etime": 1727321961244579, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51061, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321926807309, "etime": 1727321926807309, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51023, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321951307980, "etime": 1727321951307980, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51050, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321933933032, "etime": 1727321933933032, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51032, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321934947957, "etime": 1727321934947957, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51033, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321964369920, "etime": 1727321964369920, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51065, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321956940978, "etime": 1727321956940978, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51056, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321932916870, "etime": 1727321932916870, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51031, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321937994618, "etime": 1727321937994618, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51036, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321950291494, "etime": 1727321950291494, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51049, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321957947740, "etime": 1727321957947740, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51057, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321966400895, "etime": 1727321966400895, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51067, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321865697974, "etime": 1727321865697974, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51006, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321942057592, "etime": 1727321942057592, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51040, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321935963270, "etime": 1727321935963270, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51034, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321949276336, "etime": 1727321949276336, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51048, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321967417390, "etime": 1727321967417390, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51068, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321969448540, "etime": 1727321969448540, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51070, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321943089856, "etime": 1727321943089856, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51041, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321948256820, "etime": 1727321948256820, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51047, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321936978624, "etime": 1727321936978624, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51035, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321930885201, "etime": 1727321930885201, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51029, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321953338702, "etime": 1727321953338702, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51052, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727321948166803, "etime": 1727321948166803, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51046, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:29:46.978] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:29:47.770] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24205 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID47-httpCS4.8_windowsserver2022_ubuntu_jdk_domain3.1727320842.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID47-httpCS4.8_windowsserver2022_ubuntu_jdk_domain3.1727320842.jsonl?X-Amz-Date=20251209T122947Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=ed5721a309e546f396759241ec830e069767c2765d50a7f11f2b60c3e63f96b5&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:29:47.770] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:29:47.770] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:29:47.770] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:29:47.770] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:29:47.770] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:29:47.770] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:29:49.962] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID47-httpCS4.8_windowsserver2022_ubuntu_jdk_domain3.1727320842.jsonl|result:{"code": 0, "total_count": 47, "abnormal_count": 0, "normal_count": 47, "alert_count": 0, "timestamp": 1765312189960, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727320919418295, "etime": 1727320919418295, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50822, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320916167187, "etime": 1727320916167187, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50817, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320907886430, "etime": 1727320907886430, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50808, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320910043918, "etime": 1727320910043918, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50811, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320926558494, "etime": 1727320926558494, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50829, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320842754780, "etime": 1727320842754780, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50800, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320915136070, "etime": 1727320915136070, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50816, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320909028024, "etime": 1727320909028024, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50810, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320930637737, "etime": 1727320930637737, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50833, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320908015202, "etime": 1727320908015202, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50809, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320941433065, "etime": 1727320941433065, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50843, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320903808106, "etime": 1727320903808106, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50804, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320925542353, "etime": 1727320925542353, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50828, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320856777123, "etime": 1727320856777123, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50802, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727320938386681, "etime": 1727320938386681, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50840, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320939402169, "etime": 1727320939402169, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50841, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320931651555, "etime": 1727320931651555, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50834, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320934263028, "etime": 1727320934263028, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50835, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320911058396, "etime": 1727320911058396, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50812, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320923507876, "etime": 1727320923507876, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50826, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320927573803, "etime": 1727320927573803, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50830, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320936292717, "etime": 1727320936292717, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50837, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320914120815, "etime": 1727320914120815, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50815, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320906855460, "etime": 1727320906855460, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50807, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320980901671, "etime": 1727320980901671, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50846, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727320905839489, "etime": 1727320905839489, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50806, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320937308022, "etime": 1727320937308022, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50838, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320921449516, "etime": 1727320921449516, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50824, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320937374378, "etime": 1727320937374378, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50839, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320942449121, "etime": 1727320942449121, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50844, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320842775805, "etime": 1727320842775805, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50801, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320920433481, "etime": 1727320920433481, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50823, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320942458004, "etime": 1727320942458004, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50845, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320922464778, "etime": 1727320922464778, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50825, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320929620583, "etime": 1727320929620583, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50832, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320913104878, "etime": 1727320913104878, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50814, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320917183522, "etime": 1727320917183522, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50818, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320917381512, "etime": 1727320917381512, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50819, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320935276683, "etime": 1727320935276683, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50836, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320912089412, "etime": 1727320912089412, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50813, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320904824334, "etime": 1727320904824334, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50805, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320924527289, "etime": 1727320924527289, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50827, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320918839250, "etime": 1727320918839250, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50821, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727320918401795, "etime": 1727320918401795, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50820, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320928589899, "etime": 1727320928589899, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50831, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320902793033, "etime": 1727320902793033, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50803, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320940417342, "etime": 1727320940417342, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50842, "dest_port": 8100, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:29:49.962] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:29:50.940] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24206 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_domain_mogai4zwlkhflow1zwrkh.1726645526.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_domain_mogai4zwlkhflow1zwrkh.1726645526.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=6d928d40f24dde282ff5884c9b50dfb36cdec7d8c9675398a1885571b1c0a9b0&X-Amz-Date=20251209T122950Z"}
[2025-12-09 20:29:50.940] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:29:50.940] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:29:50.940] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:29:50.940] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:29:50.940] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:29:50.940] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:29:51.003] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_domain_mogai4zwlkhflow1zwrkh.1726645526.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312191002, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726645526006980, "etime": 1726645526006980, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49302, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:29:51.003] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:29:51.003] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:29:51.003] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:29:54.168] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25885 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_domain_mogai4zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49302.1726645526.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_domain_mogai4zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49302.1726645526.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T122953Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=6ec59601e33cbfb05a079338781edc5d1e62136dfeb15f540f7bbbcef4ca44fe"}
[2025-12-09 20:29:54.168] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:29:54.168] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:29:54.168] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:29:54.168] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:29:54.168] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:29:54.169] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:29:54.273] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_domain_mogai4zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49302.1726645526.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312194272, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726645526006980, "etime": 1726645526006980, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49302, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:29:54.273] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:29:54.273] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:29:54.273] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:29:57.302] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24207 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID47-httpCS4.8_windowsserver2022_ubuntu_jdk_IP.1727319482.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID47-httpCS4.8_windowsserver2022_ubuntu_jdk_IP.1727319482.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=fd3023c653cefe445dd6d777d37e1f2cd8726de12168ffa152720c1f45439a01&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T122957Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 20:29:57.302] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:29:57.302] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:29:57.303] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:29:57.303] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:29:57.303] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:29:57.303] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:29:59.600] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID47-httpCS4.8_windowsserver2022_ubuntu_jdk_IP.1727319482.jsonl|result:{"code": 0, "total_count": 43, "abnormal_count": 0, "normal_count": 43, "alert_count": 0, "timestamp": 1765312199599, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727319563229867, "etime": 1727319563229867, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50527, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319545932136, "etime": 1727319545932136, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50509, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319559091615, "etime": 1727319559091615, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50522, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319567291764, "etime": 1727319567291764, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50531, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319542885483, "etime": 1727319542885483, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50506, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319574635978, "etime": 1727319574635978, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50540, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319579713764, "etime": 1727319579713764, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50545, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319562214041, "etime": 1727319562214041, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50526, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319560121049, "etime": 1727319560121049, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50523, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319572510551, "etime": 1727319572510551, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50537, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319544917168, "etime": 1727319544917168, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50508, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319547963516, "etime": 1727319547963516, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50511, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319546948808, "etime": 1727319546948808, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50510, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319482834057, "etime": 1727319482834057, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50504, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319551620254, "etime": 1727319551620254, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50513, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319568307670, "etime": 1727319568307670, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50532, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319569416725, "etime": 1727319569416725, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50534, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319564245071, "etime": 1727319564245071, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50528, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319570433865, "etime": 1727319570433865, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50535, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319573526867, "etime": 1727319573526867, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50538, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319578697989, "etime": 1727319578697989, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50544, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319561199619, "etime": 1727319561199619, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50525, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319576666679, "etime": 1727319576666679, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50542, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319565260481, "etime": 1727319565260481, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50529, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319577682445, "etime": 1727319577682445, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50543, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319553683103, "etime": 1727319553683103, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50515, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319554698962, "etime": 1727319554698962, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50516, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319566277028, "etime": 1727319566277028, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50530, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319579724017, "etime": 1727319579724017, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50546, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319559011234, "etime": 1727319559011234, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50521, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319554940273, "etime": 1727319554940273, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50517, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319557979962, "etime": 1727319557979962, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50520, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319575651200, "etime": 1727319575651200, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50541, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319561135554, "etime": 1727319561135554, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50524, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319550612116, "etime": 1727319550612116, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50512, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319569323774, "etime": 1727319569323774, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50533, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319552667923, "etime": 1727319552667923, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50514, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319482865541, "etime": 1727319482865541, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50505, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319571496158, "etime": 1727319571496158, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50536, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319555949330, "etime": 1727319555949330, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50518, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319543901245, "etime": 1727319543901245, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50507, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319556963799, "etime": 1727319556963799, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50519, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727319573617630, "etime": 1727319573617630, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50539, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:29:59.600] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:30:00.553] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25886 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_domain_mogai4ywlkhflow_1ywrkh.1726050485.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_domain_mogai4ywlkhflow_1ywrkh.1726050485.jsonl?X-Amz-Signature=0b5391bc80b860e5b5ee048ad4d69162d3fafbdf509b2b33bdf4c597873813e6&X-Amz-Date=20251209T123000Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:30:00.553] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:30:00.553] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:30:00.554] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:30:00.554] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:30:00.554] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:30:00.554] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:30:00.617] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_domain_mogai4ywlkhflow_1ywrkh.1726050485.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312200616, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726050485585778, "etime": 1726050485585778, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.22", "src_port": 50462, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:30:00.617] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:30:00.617] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:30:00.617] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:30:03.739] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24648 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_domain_mogai4ywlkhflow_1ywrkh.pcap.TCP_192-168-88-22_50050_192-168-88-28_50462.1726050485.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_domain_mogai4ywlkhflow_1ywrkh.pcap.TCP_192-168-88-22_50050_192-168-88-28_50462.1726050485.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T123003Z&X-Amz-Signature=93ffc9e43c195f9e837a92efbc21b2992398fbf2278dc19381bb052676881310&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:30:03.739] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:30:03.739] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:30:03.739] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:30:03.739] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:30:03.739] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:30:03.740] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:30:03.843] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_domain_mogai4ywlkhflow_1ywrkh.pcap.TCP_192-168-88-22_50050_192-168-88-28_50462.1726050485.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312203843, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726050485585778, "etime": 1726050485585778, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.22", "src_port": 50462, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:30:03.843] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:30:03.843] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:30:03.843] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:30:06.943] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24649 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_domain_mogai6.1726051351.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_domain_mogai6.1726051351.jsonl?X-Amz-Date=20251209T123006Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=4a9350a075d337246428205aaadd3ced3332024b91cb316ada9709ac69840e82&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:30:06.943] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:30:06.944] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:30:06.944] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:30:06.944] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:30:06.944] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:30:06.945] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:30:07.061] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_domain_mogai6.1726051351.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312207060, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726051351888341, "etime": 1726051351888341, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.22", "src_port": 50508, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:30:07.061] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:30:07.061] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:30:07.061] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:30:10.051] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24650 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID47-httpCS4.8_windowsserver2022_ubuntu_jdk_domain2.1727320559.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID47-httpCS4.8_windowsserver2022_ubuntu_jdk_domain2.1727320559.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=599e1d8c1ac06c15f31c11d95b275dd3e2630575f247a4a3e48091febd30f73f&X-Amz-Date=20251209T123009Z&X-Amz-Expires=604800"}
[2025-12-09 20:30:10.051] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:30:10.051] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:30:10.051] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:30:10.051] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:30:10.051] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:30:10.052] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:30:12.564] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID47-httpCS4.8_windowsserver2022_ubuntu_jdk_domain2.1727320559.jsonl|result:{"code": 0, "total_count": 47, "abnormal_count": 0, "normal_count": 47, "alert_count": 0, "timestamp": 1765312212563, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727320619713588, "etime": 1727320619713588, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50751, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320648146373, "etime": 1727320648146373, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50781, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320643946788, "etime": 1727320643946788, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50775, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320656401109, "etime": 1727320656401109, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50790, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320626822862, "etime": 1727320626822862, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50758, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320624792298, "etime": 1727320624792298, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50756, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320645017178, "etime": 1727320645017178, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50777, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320649166740, "etime": 1727320649166740, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50782, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320631150909, "etime": 1727320631150909, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50763, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320625807681, "etime": 1727320625807681, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50757, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320639341776, "etime": 1727320639341776, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50772, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320646026050, "etime": 1727320646026050, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50778, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320648081674, "etime": 1727320648081674, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50780, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320652245635, "etime": 1727320652245635, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50785, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320651230257, "etime": 1727320651230257, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50784, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320640354392, "etime": 1727320640354392, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50773, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320608479766, "etime": 1727320608479766, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50750, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727320633245404, "etime": 1727320633245404, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50766, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320659464523, "etime": 1727320659464523, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50793, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320628870659, "etime": 1727320628870659, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50760, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320637307219, "etime": 1727320637307219, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50770, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320644963918, "etime": 1727320644963918, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50776, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320635276296, "etime": 1727320635276296, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50768, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320650182678, "etime": 1727320650182678, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50783, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320638323484, "etime": 1727320638323484, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50771, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320647042423, "etime": 1727320647042423, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50779, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320629116240, "etime": 1727320629116240, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50761, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320653276543, "etime": 1727320653276543, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50786, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320620729967, "etime": 1727320620729967, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50752, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320655385348, "etime": 1727320655385348, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50789, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320623776266, "etime": 1727320623776266, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50755, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320641369450, "etime": 1727320641369450, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50774, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320659473717, "etime": 1727320659473717, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50794, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320634260474, "etime": 1727320634260474, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50767, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320655307635, "etime": 1727320655307635, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50788, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320658448215, "etime": 1727320658448215, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50792, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320654291430, "etime": 1727320654291430, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50787, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320630136006, "etime": 1727320630136006, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50762, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320621745110, "etime": 1727320621745110, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50753, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320622760676, "etime": 1727320622760676, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50754, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320636291852, "etime": 1727320636291852, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50769, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320657434762, "etime": 1727320657434762, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50791, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320559670228, "etime": 1727320559670228, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50748, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320632234436, "etime": 1727320632234436, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50765, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320559693503, "etime": 1727320559693503, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50749, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320632166906, "etime": 1727320632166906, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50764, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320627839096, "etime": 1727320627839096, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50759, "dest_port": 8100, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:30:12.564] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:30:13.158] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25887 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID48-httpCS4.8_windowsserver2022_ubuntu_openjdk_IP.1727318251.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID48-httpCS4.8_windowsserver2022_ubuntu_openjdk_IP.1727318251.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T123012Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=30d284cae0e44c380eb01a9e7b3e2ec7a94bc0379c610960804b6baae1b6bad4&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:30:13.158] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:30:13.158] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:30:13.159] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:30:13.159] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:30:13.159] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:30:13.159] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:30:15.416] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID48-httpCS4.8_windowsserver2022_ubuntu_openjdk_IP.1727318251.jsonl|result:{"code": 0, "total_count": 43, "abnormal_count": 0, "normal_count": 43, "alert_count": 0, "timestamp": 1765312215415, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727318316870031, "etime": 1727318316870031, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50156, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318317900891, "etime": 1727318317900891, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50157, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318347229461, "etime": 1727318347229461, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50190, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318338979184, "etime": 1727318338979184, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50180, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318313822238, "etime": 1727318313822238, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50153, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318314839741, "etime": 1727318314839741, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50154, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318325088912, "etime": 1727318325088912, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50165, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318336945901, "etime": 1727318336945901, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50178, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318313604389, "etime": 1727318313604389, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50152, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318329245237, "etime": 1727318329245237, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50170, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318345198209, "etime": 1727318345198209, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50188, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318346213702, "etime": 1727318346213702, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50189, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318251566830, "etime": 1727318251566830, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50148, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318339995362, "etime": 1727318339995362, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50181, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318318916491, "etime": 1727318318916491, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50158, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318332307483, "etime": 1727318332307483, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50173, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318311574144, "etime": 1727318311574144, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50150, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318327213401, "etime": 1727318327213401, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50168, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318328228738, "etime": 1727318328228738, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50169, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318340064166, "etime": 1727318340064166, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50182, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318320017729, "etime": 1727318320017729, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50160, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318342089497, "etime": 1727318342089497, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50184, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318322041320, "etime": 1727318322041320, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50162, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318251512140, "etime": 1727318251512140, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50147, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318326190946, "etime": 1727318326190946, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50167, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318331291393, "etime": 1727318331291393, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50172, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318326119324, "etime": 1727318326119324, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50166, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318337963393, "etime": 1727318337963393, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50179, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318348253116, "etime": 1727318348253116, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50192, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318330277581, "etime": 1727318330277581, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50171, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318344191780, "etime": 1727318344191780, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50187, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318315853905, "etime": 1727318315853905, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50155, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318341072776, "etime": 1727318341072776, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50183, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318334338405, "etime": 1727318334338405, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50175, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318344119917, "etime": 1727318344119917, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50186, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318333322522, "etime": 1727318333322522, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50174, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318312588131, "etime": 1727318312588131, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50151, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318343104019, "etime": 1727318343104019, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50185, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318319932680, "etime": 1727318319932680, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50159, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318321026625, "etime": 1727318321026625, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50161, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318348244221, "etime": 1727318348244221, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50191, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318324072508, "etime": 1727318324072508, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50164, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727318323057539, "etime": 1727318323057539, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50163, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:30:15.416] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:30:16.381] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25888 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_IP_mogai2ywlkhflow_1ywrkh.1726049011.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_IP_mogai2ywlkhflow_1ywrkh.1726049011.jsonl?X-Amz-Date=20251209T123015Z&X-Amz-Signature=2ec3e2d1008c12e1321c91f6a57e6a2be0fef5e124638342752830a8e857103c&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 20:30:16.381] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:30:16.381] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:30:16.381] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:30:16.381] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:30:16.381] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:30:16.382] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:30:16.445] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_IP_mogai2ywlkhflow_1ywrkh.1726049011.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312216444, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726049011841159, "etime": 1726049011841159, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.22", "src_port": 50375, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:30:16.445] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:30:16.445] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:30:16.445] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:30:19.586] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25889 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_IP_mogai2ywlkhflow_1ywrkh.pcap.TCP_192-168-88-22_50050_192-168-88-28_50375.1726049011.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_IP_mogai2ywlkhflow_1ywrkh.pcap.TCP_192-168-88-22_50050_192-168-88-28_50375.1726049011.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123019Z&X-Amz-Expires=604800&X-Amz-Signature=434fb802ffe4e01f6510534f8cbebc13b8ef9f75370f7f99fe8c53ae3fa6401b&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:30:19.586] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:30:19.586] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:30:19.587] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:30:19.587] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:30:19.587] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:30:19.587] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:30:19.679] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_IP_mogai2ywlkhflow_1ywrkh.pcap.TCP_192-168-88-22_50050_192-168-88-28_50375.1726049011.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312219678, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726049011841159, "etime": 1726049011841159, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.22", "src_port": 50375, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:30:19.679] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:30:19.679] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:30:19.679] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:30:22.815] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24208 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID39-tls1.2CS4.8_windowsserver2008R2_ubuntu_jdk_IP.1726235797.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID39-tls1.2CS4.8_windowsserver2008R2_ubuntu_jdk_IP.1726235797.jsonl?X-Amz-Signature=379e27c02f7dc55768d6048304e84ec989800ae771b62dcd42ea725e3c81fb7d&X-Amz-Date=20251209T123022Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 20:30:22.815] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:30:22.815] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:30:22.815] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:30:22.815] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:30:22.816] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:30:22.816] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:30:28.192] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID39-tls1.2CS4.8_windowsserver2008R2_ubuntu_jdk_IP.1726235797.jsonl|result:{"code": 1, "total_count": 102, "abnormal_count": 100, "normal_count": 2, "alert_count": 100, "timestamp": 1765312228191, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726235913870463, "etime": 1726235913870463, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50863, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235875790502, "etime": 1726235875790502, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50815, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235924805606, "etime": 1726235924805606, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50877, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235889238177, "etime": 1726235889238177, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50837, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1726235874201516, "etime": 1726235874201516, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50813, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235894521465, "etime": 1726235894521465, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50845, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1726235960514006, "etime": 1726235960514006, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50923, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235872614970, "etime": 1726235872614970, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50811, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235918569714, "etime": 1726235918569714, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50869, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235986723235, "etime": 1726235986723235, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50957, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236009669728, "etime": 1726236009669728, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50987, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235926350350, "etime": 1726235926350350, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50879, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235980591472, "etime": 1726235980591472, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50949, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236011740360, "etime": 1726236011740360, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50991, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235877975336, "etime": 1726235877975336, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50819, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235969765505, "etime": 1726235969765505, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50935, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235977503471, "etime": 1726235977503471, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50945, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235985195068, "etime": 1726235985195068, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50955, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235870471337, "etime": 1726235870471337, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50807, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235920125577, "etime": 1726235920125577, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50871, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235958970073, "etime": 1726235958970073, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50921, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235971309543, "etime": 1726235971309543, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50937, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235893886897, "etime": 1726235893886897, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50843, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236000465420, "etime": 1726236000465420, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50975, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235871067648, "etime": 1726235871067648, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50809, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235932606478, "etime": 1726235932606478, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50887, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235965147340, "etime": 1726235965147340, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50929, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235931046403, "etime": 1726235931046403, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50885, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236011199634, "etime": 1726236011199634, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50989, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235910189462, "etime": 1726235910189462, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50857, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235989796237, "etime": 1726235989796237, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50961, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235921670736, "etime": 1726235921670736, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50873, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235935710760, "etime": 1726235935710760, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50891, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235974429382, "etime": 1726235974429382, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50941, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236005068779, "etime": 1726236005068779, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50981, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235982105036, "etime": 1726235982105036, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50951, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235910797642, "etime": 1726235910797642, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50859, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1726235915430816, "etime": 1726235915430816, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50865, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235867305027, "etime": 1726235867305027, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50803, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235954336651, "etime": 1726235954336651, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50915, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235963587533, "etime": 1726235963587533, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50927, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235955896481, "etime": 1726235955896481, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50917, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235907645785, "etime": 1726235907645785, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50853, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235948129165, "etime": 1726235948129165, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50907, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236003555060, "etime": 1726236003555060, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50979, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235880162137, "etime": 1726235880162137, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50823, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235972854212, "etime": 1726235972854212, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50939, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235890781871, "etime": 1726235890781871, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50839, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235888582422, "etime": 1726235888582422, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50835, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235949688657, "etime": 1726235949688657, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50909, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235884853845, "etime": 1726235884853845, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50829, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235929485614, "etime": 1726235929485614, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50883, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236006597256, "etime": 1726236006597256, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50983, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235952762036, "etime": 1726235952762036, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50913, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235927909737, "etime": 1726235927909737, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50881, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235945007418, "etime": 1726235945007418, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50903, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235916990454, "etime": 1726235916990454, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50867, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235864218446, "etime": 1726235864218446, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50799, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235897662289, "etime": 1726235897662289, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50849, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235865774949, "etime": 1726235865774949, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50801, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235957441431, "etime": 1726235957441431, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50919, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235988267113, "etime": 1726235988267113, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50959, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235862640976, "etime": 1726235862640976, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50797, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235938830483, "etime": 1726235938830483, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50895, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235992838163, "etime": 1726235992838163, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50965, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235937270777, "etime": 1726235937270777, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50893, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235991309156, "etime": 1726235991309156, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50963, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235995879415, "etime": 1726235995879415, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50969, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235943463146, "etime": 1726235943463146, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50901, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235797397833, "etime": 1726235797397833, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50789, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235908631401, "etime": 1726235908631401, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50855, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1726235941919023, "etime": 1726235941919023, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50899, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235858007880, "etime": 1726235858007880, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50791, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235951232829, "etime": 1726235951232829, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50911, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235876395237, "etime": 1726235876395237, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50817, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1726235883279533, "etime": 1726235883279533, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50827, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235906104041, "etime": 1726235906104041, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50851, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1726235912341322, "etime": 1726235912341322, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50861, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235923246863, "etime": 1726235923246863, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50875, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235934165783, "etime": 1726235934165783, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50889, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235861126771, "etime": 1726235861126771, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50795, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235887038609, "etime": 1726235887038609, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50833, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235962043256, "etime": 1726235962043256, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50925, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235968221158, "etime": 1726235968221158, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50933, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235983666532, "etime": 1726235983666532, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50953, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235868879637, "etime": 1726235868879637, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50805, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235994350428, "etime": 1726235994350428, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50967, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235879566623, "etime": 1726235879566623, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50821, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235881703133, "etime": 1726235881703133, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50825, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235946568413, "etime": 1726235946568413, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50905, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235896086429, "etime": 1726235896086429, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50847, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235966693034, "etime": 1726235966693034, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50931, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235975974736, "etime": 1726235975974736, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50943, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236008141172, "etime": 1726236008141172, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50985, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235940391066, "etime": 1726235940391066, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50897, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235892327287, "etime": 1726235892327287, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50841, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235997423465, "etime": 1726235997423465, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50971, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235979047855, "etime": 1726235979047855, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50947, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236002010505, "etime": 1726236002010505, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50977, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235998953853, "etime": 1726235998953853, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50973, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235885488258, "etime": 1726235885488258, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50831, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726235859582467, "etime": 1726235859582467, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50793, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:30:28.192] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 100|max_alert: 1000
[2025-12-09 20:30:28.192] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:30:28.192] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:30:28.192] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24209 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_domain_mogai6.pcap.TCP_192-168-88-22_50050_192-168-88-28_50508.1726051351.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_domain_mogai6.pcap.TCP_192-168-88-22_50050_192-168-88-28_50508.1726051351.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=30e841017115f7624f221706e44ebdb3dae9833e8c844942ad1d7054a8d936d4&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T123025Z"}
[2025-12-09 20:30:28.193] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:30:28.193] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:30:28.193] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:30:28.193] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:30:28.193] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:30:28.193] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:30:28.260] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_domain_mogai6.pcap.TCP_192-168-88-22_50050_192-168-88-28_50508.1726051351.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312228260, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726051351888341, "etime": 1726051351888341, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.22", "src_port": 50508, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:30:28.261] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:30:28.261] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:30:28.261] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:30:29.213] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24651 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_domain_mogai6ywlkhflow_1ywrkh.1726050849.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_domain_mogai6ywlkhflow_1ywrkh.1726050849.jsonl?X-Amz-Date=20251209T123028Z&X-Amz-Expires=604800&X-Amz-Signature=48f9df761f38b757fbc6c29d28f1353c7221eae8690b262f92a30464a47dcfc5&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:30:29.213] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:30:29.213] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:30:29.213] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:30:29.213] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:30:29.213] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:30:29.214] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:30:29.277] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_domain_mogai6ywlkhflow_1ywrkh.1726050849.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312229277, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726050849570878, "etime": 1726050849570878, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.22", "src_port": 50486, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:30:29.277] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:30:29.277] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:30:29.277] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:30:32.402] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25890 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_domain_mogai6ywlkhflow_1ywrkh.pcap.TCP_192-168-88-22_50050_192-168-88-28_50486.1726050849.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_domain_mogai6ywlkhflow_1ywrkh.pcap.TCP_192-168-88-22_50050_192-168-88-28_50486.1726050849.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T123031Z&X-Amz-Signature=78611585cd126532711e08aa1e6b99b7562b9314e3082ba10577fac055327b04&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:30:32.402] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:30:32.402] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:30:32.402] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:30:32.402] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:30:32.402] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:30:32.403] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:30:32.509] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_domain_mogai6ywlkhflow_1ywrkh.pcap.TCP_192-168-88-22_50050_192-168-88-28_50486.1726050849.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312232508, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726050849570878, "etime": 1726050849570878, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.22", "src_port": 50486, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:30:32.509] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:30:32.509] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:30:32.509] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:30:35.508] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25891 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID48-httpCS4.8_windowsserver2022_ubuntu_openjdk_domain1.1727316562.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID48-httpCS4.8_windowsserver2022_ubuntu_openjdk_domain1.1727316562.jsonl?X-Amz-Signature=75a76dc47a2dafdc48e0891898d1c5bdc3495c39c634fdf3898ede748faa55ef&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T123035Z&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:30:35.508] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:30:35.509] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:30:35.509] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:30:35.509] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:30:35.509] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:30:35.510] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:30:37.710] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID48-httpCS4.8_windowsserver2022_ubuntu_openjdk_domain1.1727316562.jsonl|result:{"code": 0, "total_count": 41, "abnormal_count": 0, "normal_count": 41, "alert_count": 0, "timestamp": 1765312237708, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727316637890993, "etime": 1727316637890993, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49775, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316635860300, "etime": 1727316635860300, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49773, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316646282833, "etime": 1727316646282833, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49785, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316652484289, "etime": 1727316652484289, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49792, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316643246571, "etime": 1727316643246571, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49782, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316653578928, "etime": 1727316653578928, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49794, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316623062822, "etime": 1727316623062822, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49762, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316628750203, "etime": 1727316628750203, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49766, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316655640831, "etime": 1727316655640831, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49796, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316631797382, "etime": 1727316631797382, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49769, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316625094448, "etime": 1727316625094448, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49764, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316645266544, "etime": 1727316645266544, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49784, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316646334501, "etime": 1727316646334501, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49786, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316644251618, "etime": 1727316644251618, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49783, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316649429822, "etime": 1727316649429822, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49789, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316641140785, "etime": 1727316641140785, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49779, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316633827951, "etime": 1727316633827951, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49771, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316648359336, "etime": 1727316648359336, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49788, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316622047189, "etime": 1727316622047189, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49761, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316624079522, "etime": 1727316624079522, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49763, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316629765789, "etime": 1727316629765789, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49767, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316562010366, "etime": 1727316562010366, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49759, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316638082803, "etime": 1727316638082803, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49776, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316654626798, "etime": 1727316654626798, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49795, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316657695161, "etime": 1727316657695161, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49799, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316630782049, "etime": 1727316630782049, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49768, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316647344617, "etime": 1727316647344617, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49787, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316656672377, "etime": 1727316656672377, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49797, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316643172299, "etime": 1727316643172299, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49781, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316639094540, "etime": 1727316639094540, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49777, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316651469019, "etime": 1727316651469019, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49791, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316632818260, "etime": 1727316632818260, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49770, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316634845093, "etime": 1727316634845093, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49772, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316636875095, "etime": 1727316636875095, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49774, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316650441589, "etime": 1727316650441589, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49790, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316652568952, "etime": 1727316652568952, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49793, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316657687891, "etime": 1727316657687891, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49798, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316562036856, "etime": 1727316562036856, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49760, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316640125738, "etime": 1727316640125738, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49778, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316642156930, "etime": 1727316642156930, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49780, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727316627730191, "etime": 1727316627730191, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49765, "dest_port": 8990, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:30:37.710] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:30:38.680] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24652 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_domain5zwlkhflow1zwrkh.1726642630.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_domain5zwlkhflow1zwrkh.1726642630.jsonl?X-Amz-Signature=6f61443938cfafe37cf18b3ece2aef06a9fc851e016289aca7b6537aeaa7a177&X-Amz-Expires=604800&X-Amz-Date=20251209T123038Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host"}
[2025-12-09 20:30:38.680] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:30:38.680] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:30:38.680] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:30:38.681] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:30:38.681] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:30:38.681] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:30:38.744] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_domain5zwlkhflow1zwrkh.1726642630.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312238744, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726642630518789, "etime": 1726642630518789, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49293, "dest_port": 50050, "protocol": "tls", "result": "Godzilla"}]}
[2025-12-09 20:30:38.744] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:30:38.744] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:30:38.744] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:30:41.891] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24210 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_domain5zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49293.1726642630.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_domain5zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49293.1726642630.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T123041Z&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=594280ec0e98d4d6a8226d69016f336d3b47af05ec2e2ff3c61fcf8e5eff8fac"}
[2025-12-09 20:30:41.891] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:30:41.891] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:30:41.891] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:30:41.891] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:30:41.891] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:30:41.892] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:30:42.000] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_domain5zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49293.1726642630.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312241999, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726642630518789, "etime": 1726642630518789, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49293, "dest_port": 50050, "protocol": "tls", "result": "Godzilla"}]}
[2025-12-09 20:30:42.000] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:30:42.000] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:30:42.000] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:30:45.074] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24211 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_domain_mogai.1726046985.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_domain_mogai.1726046985.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=86a87020339871890ca6dc830d5ad58c94a7ae87249211e7811d78e540ed788a&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Date=20251209T123044Z"}
[2025-12-09 20:30:45.075] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:30:45.075] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:30:45.075] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:30:45.075] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:30:45.075] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:30:45.076] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:30:45.188] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_domain_mogai.1726046985.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312245187, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726046985257107, "etime": 1726046985257107, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.22", "src_port": 50357, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:30:45.188] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:30:45.188] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:30:45.188] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:30:48.181] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24212 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID47-httpCS4.8_windowsserver2022_ubuntu_jdk_domain1.1727320318.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID47-httpCS4.8_windowsserver2022_ubuntu_jdk_domain1.1727320318.jsonl?X-Amz-Signature=150ddf3b7d29e7a7bab8728ab2f42463a757c9333ced8392d460b85e5d4ff5a0&X-Amz-Date=20251209T123047Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:30:48.181] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:30:48.181] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:30:48.181] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:30:48.181] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:30:48.181] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:30:48.182] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:30:50.117] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID47-httpCS4.8_windowsserver2022_ubuntu_jdk_domain1.1727320318.jsonl|result:{"code": 0, "total_count": 36, "abnormal_count": 0, "normal_count": 36, "alert_count": 0, "timestamp": 1765312250116, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727320406589620, "etime": 1727320406589620, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50740, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320378996063, "etime": 1727320378996063, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50709, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320407606332, "etime": 1727320407606332, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50741, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320401434062, "etime": 1727320401434062, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50734, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320403464981, "etime": 1727320403464981, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50736, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320386808437, "etime": 1727320386808437, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50716, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320395151749, "etime": 1727320395151749, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50725, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320383683560, "etime": 1727320383683560, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50712, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320318956108, "etime": 1727320318956108, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50702, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320394136569, "etime": 1727320394136569, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50724, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320385802521, "etime": 1727320385802521, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50715, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320397262949, "etime": 1727320397262949, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50729, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320388839900, "etime": 1727320388839900, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50718, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320407613571, "etime": 1727320407613571, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50742, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320392105201, "etime": 1727320392105201, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50722, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320405574410, "etime": 1727320405574410, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50739, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320360198999, "etime": 1727320360198999, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50707, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727320380011586, "etime": 1727320380011586, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50710, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320384698949, "etime": 1727320384698949, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50713, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320390871278, "etime": 1727320390871278, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50720, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320393121405, "etime": 1727320393121405, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50723, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320396230645, "etime": 1727320396230645, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50727, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320400418155, "etime": 1727320400418155, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50733, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320395215747, "etime": 1727320395215747, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50726, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320382669602, "etime": 1727320382669602, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50711, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320387823796, "etime": 1727320387823796, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50717, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320398371290, "etime": 1727320398371290, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50731, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320397357279, "etime": 1727320397357279, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50730, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320402448609, "etime": 1727320402448609, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50735, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320389854994, "etime": 1727320389854994, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50719, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320318978633, "etime": 1727320318978633, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50703, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320385714614, "etime": 1727320385714614, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50714, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320399404650, "etime": 1727320399404650, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50732, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320391093302, "etime": 1727320391093302, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50721, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320403547601, "etime": 1727320403547601, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50737, "dest_port": 8100, "protocol": "tls", "result": "Normal"}, {"stime": 1727320404558222, "etime": 1727320404558222, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50738, "dest_port": 8100, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:30:50.117] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:30:51.395] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24213 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_domain_mogai.pcap.TCP_192-168-88-22_50050_192-168-88-28_50357.1726046985.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_domain_mogai.pcap.TCP_192-168-88-22_50050_192-168-88-28_50357.1726046985.jsonl?X-Amz-Expires=604800&X-Amz-Date=20251209T123050Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=5d9e2fce707895981c48dcb2872fc155496c67ab240e89616d373123fa6e7e4e"}
[2025-12-09 20:30:51.395] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:30:51.395] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:30:51.395] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:30:51.395] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:30:51.395] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:30:51.396] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:30:51.461] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_domain_mogai.pcap.TCP_192-168-88-22_50050_192-168-88-28_50357.1726046985.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312251460, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726046985257107, "etime": 1726046985257107, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.22", "src_port": 50357, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:30:51.461] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:30:51.461] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:30:51.461] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:30:54.586] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24214 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_domain_mogai5.1726051299.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_domain_mogai5.1726051299.jsonl?X-Amz-Signature=69dfef063e922a98cd96c8606770797ee9dac40bae2221f7da82e2db9f8c9789&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T123054Z"}
[2025-12-09 20:30:54.586] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:30:54.586] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:30:54.587] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:30:54.587] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:30:54.587] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:30:54.587] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:30:54.689] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_domain_mogai5.1726051299.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312254688, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726051299282633, "etime": 1726051299282633, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.22", "src_port": 50506, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:30:54.689] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:30:54.689] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:30:54.689] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:30:57.813] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24215 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_domain_mogai5.pcap.TCP_192-168-88-22_50050_192-168-88-28_50506.1726051299.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_domain_mogai5.pcap.TCP_192-168-88-22_50050_192-168-88-28_50506.1726051299.jsonl?X-Amz-Signature=dab477f1f943d784e4a58c4fcc444f4c384d1e0d31ee545c5014fc7ebaa6b4a4&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123057Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:30:57.813] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:30:57.813] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:30:57.813] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:30:57.813] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:30:57.813] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:30:57.814] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:30:57.928] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_domain_mogai5.pcap.TCP_192-168-88-22_50050_192-168-88-28_50506.1726051299.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312257927, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726051299282633, "etime": 1726051299282633, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.22", "src_port": 50506, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:30:57.928] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:30:57.928] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:30:57.928] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:31:00.931] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25892 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID3_CS4.8_win11_Ubuntu_jdk_IP_http.1726065194.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID3_CS4.8_win11_Ubuntu_jdk_IP_http.1726065194.jsonl?X-Amz-Date=20251209T123100Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=853d28e55a2ce761201eaaa9aa65ba53412dbab9f76b5d7b8533dea7696b941f&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:31:00.931] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:31:00.931] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:31:00.931] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:31:00.932] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:31:00.932] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:31:00.932] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:31:03.865] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID3_CS4.8_win11_Ubuntu_jdk_IP_http.1726065194.jsonl|result:{"code": 0, "total_count": 55, "abnormal_count": 0, "normal_count": 55, "alert_count": 0, "timestamp": 1765312263864, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726065293463595, "etime": 1726065293463595, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53859, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065294478391, "etime": 1726065294478391, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53860, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065273107644, "etime": 1726065273107644, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53839, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065302640063, "etime": 1726065302640063, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53868, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065255814109, "etime": 1726065255814109, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53822, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065262933143, "etime": 1726065262933143, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53829, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065278184945, "etime": 1726065278184945, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53844, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065285318146, "etime": 1726065285318146, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53851, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065305673584, "etime": 1726065305673584, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53873, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065283282094, "etime": 1726065283282094, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53849, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065292440515, "etime": 1726065292440515, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53858, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065269031627, "etime": 1726065269031627, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53835, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065280222348, "etime": 1726065280222348, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53846, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065295498961, "etime": 1726065295498961, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53861, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065300606292, "etime": 1726065300606292, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53866, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065275149446, "etime": 1726065275149446, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53841, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065272083500, "etime": 1726065272083500, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53838, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065194520238, "etime": 1726065194520238, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53818, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065261923943, "etime": 1726065261923943, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53828, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065287342844, "etime": 1726065287342844, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53853, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065305666461, "etime": 1726065305666461, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53872, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065271058517, "etime": 1726065271058517, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53837, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065297532887, "etime": 1726065297532887, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53863, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065277171185, "etime": 1726065277171185, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53843, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065290406340, "etime": 1726065290406340, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53856, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065194556670, "etime": 1726065194556670, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53819, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065257847231, "etime": 1726065257847231, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53824, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065282270844, "etime": 1726065282270844, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53848, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065296521920, "etime": 1726065296521920, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53862, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065298553973, "etime": 1726065298553973, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53864, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065254795559, "etime": 1726065254795559, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53821, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065268013363, "etime": 1726065268013363, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53834, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065270037246, "etime": 1726065270037246, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53836, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065276157852, "etime": 1726065276157852, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53842, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065299580214, "etime": 1726065299580214, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53865, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065301628366, "etime": 1726065301628366, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53867, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065304660192, "etime": 1726065304660192, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53871, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065267001837, "etime": 1726065267001837, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53833, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065279202818, "etime": 1726065279202818, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53845, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065289389639, "etime": 1726065289389639, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53855, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065281240841, "etime": 1726065281240841, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53847, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065303649767, "etime": 1726065303649767, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53870, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065291418479, "etime": 1726065291418479, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53857, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065254579246, "etime": 1726065254579246, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53820, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065258869589, "etime": 1726065258869589, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53825, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065274128514, "etime": 1726065274128514, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53840, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065263952119, "etime": 1726065263952119, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53830, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065256831956, "etime": 1726065256831956, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53823, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065286325937, "etime": 1726065286325937, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53852, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065264976250, "etime": 1726065264976250, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53831, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065260901617, "etime": 1726065260901617, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53827, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065265988430, "etime": 1726065265988430, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53832, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065259886211, "etime": 1726065259886211, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53826, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065284305599, "etime": 1726065284305599, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53850, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726065288376057, "etime": 1726065288376057, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53854, "dest_port": 8888, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:31:03.865] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:31:04.147] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24216 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_domain4zwlkhflow1zwrkh.1726642261.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_domain4zwlkhflow1zwrkh.1726642261.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123103Z&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=ee028da189a02056b8bccfd0f4d808de4884197488185b8a8ce614b7e37b0cc0"}
[2025-12-09 20:31:04.147] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:31:04.147] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:31:04.147] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:31:04.147] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:31:04.147] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:31:04.148] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:31:04.213] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_domain4zwlkhflow1zwrkh.1726642261.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312264213, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726642261482174, "etime": 1726642261482174, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49292, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:31:04.213] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:31:04.213] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:31:04.213] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:31:07.323] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24653 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_domain4zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49292.1726642261.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_domain4zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49292.1726642261.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123106Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=51983cdd2e5553fbd3f5a3df59e937805cb287c543d54c04a8ba092268c61b1d"}
[2025-12-09 20:31:07.323] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:31:07.323] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:31:07.323] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:31:07.323] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:31:07.323] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:31:07.324] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:31:07.427] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_domain4zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49292.1726642261.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312267427, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726642261482174, "etime": 1726642261482174, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49292, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:31:07.427] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:31:07.427] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:31:07.427] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:31:10.472] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25893 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID13-tls1.2CS4.8_win8_kali_jdk_domain.1727156056.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID13-tls1.2CS4.8_win8_kali_jdk_domain.1727156056.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Date=20251209T123109Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=438c053a12acd70ffb7d63b2cfeecb0e467d26d78a38f441c213a35bf3aa3c7f"}
[2025-12-09 20:31:10.472] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:31:10.473] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:31:10.473] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:31:10.473] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:31:10.473] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:31:10.474] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:31:11.532] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID13-tls1.2CS4.8_win8_kali_jdk_domain.1727156056.jsonl|result:{"code": 1, "total_count": 19, "abnormal_count": 4, "normal_count": 15, "alert_count": 4, "timestamp": 1765312271532, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727156119952295, "etime": 1727156119952295, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50246, "dest_port": 5443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727156128734031, "etime": 1727156128734031, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50253, "dest_port": 5443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156126441214, "etime": 1727156126441214, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50251, "dest_port": 5443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156059634288, "etime": 1727156059634288, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50244, "dest_port": 5443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727156056987959, "etime": 1727156056987959, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50243, "dest_port": 8001, "protocol": "tls", "result": "Normal"}, {"stime": 1727156136892091, "etime": 1727156136892091, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50261, "dest_port": 5443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156135738129, "etime": 1727156135738129, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50260, "dest_port": 5443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156134599322, "etime": 1727156134599322, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50259, "dest_port": 5443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156123024635, "etime": 1727156123024635, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50248, "dest_port": 5443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156133258108, "etime": 1727156133258108, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50257, "dest_port": 5443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156124162922, "etime": 1727156124162922, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50249, "dest_port": 5443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156125303173, "etime": 1727156125303173, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50250, "dest_port": 5443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156132134805, "etime": 1727156132134805, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50256, "dest_port": 5443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156133435745, "etime": 1727156133435745, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50258, "dest_port": 5443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727156121888245, "etime": 1727156121888245, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50247, "dest_port": 5443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727156137022493, "etime": 1727156137022493, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50262, "dest_port": 5443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156129857505, "etime": 1727156129857505, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50254, "dest_port": 5443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156127612101, "etime": 1727156127612101, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50252, "dest_port": 5443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156130996100, "etime": 1727156130996100, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50255, "dest_port": 5443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:31:11.532] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 4|max_alert: 1000
[2025-12-09 20:31:11.532] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:31:11.532] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:31:13.577] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24217 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID3_CS4.8_win11_Ubuntu_jdk_Domain_http.1726065730.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID3_CS4.8_win11_Ubuntu_jdk_Domain_http.1726065730.jsonl?X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=8bbfee5a27cb1d5f8b6c304dd36a31efe03cd2191a407c657573b60acaca834d&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123113Z"}
[2025-12-09 20:31:13.578] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:31:13.578] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:31:13.578] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:31:13.578] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:31:13.578] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:31:13.579] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:31:15.913] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID3_CS4.8_win11_Ubuntu_jdk_Domain_http.1726065730.jsonl|result:{"code": 0, "total_count": 44, "abnormal_count": 0, "normal_count": 44, "alert_count": 0, "timestamp": 1765312275912, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726065807821600, "etime": 1726065807821600, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53972, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065800685226, "etime": 1726065800685226, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53965, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065833268487, "etime": 1726065833268487, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53997, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065803741138, "etime": 1726065803741138, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53968, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065798649949, "etime": 1726065798649949, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53963, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065796611106, "etime": 1726065796611106, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53961, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065820029829, "etime": 1726065820029829, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53984, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065815956117, "etime": 1726065815956117, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53980, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065816973050, "etime": 1726065816973050, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53981, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065794566336, "etime": 1726065794566336, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53959, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065795584081, "etime": 1726065795584081, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53960, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065826145628, "etime": 1726065826145628, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53990, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065831242699, "etime": 1726065831242699, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53995, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065802725003, "etime": 1726065802725003, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53967, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065814936100, "etime": 1726065814936100, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53979, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065804753802, "etime": 1726065804753802, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53969, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065812891502, "etime": 1726065812891502, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53977, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065808836633, "etime": 1726065808836633, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53973, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065790961159, "etime": 1726065790961159, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53958, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065830219043, "etime": 1726065830219043, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53994, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065797629774, "etime": 1726065797629774, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53962, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065834292248, "etime": 1726065834292248, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53998, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065834297214, "etime": 1726065834297214, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53999, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065827173662, "etime": 1726065827173662, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53991, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065821045239, "etime": 1726065821045239, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53985, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065730743722, "etime": 1726065730743722, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53956, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065823080807, "etime": 1726065823080807, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53987, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065828193461, "etime": 1726065828193461, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53992, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065825121880, "etime": 1726065825121880, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53989, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065811883666, "etime": 1726065811883666, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53976, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065819005102, "etime": 1726065819005102, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53983, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065817993102, "etime": 1726065817993102, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53982, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065730918340, "etime": 1726065730918340, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53957, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065810865566, "etime": 1726065810865566, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53975, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065805773312, "etime": 1726065805773312, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53970, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065813911541, "etime": 1726065813911541, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53978, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065801704997, "etime": 1726065801704997, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53966, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065799664085, "etime": 1726065799664085, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53964, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065806797146, "etime": 1726065806797146, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53971, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065809852243, "etime": 1726065809852243, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53974, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065822061619, "etime": 1726065822061619, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53986, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065829206041, "etime": 1726065829206041, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53993, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065832262726, "etime": 1726065832262726, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53996, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726065824104622, "etime": 1726065824104622, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53988, "dest_port": 8889, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:31:15.913] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:31:16.738] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24654 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_domain_mogai4.1726051154.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_domain_mogai4.1726051154.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=9a02afbbe6f3f1a9930947f4bd880529fffd1ef7318669a27b3641d01406325e&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123116Z"}
[2025-12-09 20:31:16.738] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:31:16.738] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:31:16.738] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:31:16.738] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:31:16.738] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:31:16.739] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:31:16.803] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_domain_mogai4.1726051154.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312276802, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726051154666654, "etime": 1726051154666654, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.22", "src_port": 50500, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:31:16.803] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:31:16.803] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:31:16.803] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:31:19.922] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25894 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_domain_mogai4.pcap.TCP_192-168-88-22_50050_192-168-88-28_50500.1726051154.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_domain_mogai4.pcap.TCP_192-168-88-22_50050_192-168-88-28_50500.1726051154.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T123119Z&X-Amz-SignedHeaders=host&X-Amz-Signature=1113c9c2012b06c2b236aa52110846a2613017bf3c01cdc5a98cdc82a7250e10&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 20:31:19.922] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:31:19.922] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:31:19.923] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:31:19.923] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:31:19.923] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:31:19.924] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:31:20.026] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_domain_mogai4.pcap.TCP_192-168-88-22_50050_192-168-88-28_50500.1726051154.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312280025, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726051154666654, "etime": 1726051154666654, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.22", "src_port": 50500, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:31:20.026] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:31:20.026] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:31:20.026] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:31:23.111] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24655 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_domain_mogai6.1726052724.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_domain_mogai6.1726052724.jsonl?X-Amz-Signature=5ff6de2d71f257d83ce60faef374171005ce03c37d9086a7dcbc551be4a87f84&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123122Z"}
[2025-12-09 20:31:23.111] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:31:23.111] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:31:23.111] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:31:23.111] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:31:23.111] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:31:23.112] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:31:23.222] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_domain_mogai6.1726052724.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312283222, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726052724050323, "etime": 1726052724050323, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.24", "src_port": 50569, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:31:23.223] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:31:23.223] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:31:23.223] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:31:26.299] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24218 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_domain_mogai6.pcap.TCP_192-168-88-24_50050_192-168-88-28_50569.1726052724.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_domain_mogai6.pcap.TCP_192-168-88-24_50050_192-168-88-28_50569.1726052724.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T123125Z&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=45bafb099c3ac65dd40eaba5fca1e9d3f2f3ee821d3456c5caafc820641b3d52&X-Amz-SignedHeaders=host"}
[2025-12-09 20:31:26.299] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:31:26.299] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:31:26.299] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:31:26.299] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:31:26.299] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:31:26.300] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:31:26.410] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_domain_mogai6.pcap.TCP_192-168-88-24_50050_192-168-88-28_50569.1726052724.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312286410, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726052724050323, "etime": 1726052724050323, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.24", "src_port": 50569, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:31:26.411] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:31:26.411] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:31:26.411] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:31:29.404] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25895 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID10-httpCS4.8_win8.1_kali_openjdk_IP.1726074074.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID10-httpCS4.8_win8.1_kali_openjdk_IP.1726074074.jsonl?X-Amz-Date=20251209T123128Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=91f2a2a2784da01cf07a9e522f7db69d78f6a4e6e1cb88731396626323e535b6"}
[2025-12-09 20:31:29.404] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:31:29.404] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:31:29.405] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:31:29.405] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:31:29.405] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:31:29.405] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:31:31.594] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID10-httpCS4.8_win8.1_kali_openjdk_IP.1726074074.jsonl|result:{"code": 0, "total_count": 41, "abnormal_count": 0, "normal_count": 41, "alert_count": 0, "timestamp": 1765312291593, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726074163719610, "etime": 1726074163719610, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49604, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074142172731, "etime": 1726074142172731, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49582, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074166767116, "etime": 1726074166767116, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49607, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074177954055, "etime": 1726074177954055, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49619, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074147469804, "etime": 1726074147469804, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49588, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074156610196, "etime": 1726074156610196, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49597, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074167782642, "etime": 1726074167782642, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49608, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074177958121, "etime": 1726074177958121, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49620, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074149501176, "etime": 1726074149501176, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49590, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074153563183, "etime": 1726074153563183, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49594, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074142402421, "etime": 1726074142402421, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49583, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074148484950, "etime": 1726074148484950, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49589, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074151531498, "etime": 1726074151531498, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49592, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074176939029, "etime": 1726074176939029, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49618, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074174906738, "etime": 1726074174906738, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49616, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074158642690, "etime": 1726074158642690, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49599, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074164735826, "etime": 1726074164735826, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49605, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074172875888, "etime": 1726074172875888, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49614, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074150517091, "etime": 1726074150517091, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49591, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074162703616, "etime": 1726074162703616, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49603, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074152547332, "etime": 1726074152547332, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49593, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074170835585, "etime": 1726074170835585, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49611, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074161689515, "etime": 1726074161689515, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49602, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074168798531, "etime": 1726074168798531, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49609, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074171866877, "etime": 1726074171866877, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49613, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074146453882, "etime": 1726074146453882, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49587, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074160672832, "etime": 1726074160672832, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49601, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074082155130, "etime": 1726074082155130, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49581, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074154579159, "etime": 1726074154579159, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49595, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074159659040, "etime": 1726074159659040, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49600, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074175922810, "etime": 1726074175922810, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49617, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074145438308, "etime": 1726074145438308, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49586, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074144422308, "etime": 1726074144422308, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49585, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074157625778, "etime": 1726074157625778, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49598, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074082137058, "etime": 1726074082137058, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49580, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074171845892, "etime": 1726074171845892, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49612, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074155594754, "etime": 1726074155594754, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49596, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074143410035, "etime": 1726074143410035, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49584, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074169815228, "etime": 1726074169815228, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49610, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074165751651, "etime": 1726074165751651, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49606, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074173891902, "etime": 1726074173891902, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49615, "dest_port": 8888, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:31:31.594] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:31:32.542] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24219 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID4_CS4.8_win11_Ubuntu_openjdk_Domain_tls1.2.1727150401.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID4_CS4.8_win11_Ubuntu_openjdk_Domain_tls1.2.1727150401.jsonl?X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T123132Z&X-Amz-SignedHeaders=host&X-Amz-Signature=3cde665789381033355443dbec1351f4fa5b3772867598b5f2b0acab90fe514f"}
[2025-12-09 20:31:32.542] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:31:32.542] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:31:32.542] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:31:32.542] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:31:32.542] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:31:32.543] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:31:33.795] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID4_CS4.8_win11_Ubuntu_openjdk_Domain_tls1.2.1727150401.jsonl|result:{"code": 1, "total_count": 25, "abnormal_count": 2, "normal_count": 23, "alert_count": 2, "timestamp": 1765312293794, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727150480776531, "etime": 1727150480776531, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55516, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727150474369887, "etime": 1727150474369887, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55507, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727150483846853, "etime": 1727150483846853, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55521, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727150401508852, "etime": 1727150401508852, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55491, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727150403833467, "etime": 1727150403833467, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55492, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727150479512431, "etime": 1727150479512431, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55512, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727150476433537, "etime": 1727150476433537, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55509, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727150475398113, "etime": 1727150475398113, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55508, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727150471262053, "etime": 1727150471262053, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55503, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727150477465803, "etime": 1727150477465803, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55510, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727150463900235, "etime": 1727150463900235, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55499, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727150478488965, "etime": 1727150478488965, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55511, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727150479748462, "etime": 1727150479748462, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55513, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727150481797922, "etime": 1727150481797922, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55519, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727150487939917, "etime": 1727150487939917, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55526, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727150465493920, "etime": 1727150465493920, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55500, "dest_port": 9443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727150472292490, "etime": 1727150472292490, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55504, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727150470225434, "etime": 1727150470225434, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55502, "dest_port": 9443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727150466513344, "etime": 1727150466513344, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55501, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727150473327361, "etime": 1727150473327361, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55506, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727150486905801, "etime": 1727150486905801, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55524, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727150482817467, "etime": 1727150482817467, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55520, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727150484862079, "etime": 1727150484862079, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55522, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727150487961259, "etime": 1727150487961259, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55527, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727150485893393, "etime": 1727150485893393, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55523, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:31:33.795] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 2|max_alert: 1000
[2025-12-09 20:31:33.795] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:31:33.795] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:31:35.754] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24656 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_IP.1727226931.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_IP.1727226931.jsonl?X-Amz-Signature=69dfc1ac6e77b882dd88530a47d15485dbc7e92c7b1bcaa138f257cd90155ba0&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123135Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:31:35.754] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:31:35.754] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:31:35.754] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:31:35.754] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:31:35.754] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:31:35.755] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:31:36.522] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_IP.1727226931.jsonl|result:{"code": 1, "total_count": 15, "abnormal_count": 4, "normal_count": 11, "alert_count": 4, "timestamp": 1765312296522, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727226932201466, "etime": 1727226932201466, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49264, "dest_port": 11111, "protocol": "tls", "result": "Normal"}, {"stime": 1727226992416814, "etime": 1727226992416814, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49265, "dest_port": 11111, "protocol": "tls", "result": "Normal"}, {"stime": 1727227008704060, "etime": 1727227008704060, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49271, "dest_port": 11111, "protocol": "tls", "result": "Normal"}, {"stime": 1727227012357111, "etime": 1727227012357111, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49274, "dest_port": 11111, "protocol": "tls", "result": "Behinder"}, {"stime": 1727226998843630, "etime": 1727226998843630, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49267, "dest_port": 11111, "protocol": "tls", "result": "Normal"}, {"stime": 1727227017540758, "etime": 1727227017540758, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49276, "dest_port": 11111, "protocol": "tls", "result": "Behinder"}, {"stime": 1727226995629899, "etime": 1727226995629899, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49266, "dest_port": 11111, "protocol": "tls", "result": "Normal"}, {"stime": 1727227008926660, "etime": 1727227008926660, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49272, "dest_port": 11111, "protocol": "tls", "result": "Behinder"}, {"stime": 1727227005494000, "etime": 1727227005494000, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49270, "dest_port": 11111, "protocol": "tls", "result": "Normal"}, {"stime": 1727227012134877, "etime": 1727227012134877, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49273, "dest_port": 11111, "protocol": "tls", "result": "Normal"}, {"stime": 1727226931764415, "etime": 1727226931764415, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49263, "dest_port": 11111, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727227015566922, "etime": 1727227015566922, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49275, "dest_port": 11111, "protocol": "tls", "result": "Normal"}, {"stime": 1727227002057605, "etime": 1727227002057605, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49268, "dest_port": 11111, "protocol": "tls", "result": "Normal"}, {"stime": 1727227005270598, "etime": 1727227005270598, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49269, "dest_port": 11111, "protocol": "tls", "result": "Normal"}, {"stime": 1727227020761910, "etime": 1727227020761910, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49277, "dest_port": 11111, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:31:36.522] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 4|max_alert: 1000
[2025-12-09 20:31:36.522] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:31:36.522] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:31:38.941] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24220 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID40-tls1.2CS4.8_windowsserver2008R2_ubuntu_openjdk_domain.1726234603.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID40-tls1.2CS4.8_windowsserver2008R2_ubuntu_openjdk_domain.1726234603.jsonl?X-Amz-Date=20251209T123138Z&X-Amz-Signature=d38a15a8d3af5532d33d8538279426f26102e8a441253b8a1b9f4ebfbd572518&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 20:31:38.941] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:31:38.941] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:31:38.941] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:31:38.941] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:31:38.941] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:31:38.942] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:31:43.725] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID40-tls1.2CS4.8_windowsserver2008R2_ubuntu_openjdk_domain.1726234603.jsonl|result:{"code": 1, "total_count": 94, "abnormal_count": 92, "normal_count": 2, "alert_count": 92, "timestamp": 1765312303723, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726234729097645, "etime": 1726234729097645, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50546, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1726234722720592, "etime": 1726234722720592, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50545, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234752408263, "etime": 1726234752408263, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50562, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234666014132, "etime": 1726234666014132, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50468, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234691396035, "etime": 1726234691396035, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50502, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234802952180, "etime": 1726234802952180, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50595, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234673768369, "etime": 1726234673768369, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50478, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234740020996, "etime": 1726234740020996, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50554, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234721176779, "etime": 1726234721176779, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50544, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234692955542, "etime": 1726234692955542, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50504, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234712681304, "etime": 1726234712681304, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50534, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1726234801438782, "etime": 1726234801438782, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50594, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234603829392, "etime": 1726234603829392, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50464, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234712002866, "etime": 1726234712002866, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50532, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234667558503, "etime": 1726234667558503, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50470, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234687714058, "etime": 1726234687714058, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50496, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234738476510, "etime": 1726234738476510, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50553, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234761595615, "etime": 1726234761595615, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50568, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234763155493, "etime": 1726234763155493, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50569, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234681506044, "etime": 1726234681506044, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50488, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234786229891, "etime": 1726234786229891, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50584, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234669103048, "etime": 1726234669103048, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50472, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234695074657, "etime": 1726234695074657, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50508, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1726234705077111, "etime": 1726234705077111, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50522, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234744686557, "etime": 1726234744686557, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50557, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234780082042, "etime": 1726234780082042, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50580, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234790785231, "etime": 1726234790785231, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50587, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234755464727, "etime": 1726234755464727, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50564, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234719617275, "etime": 1726234719617275, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50543, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234781625915, "etime": 1726234781625915, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50581, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234766229836, "etime": 1726234766229836, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50571, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234689259396, "etime": 1726234689259396, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50498, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234750879202, "etime": 1726234750879202, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50561, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234731700637, "etime": 1726234731700637, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50548, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1726234760051684, "etime": 1726234760051684, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50567, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234795370312, "etime": 1726234795370312, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50590, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234699774836, "etime": 1726234699774836, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50514, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234700393478, "etime": 1726234700393478, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50516, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234733251565, "etime": 1726234733251565, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50549, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234736948738, "etime": 1726234736948738, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50552, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234753936110, "etime": 1726234753936110, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50563, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234696605961, "etime": 1726234696605961, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50510, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234710413579, "etime": 1726234710413579, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50530, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234793826297, "etime": 1726234793826297, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50589, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234718071366, "etime": 1726234718071366, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50542, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1726234694484750, "etime": 1726234694484750, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50506, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234701960049, "etime": 1726234701960049, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50518, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234789254757, "etime": 1726234789254757, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50586, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234698165887, "etime": 1726234698165887, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50512, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234714250940, "etime": 1726234714250940, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50536, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234683064943, "etime": 1726234683064943, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50490, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234664440193, "etime": 1726234664440193, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50466, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234675311963, "etime": 1726234675311963, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50480, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234678401384, "etime": 1726234678401384, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50484, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234730660784, "etime": 1726234730660784, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50547, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234775466190, "etime": 1726234775466190, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50577, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234798381041, "etime": 1726234798381041, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50592, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234799910912, "etime": 1726234799910912, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50593, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234803486357, "etime": 1726234803486357, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50596, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234707277797, "etime": 1726234707277797, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50526, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234676856850, "etime": 1726234676856850, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50482, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234735427478, "etime": 1726234735427478, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50551, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1726234715825267, "etime": 1726234715825267, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50538, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234767773486, "etime": 1726234767773486, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50572, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234670663828, "etime": 1726234670663828, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50474, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234770846962, "etime": 1726234770846962, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50574, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234689847536, "etime": 1726234689847536, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50500, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234749334369, "etime": 1726234749334369, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50560, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234772392504, "etime": 1726234772392504, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50575, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234769319248, "etime": 1726234769319248, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50573, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234784685270, "etime": 1726234784685270, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50583, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234708836761, "etime": 1726234708836761, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50528, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234741612569, "etime": 1726234741612569, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50555, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234703517214, "etime": 1726234703517214, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50520, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234764699949, "etime": 1726234764699949, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50570, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234783170770, "etime": 1726234783170770, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50582, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234773920826, "etime": 1726234773920826, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50576, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234792312442, "etime": 1726234792312442, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50588, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234757009506, "etime": 1726234757009506, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50565, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234684609926, "etime": 1726234684609926, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50492, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234734795046, "etime": 1726234734795046, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50550, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234747774093, "etime": 1726234747774093, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50559, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234796869126, "etime": 1726234796869126, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50591, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234778553956, "etime": 1726234778553956, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50579, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234787726209, "etime": 1726234787726209, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50585, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234672224092, "etime": 1726234672224092, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50476, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234686169584, "etime": 1726234686169584, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50494, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234679945698, "etime": 1726234679945698, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50486, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234706637304, "etime": 1726234706637304, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50524, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234717385744, "etime": 1726234717385744, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50540, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234746230388, "etime": 1726234746230388, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50558, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234777040687, "etime": 1726234777040687, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50578, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234758539721, "etime": 1726234758539721, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50566, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726234743158354, "etime": 1726234743158354, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50556, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:31:43.725] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 92|max_alert: 1000
[2025-12-09 20:31:43.725] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:31:43.725] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:31:43.725] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24221 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_IP_mogai3zwlkhflow1zwrkh.1726640423.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_IP_mogai3zwlkhflow1zwrkh.1726640423.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=5744a35aa7565ea3ae31529cfb0ba0348e366f17780a8bde64628c238630c676&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T123141Z&X-Amz-Expires=604800"}
[2025-12-09 20:31:43.725] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:31:43.725] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:31:43.725] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:31:43.725] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:31:43.725] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:31:43.725] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:31:43.771] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_IP_mogai3zwlkhflow1zwrkh.1726640423.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312303771, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726640423661236, "etime": 1726640423661236, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49277, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:31:43.771] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:31:43.771] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:31:43.771] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:31:45.321] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25896 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_IP_mogai3zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49277.1726640423.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_IP_mogai3zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49277.1726640423.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123144Z&X-Amz-Expires=604800&X-Amz-Signature=53afa33ad161d7388b16bb246dc80ce97e24ee86f0e6d42dd24db64fbe4dbd44&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host"}
[2025-12-09 20:31:45.321] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:31:45.321] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:31:45.322] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:31:45.322] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:31:45.322] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:31:45.322] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:31:45.385] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_IP_mogai3zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49277.1726640423.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312305384, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726640423661236, "etime": 1726640423661236, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49277, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:31:45.385] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:31:45.385] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:31:45.385] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:31:48.442] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25897 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-httpCS4.8_win8_ubuntu_openjdk_domain.1726132924.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-httpCS4.8_win8_ubuntu_openjdk_domain.1726132924.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T123147Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=7e06c11ef1768687886e08222d6cfd8b09b9fb1de7f8fa6d69969fc192f55b56"}
[2025-12-09 20:31:48.442] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:31:48.442] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:31:48.442] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:31:48.442] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:31:48.442] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:31:48.443] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:31:49.973] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-httpCS4.8_win8_ubuntu_openjdk_domain.1726132924.jsonl|result:{"code": 0, "total_count": 29, "abnormal_count": 0, "normal_count": 29, "alert_count": 0, "timestamp": 1765312309972, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726132990327240, "etime": 1726132990327240, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49223, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1726132995397246, "etime": 1726132995397246, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49229, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1726132993369587, "etime": 1726132993369587, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49227, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1726132996428264, "etime": 1726132996428264, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49231, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1726132989313496, "etime": 1726132989313496, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49222, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1726132924206239, "etime": 1726132924206239, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49214, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1726132996412007, "etime": 1726132996412007, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49230, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1726132992366225, "etime": 1726132992366225, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49226, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1726132998455015, "etime": 1726132998455015, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49233, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1726133003525731, "etime": 1726133003525731, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49238, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1726133005553873, "etime": 1726133005553873, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49240, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1726132992355510, "etime": 1726132992355510, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49225, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1726132924216298, "etime": 1726132924216298, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49215, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1726132999469007, "etime": 1726132999469007, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49234, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1726132997440897, "etime": 1726132997440897, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49232, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1726132988299223, "etime": 1726132988299223, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49221, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1726132987270097, "etime": 1726132987270097, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49219, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1726132984228515, "etime": 1726132984228515, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49216, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1726133001497086, "etime": 1726133001497086, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49236, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1726133000483369, "etime": 1726133000483369, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49235, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1726132986255890, "etime": 1726132986255890, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49218, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1726133007581307, "etime": 1726133007581307, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49242, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1726133002519299, "etime": 1726133002519299, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49237, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1726132988283829, "etime": 1726132988283829, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49220, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1726132991341501, "etime": 1726132991341501, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49224, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1726133006566955, "etime": 1726133006566955, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49241, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1726132994383642, "etime": 1726132994383642, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49228, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1726133004539124, "etime": 1726133004539124, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49239, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1726132985241867, "etime": 1726132985241867, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49217, "dest_port": 13392, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:31:49.973] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:31:51.548] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24657 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-httpCS4.8_win8_ubuntu_openjdk_domain1.1727161160.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-httpCS4.8_win8_ubuntu_openjdk_domain1.1727161160.jsonl?X-Amz-Date=20251209T123151Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=cfa690a157969e2bc9bace68c349c95f56b8e159e5baec4f7ce8527b1909bc21&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:31:51.548] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:31:51.548] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:31:51.548] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:31:51.548] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:31:51.548] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:31:51.549] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:31:52.923] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-httpCS4.8_win8_ubuntu_openjdk_domain1.1727161160.jsonl|result:{"code": 0, "total_count": 26, "abnormal_count": 0, "normal_count": 26, "alert_count": 0, "timestamp": 1765312312923, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727161256400758, "etime": 1727161256400758, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49266, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1727161253374415, "etime": 1727161253374415, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49265, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1727161259411930, "etime": 1727161259411930, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49267, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1727161262422452, "etime": 1727161262422452, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49268, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1727161226158735, "etime": 1727161226158735, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49254, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1727161268459758, "etime": 1727161268459758, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49270, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1727161235231437, "etime": 1727161235231437, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49259, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1727161232189582, "etime": 1727161232189582, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49257, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1727161160072656, "etime": 1727161160072656, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49250, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1727161220099681, "etime": 1727161220099681, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49251, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1727161241283856, "etime": 1727161241283856, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49261, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1727161276774827, "etime": 1727161276774827, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49273, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1727161232223079, "etime": 1727161232223079, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49258, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1727161270732186, "etime": 1727161270732186, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49271, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1727161273748150, "etime": 1727161273748150, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49272, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1727161279801382, "etime": 1727161279801382, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49274, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1727161247337092, "etime": 1727161247337092, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49263, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1727161229162944, "etime": 1727161229162944, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49255, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1727161265433458, "etime": 1727161265433458, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49269, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1727161238257762, "etime": 1727161238257762, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49260, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1727161244310508, "etime": 1727161244310508, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49262, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1727161226136513, "etime": 1727161226136513, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49253, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1727161229174778, "etime": 1727161229174778, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49256, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1727161160063144, "etime": 1727161160063144, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49249, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1727161223110256, "etime": 1727161223110256, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49252, "dest_port": 13392, "protocol": "tls", "result": "Normal"}, {"stime": 1727161250348473, "etime": 1727161250348473, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49264, "dest_port": 13392, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:31:52.923] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:31:54.690] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25898 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID10-httpCS4.8_win8.1_kali_openjdk_domain.1726074530.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID10-httpCS4.8_win8.1_kali_openjdk_domain.1726074530.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=f8964db636771f8117c7b9cfa788e99ec415f330a14acac03453ece72f376514&X-Amz-Date=20251209T123154Z&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:31:54.691] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:31:54.691] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:31:54.691] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:31:54.691] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:31:54.691] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:31:54.691] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:31:55.861] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID10-httpCS4.8_win8.1_kali_openjdk_domain.1726074530.jsonl|result:{"code": 0, "total_count": 22, "abnormal_count": 0, "normal_count": 22, "alert_count": 0, "timestamp": 1765312315860, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726074599503266, "etime": 1726074599503266, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49665, "dest_port": 8081, "protocol": "tls", "result": "Normal"}, {"stime": 1726074530028336, "etime": 1726074530028336, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49654, "dest_port": 8081, "protocol": "tls", "result": "Normal"}, {"stime": 1726074602803445, "etime": 1726074602803445, "src_ip": "192.168.32.43", "dest_ip": "23.6.178.36", "src_port": 49670, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1726074590035262, "etime": 1726074590035262, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49655, "dest_port": 8081, "protocol": "tls", "result": "Normal"}, {"stime": 1726074602554526, "etime": 1726074602554526, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49669, "dest_port": 8081, "protocol": "tls", "result": "Normal"}, {"stime": 1726074602811108, "etime": 1726074602811108, "src_ip": "192.168.32.43", "dest_ip": "184.28.50.138", "src_port": 49673, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1726074602807087, "etime": 1726074602807087, "src_ip": "192.168.32.43", "dest_ip": "138.113.153.218", "src_port": 49671, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1726074598488445, "etime": 1726074598488445, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49664, "dest_port": 8081, "protocol": "tls", "result": "Normal"}, {"stime": 1726074591361695, "etime": 1726074591361695, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49656, "dest_port": 8081, "protocol": "tls", "result": "Normal"}, {"stime": 1726074592378595, "etime": 1726074592378595, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49657, "dest_port": 8081, "protocol": "tls", "result": "Normal"}, {"stime": 1726074594413354, "etime": 1726074594413354, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49659, "dest_port": 8081, "protocol": "tls", "result": "Normal"}, {"stime": 1726074593394518, "etime": 1726074593394518, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49658, "dest_port": 8081, "protocol": "tls", "result": "Normal"}, {"stime": 1726074598472030, "etime": 1726074598472030, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49663, "dest_port": 8081, "protocol": "tls", "result": "Normal"}, {"stime": 1726074595425820, "etime": 1726074595425820, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49660, "dest_port": 8081, "protocol": "tls", "result": "Normal"}, {"stime": 1726074601534746, "etime": 1726074601534746, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49667, "dest_port": 8081, "protocol": "tls", "result": "Normal"}, {"stime": 1726074602807087, "etime": 1726074602807087, "src_ip": "192.168.32.43", "dest_ip": "138.113.153.218", "src_port": 49672, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1726074597457082, "etime": 1726074597457082, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49662, "dest_port": 8081, "protocol": "tls", "result": "Normal"}, {"stime": 1726074600519331, "etime": 1726074600519331, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49666, "dest_port": 8081, "protocol": "tls", "result": "Normal"}, {"stime": 1726074596441368, "etime": 1726074596441368, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49661, "dest_port": 8081, "protocol": "tls", "result": "Normal"}, {"stime": 1726074602550302, "etime": 1726074602550302, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49668, "dest_port": 8081, "protocol": "tls", "result": "Normal"}, {"stime": 1726074603260483, "etime": 1726074603260483, "src_ip": "192.168.32.43", "dest_ip": "138.113.153.218", "src_port": 49674, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1726074530010204, "etime": 1726074530010204, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49653, "dest_port": 8081, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:31:55.861] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:31:57.811] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25899 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID9-httpCS4.8_win8.1_kali_jdk_IP.1726074931.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID9-httpCS4.8_win8.1_kali_jdk_IP.1726074931.jsonl?X-Amz-Date=20251209T123157Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=19054e90b67339fae8293119a1f1589b3f6172324956ef03550dcb00aa94aca5&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:31:57.811] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:31:57.811] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:31:57.811] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:31:57.811] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:31:57.811] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:31:57.812] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:31:59.082] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID9-httpCS4.8_win8.1_kali_jdk_IP.1726074931.jsonl|result:{"code": 0, "total_count": 24, "abnormal_count": 0, "normal_count": 24, "alert_count": 0, "timestamp": 1765312319081, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726074992756879, "etime": 1726074992756879, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49719, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075005978237, "etime": 1726075005978237, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49733, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074995806040, "etime": 1726074995806040, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49722, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074998852342, "etime": 1726074998852342, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49725, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075009023492, "etime": 1726075009023492, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49737, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074931466328, "etime": 1726074931466328, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49717, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075006993095, "etime": 1726075006993095, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49734, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074996821694, "etime": 1726074996821694, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49723, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075001916123, "etime": 1726075001916123, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49729, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074993774984, "etime": 1726074993774984, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49720, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075008007918, "etime": 1726075008007918, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49736, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075010045297, "etime": 1726075010045297, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49739, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074991477823, "etime": 1726074991477823, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49718, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074997836652, "etime": 1726074997836652, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49724, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075010039588, "etime": 1726075010039588, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49738, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075004962411, "etime": 1726075004962411, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49732, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074994789372, "etime": 1726074994789372, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49721, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075000902139, "etime": 1726075000902139, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49728, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075003946857, "etime": 1726075003946857, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49731, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074931446537, "etime": 1726074931446537, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49716, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075002931265, "etime": 1726075002931265, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49730, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074999868756, "etime": 1726074999868756, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49726, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075007006070, "etime": 1726075007006070, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49735, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726074999886240, "etime": 1726074999886240, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49727, "dest_port": 8888, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:31:59.082] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:32:01.008] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24222 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID38-tls1.2CS4.8_windowsserver2008R2_kali_openjdk_domain.1726230460.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID38-tls1.2CS4.8_windowsserver2008R2_kali_openjdk_domain.1726230460.jsonl?X-Amz-Signature=b696a2fff429073999654ee787d0de5686912210139ee7cf9661d676178ba131&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123200Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host"}
[2025-12-09 20:32:01.008] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:32:01.008] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:32:01.008] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:32:01.008] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:32:01.008] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:32:01.009] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:32:05.722] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID38-tls1.2CS4.8_windowsserver2008R2_kali_openjdk_domain.1726230460.jsonl|result:{"code": 1, "total_count": 90, "abnormal_count": 88, "normal_count": 2, "alert_count": 88, "timestamp": 1765312325720, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726230553030628, "etime": 1726230553030628, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49468, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1726230532621944, "etime": 1726230532621944, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49452, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230537730037, "etime": 1726230537730037, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49456, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230545859274, "etime": 1726230545859274, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49462, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230595323428, "etime": 1726230595323428, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49494, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230568699934, "etime": 1726230568699934, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49479, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230605784393, "etime": 1726230605784393, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49501, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230590837683, "etime": 1726230590837683, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49491, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230620853445, "etime": 1726230620853445, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49511, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230573229975, "etime": 1726230573229975, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49482, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230644908074, "etime": 1726230644908074, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49527, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230646408257, "etime": 1726230646408257, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49528, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230649404634, "etime": 1726230649404634, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49530, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230542819332, "etime": 1726230542819332, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49460, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230651417512, "etime": 1726230651417512, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49532, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230524462198, "etime": 1726230524462198, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49446, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230559105820, "etime": 1726230559105820, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49472, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230578791889, "etime": 1726230578791889, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49483, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1726230547376012, "etime": 1726230547376012, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49463, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230547942131, "etime": 1726230547942131, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49464, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230570207816, "etime": 1726230570207816, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49480, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230640432405, "etime": 1726230640432405, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49524, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230556068417, "etime": 1726230556068417, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49470, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230522964235, "etime": 1726230522964235, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49445, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230565693309, "etime": 1726230565693309, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49477, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230589328470, "etime": 1726230589328470, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49490, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230610315805, "etime": 1726230610315805, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49504, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230560601830, "etime": 1726230560601830, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49473, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230593829265, "etime": 1726230593829265, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49493, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230557578949, "etime": 1726230557578949, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49471, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230460830342, "etime": 1726230460830342, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49441, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230564213798, "etime": 1726230564213798, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49476, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230521407574, "etime": 1726230521407574, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49443, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230544325221, "etime": 1726230544325221, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49461, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230604290931, "etime": 1726230604290931, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49500, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230607290213, "etime": 1726230607290213, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49502, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230580279440, "etime": 1726230580279440, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49484, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230598328415, "etime": 1726230598328415, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49496, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230562695696, "etime": 1726230562695696, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49475, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1726230623860933, "etime": 1726230623860933, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49513, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230571702038, "etime": 1726230571702038, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49481, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230631382591, "etime": 1726230631382591, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49518, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230647907022, "etime": 1726230647907022, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49529, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230587831258, "etime": 1726230587831258, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49489, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230534677436, "etime": 1726230534677436, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49454, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230641921329, "etime": 1726230641921329, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49525, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230541298650, "etime": 1726230541298650, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49459, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230619342422, "etime": 1726230619342422, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49510, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230622365574, "etime": 1726230622365574, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49512, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230586303290, "etime": 1726230586303290, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49488, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230632892206, "etime": 1726230632892206, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49519, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230608796980, "etime": 1726230608796980, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49503, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230528043734, "etime": 1726230528043734, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49449, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230616332353, "etime": 1726230616332353, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49508, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230634402604, "etime": 1726230634402604, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49520, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230592333451, "etime": 1726230592333451, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49492, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230549453891, "etime": 1726230549453891, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49465, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230596818129, "etime": 1726230596818129, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49495, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230614832861, "etime": 1726230614832861, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49507, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230613334406, "etime": 1726230613334406, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49506, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230635927586, "etime": 1726230635927586, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49521, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230650902254, "etime": 1726230650902254, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49531, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230599823359, "etime": 1726230599823359, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49497, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230626850794, "etime": 1726230626850794, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49515, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230525026913, "etime": 1726230525026913, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49447, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230529570120, "etime": 1726230529570120, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49450, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230531096985, "etime": 1726230531096985, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49451, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230562114265, "etime": 1726230562114265, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49474, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230554556101, "etime": 1726230554556101, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49469, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230602811715, "etime": 1726230602811715, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49499, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230540749122, "etime": 1726230540749122, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49458, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230581794997, "etime": 1726230581794997, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49485, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230584790827, "etime": 1726230584790827, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49487, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230617844511, "etime": 1726230617844511, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49509, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230625357647, "etime": 1726230625357647, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49514, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230533171308, "etime": 1726230533171308, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49453, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1726230550968589, "etime": 1726230550968589, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49466, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230552466435, "etime": 1726230552466435, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49467, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230567203307, "etime": 1726230567203307, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49478, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230611817510, "etime": 1726230611817510, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49505, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230629872703, "etime": 1726230629872703, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49517, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230638925712, "etime": 1726230638925712, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49523, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230628361637, "etime": 1726230628361637, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49516, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230539238841, "etime": 1726230539238841, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49457, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230637422241, "etime": 1726230637422241, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49522, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230526533269, "etime": 1726230526533269, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49448, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230536203465, "etime": 1726230536203465, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49455, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230583292541, "etime": 1726230583292541, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49486, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230643410444, "etime": 1726230643410444, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49526, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726230601317374, "etime": 1726230601317374, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49498, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:32:05.722] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 88|max_alert: 1000
[2025-12-09 20:32:05.722] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:32:05.722] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:32:05.722] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25900 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID35-httpCS4.8_windowsserver2008_kali_jdk_IP.1727226754.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID35-httpCS4.8_windowsserver2008_kali_jdk_IP.1727226754.jsonl?X-Amz-Date=20251209T123203Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=c052bfbc4a76bd6e57284f81d6d08a8b5b72742ed195a06ed6a7297c6fd09947&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:32:05.722] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:32:05.722] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:32:05.722] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:32:05.722] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:32:05.722] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:32:05.722] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:32:06.853] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID35-httpCS4.8_windowsserver2008_kali_jdk_IP.1727226754.jsonl|result:{"code": 0, "total_count": 22, "abnormal_count": 0, "normal_count": 22, "alert_count": 0, "timestamp": 1765312326852, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727226858240684, "etime": 1727226858240684, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49239, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727226861251332, "etime": 1727226861251332, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49240, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727226754328447, "etime": 1727226754328447, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49219, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727226754336400, "etime": 1727226754336400, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49220, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727226814342336, "etime": 1727226814342336, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49221, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727226823374370, "etime": 1727226823374370, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49224, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727226829426222, "etime": 1727226829426222, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49228, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727226826385119, "etime": 1727226826385119, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49225, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727226835471663, "etime": 1727226835471663, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49231, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727226841485910, "etime": 1727226841485910, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49233, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727226817352589, "etime": 1727226817352589, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49222, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727226820363883, "etime": 1727226820363883, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49223, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727226838475343, "etime": 1727226838475343, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49232, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727226832438323, "etime": 1727226832438323, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49229, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727226829411973, "etime": 1727226829411973, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49227, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727226844496737, "etime": 1727226844496737, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49234, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727226855229491, "etime": 1727226855229491, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49238, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727226835449127, "etime": 1727226835449127, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49230, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727226849207832, "etime": 1727226849207832, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49236, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727226846201502, "etime": 1727226846201502, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49235, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727226852218801, "etime": 1727226852218801, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49237, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727226826405797, "etime": 1727226826405797, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49226, "dest_port": 11112, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:32:06.853] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:32:07.222] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24658 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-httpCS4.8_win8_ubuntu_openjdk_IP1.1727160805.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-httpCS4.8_win8_ubuntu_openjdk_IP1.1727160805.jsonl?X-Amz-Expires=604800&X-Amz-Date=20251209T123206Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=c758b1a615a5b9f1cdd9a56c968a8afa06b6fd7c3d4b3cd698eb16426ecdb722"}
[2025-12-09 20:32:07.222] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:32:07.222] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:32:07.222] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:32:07.222] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:32:07.222] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:32:07.223] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:32:08.373] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-httpCS4.8_win8_ubuntu_openjdk_IP1.1727160805.jsonl|result:{"code": 0, "total_count": 23, "abnormal_count": 0, "normal_count": 23, "alert_count": 0, "timestamp": 1765312328372, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727160805722002, "etime": 1727160805722002, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49199, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727160907483036, "etime": 1727160907483036, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49217, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727160893068090, "etime": 1727160893068090, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49212, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727160880922833, "etime": 1727160880922833, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49206, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727160899121280, "etime": 1727160899121280, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49214, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727160883968343, "etime": 1727160883968343, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49208, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727160904456537, "etime": 1727160904456537, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49216, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727160910525725, "etime": 1727160910525725, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49219, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727160871805128, "etime": 1727160871805128, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49202, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727160874831680, "etime": 1727160874831680, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49203, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727160890010866, "etime": 1727160890010866, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49210, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727160880884164, "etime": 1727160880884164, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49205, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727160901435484, "etime": 1727160901435484, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49215, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727160913551129, "etime": 1727160913551129, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49220, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727160886983831, "etime": 1727160886983831, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49209, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727160868779260, "etime": 1727160868779260, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49201, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727160896095727, "etime": 1727160896095727, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49213, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727160877858241, "etime": 1727160877858241, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49204, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727160890047715, "etime": 1727160890047715, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49211, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727160805692594, "etime": 1727160805692594, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49198, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727160883942369, "etime": 1727160883942369, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49207, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727160865752778, "etime": 1727160865752778, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49200, "dest_port": 11112, "protocol": "tls", "result": "Normal"}, {"stime": 1727160907510262, "etime": 1727160907510262, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.140", "src_port": 49218, "dest_port": 11112, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:32:08.373] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:32:10.340] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24659 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID12-httpCS4.8_win8.1_ubuntu_openjdk_IP.1726072543.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID12-httpCS4.8_win8.1_ubuntu_openjdk_IP.1726072543.jsonl?X-Amz-Date=20251209T123209Z&X-Amz-SignedHeaders=host&X-Amz-Signature=9ae40409b1d7b124ce14a6a1c561124e18b194d96478d703d144ed9f728935ea&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 20:32:10.340] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:32:10.340] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:32:10.340] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:32:10.341] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:32:10.341] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:32:10.341] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:32:11.410] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID12-httpCS4.8_win8.1_ubuntu_openjdk_IP.1726072543.jsonl|result:{"code": 0, "total_count": 23, "abnormal_count": 0, "normal_count": 23, "alert_count": 0, "timestamp": 1765312331410, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726072623747555, "etime": 1726072623747555, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49460, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726072621715085, "etime": 1726072621715085, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49458, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726072624762714, "etime": 1726072624762714, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49461, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726072624776208, "etime": 1726072624776208, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49462, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726072629856189, "etime": 1726072629856189, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49467, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726072614588150, "etime": 1726072614588150, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49450, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726072553291757, "etime": 1726072553291757, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49447, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726072615606520, "etime": 1726072615606520, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49451, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726072616637774, "etime": 1726072616637774, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49453, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726072613325481, "etime": 1726072613325481, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49449, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726072570012538, "etime": 1726072570012538, "src_ip": "192.168.32.43", "dest_ip": "150.171.28.10", "src_port": 49241, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1726072619684359, "etime": 1726072619684359, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49456, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726072625793355, "etime": 1726072625793355, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49463, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726072618668674, "etime": 1726072618668674, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49455, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726072615624621, "etime": 1726072615624621, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49452, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726072620703132, "etime": 1726072620703132, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49457, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726072617653486, "etime": 1726072617653486, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49454, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726072622731315, "etime": 1726072622731315, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49459, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726072627824306, "etime": 1726072627824306, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49465, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726072629860273, "etime": 1726072629860273, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49468, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726072626808982, "etime": 1726072626808982, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49464, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726072553311163, "etime": 1726072553311163, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49448, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726072628840857, "etime": 1726072628840857, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49466, "dest_port": 8888, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:32:11.411] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:32:13.530] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24660 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdg_domain_mogai4.1726052256.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdg_domain_mogai4.1726052256.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=2e6439e50f90d499d4d91b55157ac66c8a46f73a66d56e87be32679cd25b15cf&X-Amz-Date=20251209T123213Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Expires=604800"}
[2025-12-09 20:32:13.530] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:32:13.530] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:32:13.531] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:32:13.531] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:32:13.531] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:32:13.531] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:32:13.601] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdg_domain_mogai4.1726052256.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312333600, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726052256792827, "etime": 1726052256792827, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.24", "src_port": 50549, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:32:13.601] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:32:13.601] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:32:13.601] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:32:16.688] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25901 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai3zwlkhflow1zwrkh.1726641744.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai3zwlkhflow1zwrkh.1726641744.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=c1b47605bc6bdbfca1ecbf6f0e258a1bf70db4cd243f74172f749675227af123&X-Amz-Date=20251209T123216Z"}
[2025-12-09 20:32:16.688] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:32:16.688] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:32:16.689] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:32:16.689] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:32:16.689] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:32:16.689] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:32:16.780] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai3zwlkhflow1zwrkh.1726641744.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312336780, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726641744727682, "etime": 1726641744727682, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49290, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:32:16.780] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:32:16.780] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:32:16.780] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:32:19.847] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24661 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai3zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49290.1726641744.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai3zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49290.1726641744.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=e9313027341d3994ce579624de30a66a58d3b3e75e5e39801496f6e98ffe8b2a&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T123219Z"}
[2025-12-09 20:32:19.848] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:32:19.848] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:32:19.848] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:32:19.848] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:32:19.848] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:32:19.849] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:32:19.955] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai3zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49290.1726641744.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312339954, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726641744727682, "etime": 1726641744727682, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49290, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:32:19.955] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:32:19.955] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:32:19.955] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:32:23.059] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24223 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdg_domain_mogai4.pcap.TCP_192-168-88-24_50050_192-168-88-28_50549.1726052256.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdg_domain_mogai4.pcap.TCP_192-168-88-24_50050_192-168-88-28_50549.1726052256.jsonl?X-Amz-Expires=604800&X-Amz-Signature=ac4754fb89afee562db1e9f4072810f98e99ad5ec0892c100040cc6355a90286&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T123222Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 20:32:23.059] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:32:23.059] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:32:23.059] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:32:23.059] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:32:23.059] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:32:23.060] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:32:23.171] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdg_domain_mogai4.pcap.TCP_192-168-88-24_50050_192-168-88-28_50549.1726052256.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312343171, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726052256792827, "etime": 1726052256792827, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.24", "src_port": 50549, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:32:23.172] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:32:23.172] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:32:23.172] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:32:26.252] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25902 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID39-tls1.2CS4.8_windowsserver2008R2_ubuntu_jdk_domain.1726236552.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID39-tls1.2CS4.8_windowsserver2008R2_ubuntu_jdk_domain.1726236552.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=cf648183fa81aa738c086c36eb262e40c6aad33e800ce448bf9665ce54f41a06&X-Amz-Date=20251209T123225Z&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:32:26.252] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:32:26.252] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:32:26.252] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:32:26.252] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:32:26.252] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:32:26.253] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:32:30.993] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID39-tls1.2CS4.8_windowsserver2008R2_ubuntu_jdk_domain.1726236552.jsonl|result:{"code": 1, "total_count": 90, "abnormal_count": 88, "normal_count": 2, "alert_count": 88, "timestamp": 1765312350991, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726236644238003, "etime": 1726236644238003, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51360, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236630650166, "etime": 1726236630650166, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51340, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236658140743, "etime": 1726236658140743, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51374, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1726236728399613, "etime": 1726236728399613, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51444, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236709867149, "etime": 1726236709867149, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51432, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236675782611, "etime": 1726236675782611, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51398, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236696029953, "etime": 1726236696029953, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51423, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236668012075, "etime": 1726236668012075, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51388, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236641165228, "etime": 1726236641165228, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51356, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236627544809, "etime": 1726236627544809, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51336, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236618483282, "etime": 1726236618483282, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51322, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236706748165, "etime": 1726236706748165, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51430, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236746808261, "etime": 1726236746808261, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51456, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1726236632210949, "etime": 1726236632210949, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51342, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236737604642, "etime": 1726236737604642, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51450, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236705203003, "etime": 1726236705203003, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51429, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236733048937, "etime": 1726236733048937, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51447, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236692925312, "etime": 1726236692925312, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51420, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236661818633, "etime": 1726236661818633, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51380, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236674221204, "etime": 1726236674221204, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51396, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236685172320, "etime": 1726236685172320, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51410, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236714468601, "etime": 1726236714468601, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51435, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236723707758, "etime": 1726236723707758, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51441, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236625394162, "etime": 1726236625394162, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51332, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236680539285, "etime": 1726236680539285, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51404, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236736090787, "etime": 1726236736090787, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51449, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236621602176, "etime": 1726236621602176, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51326, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236632825610, "etime": 1726236632825610, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51344, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236702144774, "etime": 1726236702144774, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51427, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236614738478, "etime": 1726236614738478, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51316, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236659682771, "etime": 1726236659682771, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51376, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236683629017, "etime": 1726236683629017, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51408, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236703673791, "etime": 1726236703673791, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51428, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236626968659, "etime": 1726236626968659, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51334, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236678978476, "etime": 1726236678978476, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51402, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236622240532, "etime": 1726236622240532, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51328, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1726236660285238, "etime": 1726236660285238, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51378, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1726236708322556, "etime": 1726236708322556, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51431, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236552591584, "etime": 1726236552591584, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51312, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236615341979, "etime": 1726236615341979, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51318, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236711395930, "etime": 1726236711395930, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51433, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236716029144, "etime": 1726236716029144, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51436, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236620042829, "etime": 1726236620042829, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51324, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236669557287, "etime": 1726236669557287, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51390, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236740661704, "etime": 1726236740661704, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51452, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236720617011, "etime": 1726236720617011, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51439, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236613164574, "etime": 1726236613164574, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51314, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236682067846, "etime": 1726236682067846, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51406, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236657092308, "etime": 1726236657092308, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51372, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236712925167, "etime": 1726236712925167, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51434, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236731457544, "etime": 1726236731457544, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51446, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236742190516, "etime": 1726236742190516, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51453, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236635892105, "etime": 1726236635892105, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51348, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236638081507, "etime": 1726236638081507, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51352, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1726236677343538, "etime": 1726236677343538, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51400, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236686716759, "etime": 1726236686716759, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51412, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236637438150, "etime": 1726236637438150, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51350, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236694501414, "etime": 1726236694501414, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51422, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236616891094, "etime": 1726236616891094, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51320, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236664876579, "etime": 1726236664876579, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51384, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236689837074, "etime": 1726236689837074, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51416, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236697543006, "etime": 1726236697543006, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51424, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236644856836, "etime": 1726236644856836, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51362, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1726236691382588, "etime": 1726236691382588, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51418, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236647966329, "etime": 1726236647966329, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51366, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236663347686, "etime": 1726236663347686, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51382, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236699088442, "etime": 1726236699088442, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51425, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236655526615, "etime": 1726236655526615, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51370, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1726236717557852, "etime": 1726236717557852, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51437, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236629091560, "etime": 1726236629091560, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51338, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236722145004, "etime": 1726236722145004, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51440, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236729928489, "etime": 1726236729928489, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51445, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236739133291, "etime": 1726236739133291, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51451, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236639637888, "etime": 1726236639637888, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51354, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236743750662, "etime": 1726236743750662, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51454, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236688276655, "etime": 1726236688276655, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51414, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236719086789, "etime": 1726236719086789, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51438, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236634347303, "etime": 1726236634347303, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51346, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236672661141, "etime": 1726236672661141, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51394, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236649526310, "etime": 1726236649526310, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51368, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236671102190, "etime": 1726236671102190, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51392, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236725375536, "etime": 1726236725375536, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51442, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236642708897, "etime": 1726236642708897, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51358, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236666436839, "etime": 1726236666436839, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51386, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236700601749, "etime": 1726236700601749, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51426, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236726901955, "etime": 1726236726901955, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51443, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236745279163, "etime": 1726236745279163, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51455, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236623832793, "etime": 1726236623832793, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51330, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236646405838, "etime": 1726236646405838, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51364, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726236734577466, "etime": 1726236734577466, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 51448, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:32:30.993] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 88|max_alert: 1000
[2025-12-09 20:32:30.994] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:32:30.994] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:32:30.994] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24662 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_IP_mogai2zwlkhflow1zwrkh.1726640366.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_IP_mogai2zwlkhflow1zwrkh.1726640366.jsonl?X-Amz-Date=20251209T123228Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=c6c31c63cc2a8ffa345851bf2f93875b17512e0dcd6ec2a5bce4088927d0d4f9&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:32:30.994] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:32:30.994] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:32:30.994] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:32:30.994] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:32:30.994] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:32:30.994] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:32:31.050] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_IP_mogai2zwlkhflow1zwrkh.1726640366.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312351050, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726640366495761, "etime": 1726640366495761, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49276, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:32:31.050] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:32:31.050] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:32:31.050] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:32:32.563] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25903 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_IP_mogai2zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49276.1726640366.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_IP_mogai2zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49276.1726640366.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T123231Z&X-Amz-Signature=be6ac1760d09d0f40b3c1cf3f0ad1b73e6e4dbcf85800d5387e29bf389f8c3ce&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:32:32.563] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:32:32.563] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:32:32.564] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:32:32.564] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:32:32.564] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:32:32.564] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:32:32.626] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_IP_mogai2zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49276.1726640366.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312352626, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726640366495761, "etime": 1726640366495761, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49276, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:32:32.626] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:32:32.626] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:32:32.626] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:32:35.668] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24663 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID12-httpCS4.8_win8.1_ubuntu_openjdk_domain.1726072874.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID12-httpCS4.8_win8.1_ubuntu_openjdk_domain.1726072874.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=5d988342269a6e64a43345932d7a35cd68a0e9108371fc02a8f8278c5166c509&X-Amz-Date=20251209T123235Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:32:35.668] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:32:35.668] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:32:35.668] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:32:35.668] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:32:35.668] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:32:35.669] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:32:36.629] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID12-httpCS4.8_win8.1_ubuntu_openjdk_domain.1726072874.jsonl|result:{"code": 0, "total_count": 18, "abnormal_count": 0, "normal_count": 18, "alert_count": 0, "timestamp": 1765312356628, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726072935386606, "etime": 1726072935386606, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49505, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726072874124042, "etime": 1726072874124042, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49502, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726072947596193, "etime": 1726072947596193, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49518, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726072934142862, "etime": 1726072934142862, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49504, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726072937423797, "etime": 1726072937423797, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49507, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726072938439611, "etime": 1726072938439611, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49508, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726072944548577, "etime": 1726072944548577, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49515, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726072936410585, "etime": 1726072936410585, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49506, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726072939469993, "etime": 1726072939469993, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49510, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726072945564386, "etime": 1726072945564386, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49516, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726072939455088, "etime": 1726072939455088, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49509, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726072942516998, "etime": 1726072942516998, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49513, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726072947600517, "etime": 1726072947600517, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49519, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726072946580188, "etime": 1726072946580188, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49517, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726072941501717, "etime": 1726072941501717, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49512, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726072940487840, "etime": 1726072940487840, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49511, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726072874135684, "etime": 1726072874135684, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49503, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726072943533279, "etime": 1726072943533279, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49514, "dest_port": 8889, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:32:36.629] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:32:38.792] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25904 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-httpCS4.8_win8_ubuntu_openjdk_IP.1726133318.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-httpCS4.8_win8_ubuntu_openjdk_IP.1726133318.jsonl?X-Amz-Signature=6209c30e137c42b757ba4ff1576b0b43eb01df21b59695c20d2861b70e06076e&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T123238Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host"}
[2025-12-09 20:32:38.792] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:32:38.792] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:32:38.792] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:32:38.792] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:32:38.792] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:32:38.793] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:32:39.653] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-httpCS4.8_win8_ubuntu_openjdk_IP.1726133318.jsonl|result:{"code": 0, "total_count": 16, "abnormal_count": 0, "normal_count": 16, "alert_count": 0, "timestamp": 1765312359652, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726133379432740, "etime": 1726133379432740, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49297, "dest_port": 9999, "protocol": "tls", "result": "Normal"}, {"stime": 1726133384524738, "etime": 1726133384524738, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49304, "dest_port": 9999, "protocol": "tls", "result": "Normal"}, {"stime": 1726133380440512, "etime": 1726133380440512, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49298, "dest_port": 9999, "protocol": "tls", "result": "Normal"}, {"stime": 1726133383498305, "etime": 1726133383498305, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49302, "dest_port": 9999, "protocol": "tls", "result": "Normal"}, {"stime": 1726133385542403, "etime": 1726133385542403, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49305, "dest_port": 9999, "protocol": "tls", "result": "Normal"}, {"stime": 1726133318377702, "etime": 1726133318377702, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49293, "dest_port": 9999, "protocol": "tls", "result": "Normal"}, {"stime": 1726133318388182, "etime": 1726133318388182, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49294, "dest_port": 9999, "protocol": "tls", "result": "Normal"}, {"stime": 1726133381454798, "etime": 1726133381454798, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49299, "dest_port": 9999, "protocol": "tls", "result": "Normal"}, {"stime": 1726133382468755, "etime": 1726133382468755, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49300, "dest_port": 9999, "protocol": "tls", "result": "Normal"}, {"stime": 1726133382485917, "etime": 1726133382485917, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49301, "dest_port": 9999, "protocol": "tls", "result": "Normal"}, {"stime": 1726133386556167, "etime": 1726133386556167, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49306, "dest_port": 9999, "protocol": "tls", "result": "Normal"}, {"stime": 1726133384512182, "etime": 1726133384512182, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49303, "dest_port": 9999, "protocol": "tls", "result": "Normal"}, {"stime": 1726133388585657, "etime": 1726133388585657, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49308, "dest_port": 9999, "protocol": "tls", "result": "Normal"}, {"stime": 1726133379410768, "etime": 1726133379410768, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49296, "dest_port": 9999, "protocol": "tls", "result": "Normal"}, {"stime": 1726133378397318, "etime": 1726133378397318, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49295, "dest_port": 9999, "protocol": "tls", "result": "Normal"}, {"stime": 1726133387570098, "etime": 1726133387570098, "src_ip": "192.168.112.137", "dest_ip": "192.168.112.135", "src_port": 49307, "dest_port": 9999, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:32:39.653] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:32:41.938] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24224 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai2zwlkhflow1zwrkh.1726641687.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai2zwlkhflow1zwrkh.1726641687.jsonl?X-Amz-Date=20251209T123241Z&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=01507c9deb2f5e9a6d33f94e822c1615c9597dce43ab88e7b51a6e3faa73e112"}
[2025-12-09 20:32:41.938] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:32:41.938] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:32:41.938] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:32:41.938] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:32:41.938] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:32:41.939] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:32:42.012] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai2zwlkhflow1zwrkh.1726641687.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312362012, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726641687097210, "etime": 1726641687097210, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49289, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:32:42.012] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:32:42.012] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:32:42.012] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:32:45.133] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24664 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai2zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49289.1726641687.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai2zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49289.1726641687.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T123244Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=921495daeec610720aab45a28ad8f0b7ae2988ee09f831c7445443f3349e52a3&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:32:45.133] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:32:45.133] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:32:45.133] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:32:45.133] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:32:45.133] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:32:45.134] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:32:45.244] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai2zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49289.1726641687.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312365243, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726641687097210, "etime": 1726641687097210, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49289, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:32:45.244] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:32:45.244] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:32:45.244] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:32:48.312] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24225 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_IP_mogai1ywlkhflow_1ywrkh.1726623265.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_IP_mogai1ywlkhflow_1ywrkh.1726623265.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=9f2e55b929a14a134ade6d0947b1a0edc545d5ee187441eaa23a5265202da291&X-Amz-Date=20251209T123247Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host"}
[2025-12-09 20:32:48.313] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:32:48.313] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:32:48.313] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:32:48.313] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:32:48.313] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:32:48.314] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:32:48.429] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_IP_mogai1ywlkhflow_1ywrkh.1726623265.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312368429, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726623265043523, "etime": 1726623265043523, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.22", "src_port": 50369, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:32:48.429] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:32:48.429] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:32:48.429] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:32:51.483] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25905 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_IP_mogai1ywlkhflow_1ywrkh.pcap.TCP_192-168-88-22_50050_192-168-88-28_50369.1726623265.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_IP_mogai1ywlkhflow_1ywrkh.pcap.TCP_192-168-88-22_50050_192-168-88-28_50369.1726623265.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=cc5bc6c91630394b1377fa4517777876bf3613961a19ebd58f68ef9a71ae7caa&X-Amz-Date=20251209T123250Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 20:32:51.484] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:32:51.484] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:32:51.484] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:32:51.484] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:32:51.484] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:32:51.485] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:32:51.598] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_IP_mogai1ywlkhflow_1ywrkh.pcap.TCP_192-168-88-22_50050_192-168-88-28_50369.1726623265.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312371598, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726623265043523, "etime": 1726623265043523, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.22", "src_port": 50369, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:32:51.598] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:32:51.598] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:32:51.598] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:32:54.601] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25906 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID11-httpCS4.8_win8.1_ubuntu_jdk_IP.1726068440.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID11-httpCS4.8_win8.1_ubuntu_jdk_IP.1726068440.jsonl?X-Amz-Signature=1e652b9700917bd464faaaa3d23634527bd2d5cfefa2867ad89e94378d10707c&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123254Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:32:54.601] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:32:54.601] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:32:54.601] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:32:54.601] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:32:54.601] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:32:54.602] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:32:55.659] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID11-httpCS4.8_win8.1_ubuntu_jdk_IP.1726068440.jsonl|result:{"code": 0, "total_count": 19, "abnormal_count": 0, "normal_count": 19, "alert_count": 0, "timestamp": 1765312375658, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726068448352279, "etime": 1726068448352279, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49244, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726068522947978, "etime": 1726068522947978, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49262, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726068515845542, "etime": 1726068515845542, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49255, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726068518888456, "etime": 1726068518888456, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49258, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726068448371465, "etime": 1726068448371465, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49245, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726068511737428, "etime": 1726068511737428, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49250, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726068520916898, "etime": 1726068520916898, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49260, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726068515793243, "etime": 1726068515793243, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49254, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726068516854548, "etime": 1726068516854548, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49256, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726068508385984, "etime": 1726068508385984, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49246, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726068512745073, "etime": 1726068512745073, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49251, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726068517869372, "etime": 1726068517869372, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49257, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726068513760265, "etime": 1726068513760265, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49252, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726068521934981, "etime": 1726068521934981, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49261, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726068510697604, "etime": 1726068510697604, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49248, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726068509674494, "etime": 1726068509674494, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49247, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726068519900705, "etime": 1726068519900705, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49259, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726068511713266, "etime": 1726068511713266, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49249, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726068514775473, "etime": 1726068514775473, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49253, "dest_port": 8888, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:32:55.659] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:32:57.783] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24226 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_domain_mogai5ywlkhflow_1ywrkh.1726050776.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_domain_mogai5ywlkhflow_1ywrkh.1726050776.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T123257Z&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=559ff87b54c1436ea30eb0cd2d0889afb2d011f70a768618afbe36dc8d894c6a"}
[2025-12-09 20:32:57.783] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:32:57.783] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:32:57.784] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:32:57.784] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:32:57.784] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:32:57.784] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:32:57.860] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_domain_mogai5ywlkhflow_1ywrkh.1726050776.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312377860, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726050776178196, "etime": 1726050776178196, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.22", "src_port": 50482, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:32:57.860] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:32:57.860] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:32:57.860] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:33:00.943] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24665 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_domain_mogai5ywlkhflow_1ywrkh.pcap.TCP_192-168-88-22_50050_192-168-88-28_50482.1726050776.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_domain_mogai5ywlkhflow_1ywrkh.pcap.TCP_192-168-88-22_50050_192-168-88-28_50482.1726050776.jsonl?X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T123300Z&X-Amz-Expires=604800&X-Amz-Signature=c40e76cbf894469c1c2d403325246c62dbfe99bffa0af2c9012199b9a566edb6&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:33:00.943] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:33:00.943] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:33:00.943] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:33:00.943] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:33:00.943] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:33:00.944] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:33:01.056] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_domain_mogai5ywlkhflow_1ywrkh.pcap.TCP_192-168-88-22_50050_192-168-88-28_50482.1726050776.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312381055, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726050776178196, "etime": 1726050776178196, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.22", "src_port": 50482, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:33:01.056] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:33:01.056] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:33:01.056] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:33:04.109] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25907 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_IP_mogai2ywlkhflow_1ywrkh.1726623640.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_IP_mogai2ywlkhflow_1ywrkh.1726623640.jsonl?X-Amz-Signature=846e4492e61d6084ef618aadf1df9ff1ad0ad26b3d72598ab32fddf5ea97eff4&X-Amz-Expires=604800&X-Amz-Date=20251209T123303Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:33:04.109] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:33:04.109] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:33:04.109] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:33:04.109] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:33:04.109] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:33:04.110] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:33:04.223] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_IP_mogai2ywlkhflow_1ywrkh.1726623640.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312384222, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726623640157921, "etime": 1726623640157921, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.22", "src_port": 50370, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:33:04.223] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:33:04.223] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:33:04.223] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:33:07.290] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24666 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_IP_mogai2ywlkhflow_1ywrkh.pcap.TCP_192-168-88-22_50050_192-168-88-28_50370.1726623640.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_IP_mogai2ywlkhflow_1ywrkh.pcap.TCP_192-168-88-22_50050_192-168-88-28_50370.1726623640.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=da4c7d432733dc35bc41210e11ce8617e287b85c432b4dba8088251f81178600&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T123306Z&X-Amz-Expires=604800"}
[2025-12-09 20:33:07.290] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:33:07.290] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:33:07.290] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:33:07.290] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:33:07.290] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:33:07.291] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:33:07.405] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_IP_mogai2ywlkhflow_1ywrkh.pcap.TCP_192-168-88-22_50050_192-168-88-28_50370.1726623640.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312387405, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726623640157921, "etime": 1726623640157921, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.22", "src_port": 50370, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:33:07.405] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:33:07.406] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:33:07.406] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:33:10.471] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24667 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_domain_mogai5.1726052669.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_domain_mogai5.1726052669.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=117ab6c4c8b1bb00defb1fa009ffad212f9a06e4a4c42286a6f038b5a61f5243&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123309Z"}
[2025-12-09 20:33:10.471] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:33:10.471] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:33:10.471] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:33:10.471] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:33:10.471] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:33:10.472] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:33:10.584] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_domain_mogai5.1726052669.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312390583, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726052669784546, "etime": 1726052669784546, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.24", "src_port": 50566, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:33:10.584] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:33:10.584] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:33:10.584] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:33:13.653] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24227 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_domain_mogai5.pcap.TCP_192-168-88-24_50050_192-168-88-28_50566.1726052669.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_domain_mogai5.pcap.TCP_192-168-88-24_50050_192-168-88-28_50566.1726052669.jsonl?X-Amz-Date=20251209T123313Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=c41337642fadfa329053d69a7f14ab4c245c286dffacff98361ed034abe15471&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:33:13.653] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:33:13.653] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:33:13.653] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:33:13.653] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:33:13.653] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:33:13.654] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:33:13.765] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_domain_mogai5.pcap.TCP_192-168-88-24_50050_192-168-88-28_50566.1726052669.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312393765, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726052669784546, "etime": 1726052669784546, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.24", "src_port": 50566, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:33:13.765] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:33:13.765] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:33:13.765] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:33:16.755] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24228 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID9-httpCS4.8_win8.1_kali_jdk_domain.1726075256.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID9-httpCS4.8_win8.1_kali_jdk_domain.1726075256.jsonl?X-Amz-Signature=e119b70abf2723a13c6cbfbf7aca317809afd68063690c8462fdb6e4f093f4bb&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123316Z&X-Amz-SignedHeaders=host"}
[2025-12-09 20:33:16.756] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:33:16.756] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:33:16.756] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:33:16.756] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:33:16.756] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:33:16.757] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:33:17.388] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID9-httpCS4.8_win8.1_kali_jdk_domain.1726075256.jsonl|result:{"code": 0, "total_count": 11, "abnormal_count": 0, "normal_count": 11, "alert_count": 0, "timestamp": 1765312397387, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726075256354921, "etime": 1726075256354921, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49770, "dest_port": 8081, "protocol": "tls", "result": "Normal"}, {"stime": 1726075256338022, "etime": 1726075256338022, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49769, "dest_port": 8081, "protocol": "tls", "result": "Normal"}, {"stime": 1726075316492589, "etime": 1726075316492589, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49772, "dest_port": 8081, "protocol": "tls", "result": "Normal"}, {"stime": 1726075318513343, "etime": 1726075318513343, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49774, "dest_port": 8081, "protocol": "tls", "result": "Normal"}, {"stime": 1726075320560290, "etime": 1726075320560290, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49777, "dest_port": 8081, "protocol": "tls", "result": "Normal"}, {"stime": 1726075317497476, "etime": 1726075317497476, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49773, "dest_port": 8081, "protocol": "tls", "result": "Normal"}, {"stime": 1726075321574610, "etime": 1726075321574610, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49778, "dest_port": 8081, "protocol": "tls", "result": "Normal"}, {"stime": 1726075321578954, "etime": 1726075321578954, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49779, "dest_port": 8081, "protocol": "tls", "result": "Normal"}, {"stime": 1726075316371824, "etime": 1726075316371824, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49771, "dest_port": 8081, "protocol": "tls", "result": "Normal"}, {"stime": 1726075319543854, "etime": 1726075319543854, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49776, "dest_port": 8081, "protocol": "tls", "result": "Normal"}, {"stime": 1726075318528911, "etime": 1726075318528911, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49775, "dest_port": 8081, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:33:17.388] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:33:19.965] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24229 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49161.1727228273.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49161.1727228273.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=9829ca093e3585a4903426cb894b214180b4ea391c8eee0b785831899720790a&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123319Z"}
[2025-12-09 20:33:19.965] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:33:19.965] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:33:19.965] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:33:19.965] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:33:19.965] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:33:19.966] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:33:20.031] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.pcap.TCP_192-168-112-140_51129_192-168-112-142_49161.1727228273.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312400030, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727228273267937, "etime": 1727228273267937, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49161, "dest_port": 51129, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:33:20.031] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:33:20.031] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:33:20.031] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:33:23.159] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24668 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai1zwlkhflow1zwrkh.1726641532.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai1zwlkhflow1zwrkh.1726641532.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=07b31c7fd745a55dfbf844e1c6e3ab11a15d2c84cfcda55f2cc38c2027aecb6a&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T123322Z"}
[2025-12-09 20:33:23.159] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:33:23.159] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:33:23.159] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:33:23.159] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:33:23.159] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:33:23.160] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:33:23.265] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai1zwlkhflow1zwrkh.1726641532.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312403264, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726641532684314, "etime": 1726641532684314, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49288, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:33:23.265] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:33:23.265] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:33:23.265] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:33:26.361] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25908 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai1zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49288.1726641532.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai1zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49288.1726641532.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=b25fe3beb5fe71dfa17ef60ecaba4093964725bb85ab101cbf6eb5ad0e89866a&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T123325Z&X-Amz-Expires=604800"}
[2025-12-09 20:33:26.361] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:33:26.361] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:33:26.362] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:33:26.362] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:33:26.362] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:33:26.363] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:33:26.474] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai1zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49288.1726641532.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312406473, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726641532684314, "etime": 1726641532684314, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49288, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:33:26.474] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:33:26.474] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:33:26.474] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:33:29.520] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25909 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdg_domain_mogai6.1726052444.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdg_domain_mogai6.1726052444.jsonl?X-Amz-Date=20251209T123329Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=1da642cf7c76bcfe0b0a29225f12c29ede1b04476698fc724a6ace107cede1a6&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:33:29.520] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:33:29.520] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:33:29.520] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:33:29.520] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:33:29.520] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:33:29.521] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:33:29.633] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdg_domain_mogai6.1726052444.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312409632, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726052444677988, "etime": 1726052444677988, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.24", "src_port": 50557, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:33:29.633] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:33:29.633] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:33:29.633] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:33:32.737] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24669 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdg_domain_mogai6.pcap.TCP_192-168-88-24_50050_192-168-88-28_50557.1726052444.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdg_domain_mogai6.pcap.TCP_192-168-88-24_50050_192-168-88-28_50557.1726052444.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=b6d3254dfbf6538dca5109c4df1a07dbd11e90d3e9b4a7021d811ee7a5265a83&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T123332Z"}
[2025-12-09 20:33:32.738] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:33:32.738] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:33:32.738] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:33:32.738] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:33:32.738] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:33:32.739] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:33:32.852] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdg_domain_mogai6.pcap.TCP_192-168-88-24_50050_192-168-88-28_50557.1726052444.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312412851, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726052444677988, "etime": 1726052444677988, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.24", "src_port": 50557, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:33:32.852] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:33:32.852] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:33:32.852] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:33:35.890] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24230 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_IP_mogai1zwlkhflow1zwrkh.1726640312.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_IP_mogai1zwlkhflow1zwrkh.1726640312.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123335Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=caccdd3542f5c464d096c68a9822839c236c836f4926c199523264c9e4f9a001"}
[2025-12-09 20:33:35.890] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:33:35.890] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:33:35.890] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:33:35.890] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:33:35.890] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:33:35.891] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:33:36.002] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_IP_mogai1zwlkhflow1zwrkh.1726640312.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765312416002, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726640312565120, "etime": 1726640312565120, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49275, "dest_port": 50050, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:33:36.002] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:33:39.099] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24231 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_IP_mogai1zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49275.1726640312.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_IP_mogai1zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49275.1726640312.jsonl?X-Amz-Date=20251209T123338Z&X-Amz-Signature=035f2abd3e4c2afbabfebf31e93eea1fb0c2e158ab3fe44c26a0e76b7896cf8b&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:33:39.099] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:33:39.099] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:33:39.100] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:33:39.100] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:33:39.100] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:33:39.101] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:33:39.212] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_IP_mogai1zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49275.1726640312.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765312419211, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726640312565120, "etime": 1726640312565120, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49275, "dest_port": 50050, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:33:39.212] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:33:42.258] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24232 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_IP_mogai3zwlkhflow1zwrkh.1726641385.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_IP_mogai3zwlkhflow1zwrkh.1726641385.jsonl?X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123341Z&X-Amz-Signature=bfb789339e4ea40c9010c56176a09c96cc318b2f25f8b4ce1d86ed7ae4b98e0c"}
[2025-12-09 20:33:42.258] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:33:42.258] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:33:42.258] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:33:42.258] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:33:42.258] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:33:42.259] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:33:42.370] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_IP_mogai3zwlkhflow1zwrkh.1726641385.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312422369, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726641385705722, "etime": 1726641385705722, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49287, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:33:42.370] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:33:42.370] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:33:42.370] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:33:45.437] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24233 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_IP_mogai3zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49287.1726641385.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_IP_mogai3zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49287.1726641385.jsonl?X-Amz-Signature=8612ba159db732d66f43db29e22b592488d9d077ae9e9e127a797eaf9e06f069&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T123344Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:33:45.437] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:33:45.437] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:33:45.437] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:33:45.437] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:33:45.437] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:33:45.438] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:33:45.551] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_IP_mogai3zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49287.1726641385.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312425551, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726641385705722, "etime": 1726641385705722, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49287, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:33:45.551] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:33:45.551] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:33:45.551] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:33:48.658] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24234 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID37-tls1.2CS4.8_windowsserver2008R2_kali_jdk_domain.1726232231.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID37-tls1.2CS4.8_windowsserver2008R2_kali_jdk_domain.1726232231.jsonl?X-Amz-Signature=52f42d96b8f3ea1f08c4dad1c30730acf5c7b391b1013533943a42af6f5e71d1&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T123348Z"}
[2025-12-09 20:33:48.658] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:33:48.658] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:33:48.658] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:33:48.659] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:33:48.659] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:33:48.659] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:33:52.876] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID37-tls1.2CS4.8_windowsserver2008R2_kali_jdk_domain.1726232231.jsonl|result:{"code": 1, "total_count": 80, "abnormal_count": 78, "normal_count": 2, "alert_count": 78, "timestamp": 1765312432875, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726232382812573, "etime": 1726232382812573, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 50016, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232350335629, "etime": 1726232350335629, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49997, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232384324643, "etime": 1726232384324643, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 50017, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232307617578, "etime": 1726232307617578, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49965, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232318197891, "etime": 1726232318197891, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49972, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232231953547, "etime": 1726232231953547, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49952, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232407005714, "etime": 1726232407005714, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 50032, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232343075658, "etime": 1726232343075658, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49991, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232343700198, "etime": 1726232343700198, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49992, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1726232373764022, "etime": 1726232373764022, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 50010, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232360157322, "etime": 1726232360157322, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 50001, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232385832705, "etime": 1726232385832705, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 50018, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232378280645, "etime": 1726232378280645, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 50013, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232372248959, "etime": 1726232372248959, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 50009, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232321218292, "etime": 1726232321218292, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49974, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232338583989, "etime": 1726232338583989, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49988, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232397918988, "etime": 1726232397918988, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 50026, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232329872764, "etime": 1726232329872764, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49981, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1726232313664883, "etime": 1726232313664883, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49969, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232331387839, "etime": 1726232331387839, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49982, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232379807827, "etime": 1726232379807827, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 50014, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232393354325, "etime": 1726232393354325, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 50023, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232340081467, "etime": 1726232340081467, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49989, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232394847095, "etime": 1726232394847095, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 50024, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232334975677, "etime": 1726232334975677, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49985, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232403982616, "etime": 1726232403982616, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 50030, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232399436412, "etime": 1726232399436412, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 50027, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232390331900, "etime": 1726232390331900, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 50021, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232405493002, "etime": 1726232405493002, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 50031, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232324238031, "etime": 1726232324238031, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49976, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232338022623, "etime": 1726232338022623, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49987, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232391841236, "etime": 1726232391841236, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 50022, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232312170621, "etime": 1726232312170621, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49968, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232316686813, "etime": 1726232316686813, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49971, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232292543495, "etime": 1726232292543495, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49954, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232363180711, "etime": 1726232363180711, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 50003, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232388837823, "etime": 1726232388837823, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 50020, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232361674063, "etime": 1726232361674063, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 50002, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232304619675, "etime": 1726232304619675, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49963, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232294066367, "etime": 1726232294066367, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49956, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232348247855, "etime": 1726232348247855, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49995, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232346721718, "etime": 1726232346721718, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49994, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232366219693, "etime": 1726232366219693, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 50005, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232348820774, "etime": 1726232348820774, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49996, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1726232353324208, "etime": 1726232353324208, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49999, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232315176042, "etime": 1726232315176042, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49970, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232336490743, "etime": 1726232336490743, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49986, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232341580087, "etime": 1726232341580087, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49990, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232381302165, "etime": 1726232381302165, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 50015, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232370750652, "etime": 1726232370750652, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 50008, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232345211391, "etime": 1726232345211391, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49993, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232358675271, "etime": 1726232358675271, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 50000, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1726232402466527, "etime": 1726232402466527, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 50029, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232407517544, "etime": 1726232407517544, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 50033, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232298577541, "etime": 1726232298577541, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49959, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232306118672, "etime": 1726232306118672, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49964, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232303103928, "etime": 1726232303103928, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49962, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232297070445, "etime": 1726232297070445, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49958, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232396383887, "etime": 1726232396383887, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 50025, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232400951942, "etime": 1726232400951942, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 50028, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232327802060, "etime": 1726232327802060, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49979, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232309129559, "etime": 1726232309129559, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49966, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232301602891, "etime": 1726232301602891, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49961, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232322728119, "etime": 1726232322728119, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49975, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232325731424, "etime": 1726232325731424, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49977, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232300083731, "etime": 1726232300083731, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49960, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232295559681, "etime": 1726232295559681, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49957, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232387327193, "etime": 1726232387327193, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 50019, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232333468955, "etime": 1726232333468955, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49984, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232310657463, "etime": 1726232310657463, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49967, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232367705431, "etime": 1726232367705431, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 50006, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232319707778, "etime": 1726232319707778, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49973, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232329330723, "etime": 1726232329330723, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49980, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232364702139, "etime": 1726232364702139, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 50004, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232326285987, "etime": 1726232326285987, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49978, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232369221758, "etime": 1726232369221758, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 50007, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232332923799, "etime": 1726232332923799, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49983, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232351829983, "etime": 1726232351829983, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49998, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232375273522, "etime": 1726232375273522, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 50011, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726232376769819, "etime": 1726232376769819, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 50012, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:33:52.877] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 78|max_alert: 1000
[2025-12-09 20:33:52.877] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:33:52.877] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:33:52.877] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24235 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.1727159624.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.1727159624.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T123351Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=fbd4ddbb60e40a216e70419c5be2bbc24aacc0ec78c883d2790a7ffea7e0cdfa&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:33:52.877] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:33:52.877] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:33:52.877] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:33:52.877] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:33:52.877] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:33:52.877] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:33:55.399] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_domain.1727159624.jsonl|result:{"code": 1, "total_count": 51, "abnormal_count": 4, "normal_count": 47, "alert_count": 4, "timestamp": 1765312435397, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727159624196346, "etime": 1727159624196346, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50445, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159703185523, "etime": 1727159703185523, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50463, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159706602484, "etime": 1727159706602484, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50466, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159720377717, "etime": 1727159720377717, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50479, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159730813196, "etime": 1727159730813196, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50489, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159733075751, "etime": 1727159733075751, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50491, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159723824752, "etime": 1727159723824752, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50482, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159705462830, "etime": 1727159705462830, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50465, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159684404287, "etime": 1727159684404287, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50446, "dest_port": 9443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727159704324389, "etime": 1727159704324389, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50464, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159721547155, "etime": 1727159721547155, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50480, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159710002755, "etime": 1727159710002755, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50469, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159722687145, "etime": 1727159722687145, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50481, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159712264573, "etime": 1727159712264573, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50471, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159695308151, "etime": 1727159695308151, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50456, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159707740555, "etime": 1727159707740555, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50467, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159684785795, "etime": 1727159684785795, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50447, "dest_port": 9443, "protocol": "tls", "result": "Behinder"}, {"stime": 1727159718067988, "etime": 1727159718067988, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50477, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159716945137, "etime": 1727159716945137, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50476, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159725135017, "etime": 1727159725135017, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50484, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159726274300, "etime": 1727159726274300, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50485, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159731936760, "etime": 1727159731936760, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50490, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159734214305, "etime": 1727159734214305, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50492, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159735353447, "etime": 1727159735353447, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50493, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159687117391, "etime": 1727159687117391, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50449, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159711127348, "etime": 1727159711127348, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50470, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159688509735, "etime": 1727159688509735, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50450, "dest_port": 9443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727159691906984, "etime": 1727159691906984, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50453, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159724002024, "etime": 1727159724002024, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50483, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159689644836, "etime": 1727159689644836, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50451, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159693045182, "etime": 1727159693045182, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50454, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159700923084, "etime": 1727159700923084, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50461, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159715806939, "etime": 1727159715806939, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50475, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159714668711, "etime": 1727159714668711, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50474, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159708879774, "etime": 1727159708879774, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50468, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159696446756, "etime": 1727159696446756, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50457, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159714527655, "etime": 1727159714527655, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50473, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159697585727, "etime": 1727159697585727, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50458, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159719222201, "etime": 1727159719222201, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50478, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159699785755, "etime": 1727159699785755, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50460, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159698652174, "etime": 1727159698652174, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50459, "dest_port": 9443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727159727397092, "etime": 1727159727397092, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50486, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159728536281, "etime": 1727159728536281, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50487, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159729675095, "etime": 1727159729675095, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50488, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159685978431, "etime": 1727159685978431, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50448, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159736477442, "etime": 1727159736477442, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50495, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159694168659, "etime": 1727159694168659, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50455, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159690767728, "etime": 1727159690767728, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50452, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159702046585, "etime": 1727159702046585, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50462, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159713388064, "etime": 1727159713388064, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50472, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159736606126, "etime": 1727159736606126, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50496, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:33:55.399] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 4|max_alert: 1000
[2025-12-09 20:33:55.399] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:33:55.399] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:33:55.399] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25910 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_domain_mogai4.1726052591.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_domain_mogai4.1726052591.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=2d08ab9727c44ded60dda5e63e990b7c457bc65669a5c6dcf9c9e2b7df288a4b&X-Amz-Date=20251209T123354Z"}
[2025-12-09 20:33:55.399] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:33:55.399] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:33:55.399] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:33:55.399] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:33:55.399] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:33:55.399] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:33:55.456] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_domain_mogai4.1726052591.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312435455, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726052591616089, "etime": 1726052591616089, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.24", "src_port": 50563, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:33:55.456] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:33:55.456] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:33:55.456] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:33:58.154] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24236 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_domain_mogai4.pcap.TCP_192-168-88-24_50050_192-168-88-28_50563.1726052591.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_domain_mogai4.pcap.TCP_192-168-88-24_50050_192-168-88-28_50563.1726052591.jsonl?X-Amz-Date=20251209T123357Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=3cfe9f95953496354d1c557f766ef2f4defbb125c4b3fa2788b6676212e48b3f"}
[2025-12-09 20:33:58.154] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:33:58.154] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:33:58.155] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:33:58.155] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:33:58.155] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:33:58.155] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:33:58.226] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_domain_mogai4.pcap.TCP_192-168-88-24_50050_192-168-88-28_50563.1726052591.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312438225, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726052591616089, "etime": 1726052591616089, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.24", "src_port": 50563, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:33:58.226] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:33:58.226] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:33:58.226] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:34:01.332] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25911 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_IP_mogai1ywlkhflow_1ywrkh.1726049250.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_IP_mogai1ywlkhflow_1ywrkh.1726049250.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=b8c7f7eb6f621d04e558b1fe22f0f773ce9bb498fdcc7966ca9635511e19c295&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Date=20251209T123400Z&X-Amz-SignedHeaders=host"}
[2025-12-09 20:34:01.333] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:34:01.333] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:34:01.333] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:34:01.333] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:34:01.333] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:34:01.334] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:34:01.444] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_IP_mogai1ywlkhflow_1ywrkh.1726049250.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312441444, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726049250307292, "etime": 1726049250307292, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.22", "src_port": 50415, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:34:01.444] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:34:01.444] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:34:01.444] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:34:04.521] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24670 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_IP_mogai1ywlkhflow_1ywrkh.pcap.TCP_192-168-88-22_50050_192-168-88-28_50415.1726049250.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_IP_mogai1ywlkhflow_1ywrkh.pcap.TCP_192-168-88-22_50050_192-168-88-28_50415.1726049250.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123403Z&X-Amz-SignedHeaders=host&X-Amz-Signature=302b5bab733b6d8329c0109c31559e917ce89f8a746baa09185fcaf88109685c"}
[2025-12-09 20:34:04.522] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:34:04.522] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:34:04.522] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:34:04.522] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:34:04.522] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:34:04.523] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:34:04.635] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_IP_mogai1ywlkhflow_1ywrkh.pcap.TCP_192-168-88-22_50050_192-168-88-28_50415.1726049250.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312444634, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726049250307292, "etime": 1726049250307292, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.22", "src_port": 50415, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:34:04.635] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:34:04.635] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:34:04.635] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:34:07.642] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24237 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID13-httpCS4.8_win8_kali_jdk_IP.1726075620.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID13-httpCS4.8_win8_kali_jdk_IP.1726075620.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=fa646335b388e70494c310aaa775b9d7e2a93cedf30735124a3074e5875779d6&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T123407Z"}
[2025-12-09 20:34:07.642] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:34:07.642] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:34:07.642] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:34:07.642] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:34:07.642] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:34:07.643] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:34:09.057] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID13-httpCS4.8_win8_kali_jdk_IP.1726075620.jsonl|result:{"code": 0, "total_count": 26, "abnormal_count": 0, "normal_count": 26, "alert_count": 0, "timestamp": 1765312449056, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726075802807182, "etime": 1726075802807182, "src_ip": "192.168.32.44", "dest_ip": "192.168.32.42", "src_port": 49632, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075811932285, "etime": 1726075811932285, "src_ip": "192.168.32.44", "dest_ip": "192.168.32.42", "src_port": 49641, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075734228055, "etime": 1726075734228055, "src_ip": "192.168.32.44", "dest_ip": "192.168.32.42", "src_port": 49623, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075799764306, "etime": 1726075799764306, "src_ip": "192.168.32.44", "dest_ip": "192.168.32.42", "src_port": 49629, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075810917622, "etime": 1726075810917622, "src_ip": "192.168.32.44", "dest_ip": "192.168.32.42", "src_port": 49640, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075812946354, "etime": 1726075812946354, "src_ip": "192.168.32.44", "dest_ip": "192.168.32.42", "src_port": 49642, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075734209741, "etime": 1726075734209741, "src_ip": "192.168.32.44", "dest_ip": "192.168.32.42", "src_port": 49622, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075794241831, "etime": 1726075794241831, "src_ip": "192.168.32.44", "dest_ip": "192.168.32.42", "src_port": 49624, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075801791442, "etime": 1726075801791442, "src_ip": "192.168.32.44", "dest_ip": "192.168.32.42", "src_port": 49631, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075805851872, "etime": 1726075805851872, "src_ip": "192.168.32.44", "dest_ip": "192.168.32.42", "src_port": 49635, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075814974411, "etime": 1726075814974411, "src_ip": "192.168.32.44", "dest_ip": "192.168.32.42", "src_port": 49644, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075814981116, "etime": 1726075814981116, "src_ip": "192.168.32.44", "dest_ip": "192.168.32.42", "src_port": 49645, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075798749755, "etime": 1726075798749755, "src_ip": "192.168.32.44", "dest_ip": "192.168.32.42", "src_port": 49628, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075796721129, "etime": 1726075796721129, "src_ip": "192.168.32.44", "dest_ip": "192.168.32.42", "src_port": 49626, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075724031562, "etime": 1726075724031562, "src_ip": "192.168.32.44", "dest_ip": "138.113.153.218", "src_port": 49621, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1726075724031486, "etime": 1726075724031486, "src_ip": "192.168.32.44", "dest_ip": "138.113.153.218", "src_port": 49620, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1726075807875356, "etime": 1726075807875356, "src_ip": "192.168.32.44", "dest_ip": "192.168.32.42", "src_port": 49637, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075804833547, "etime": 1726075804833547, "src_ip": "192.168.32.44", "dest_ip": "192.168.32.42", "src_port": 49634, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075797740200, "etime": 1726075797740200, "src_ip": "192.168.32.44", "dest_ip": "192.168.32.42", "src_port": 49627, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075808890112, "etime": 1726075808890112, "src_ip": "192.168.32.44", "dest_ip": "192.168.32.42", "src_port": 49638, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075806861570, "etime": 1726075806861570, "src_ip": "192.168.32.44", "dest_ip": "192.168.32.42", "src_port": 49636, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075809903817, "etime": 1726075809903817, "src_ip": "192.168.32.44", "dest_ip": "192.168.32.42", "src_port": 49639, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075795698201, "etime": 1726075795698201, "src_ip": "192.168.32.44", "dest_ip": "192.168.32.42", "src_port": 49625, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075800778310, "etime": 1726075800778310, "src_ip": "192.168.32.44", "dest_ip": "192.168.32.42", "src_port": 49630, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075813959970, "etime": 1726075813959970, "src_ip": "192.168.32.44", "dest_ip": "192.168.32.42", "src_port": 49643, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1726075803820806, "etime": 1726075803820806, "src_ip": "192.168.32.44", "dest_ip": "192.168.32.42", "src_port": 49633, "dest_port": 8888, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:34:09.057] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:34:10.782] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25912 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_IP_mogai3ywlkhflow_1ywrkh.1726049197.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_IP_mogai3ywlkhflow_1ywrkh.1726049197.jsonl?X-Amz-Expires=604800&X-Amz-Signature=6ce7648726ba416f9b3ae54982f80157f384b34edab3e322f745d4fc54885c5b&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T123410Z&X-Amz-SignedHeaders=host"}
[2025-12-09 20:34:10.782] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:34:10.782] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:34:10.782] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:34:10.782] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:34:10.782] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:34:10.783] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:34:10.849] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_IP_mogai3ywlkhflow_1ywrkh.1726049197.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312450849, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726049197437796, "etime": 1726049197437796, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.22", "src_port": 50412, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:34:10.849] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:34:10.849] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:34:10.849] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:34:13.958] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24671 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_IP_mogai3ywlkhflow_1ywrkh.pcap.TCP_192-168-88-22_50050_192-168-88-28_50412.1726049197.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_IP_mogai3ywlkhflow_1ywrkh.pcap.TCP_192-168-88-22_50050_192-168-88-28_50412.1726049197.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T123413Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=aaa4f81781fd9e0b1013dd474b694e04703fdeb8728fe3ae44a25d4db9ceb029"}
[2025-12-09 20:34:13.958] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:34:13.958] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:34:13.958] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:34:13.958] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:34:13.958] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:34:13.959] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:34:14.063] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_IP_mogai3ywlkhflow_1ywrkh.pcap.TCP_192-168-88-22_50050_192-168-88-28_50412.1726049197.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312454062, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726049197437796, "etime": 1726049197437796, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.22", "src_port": 50412, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:34:14.063] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:34:14.063] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:34:14.063] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:34:17.111] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24672 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_IP_mogai3zwlkhflow1zwrkh.1726640247.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_IP_mogai3zwlkhflow1zwrkh.1726640247.jsonl?X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=deef1a645fe98a0238cfc25482c56cf9290f18b6fb271567edff121945dfb1e0&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T123416Z"}
[2025-12-09 20:34:17.111] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:34:17.111] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:34:17.111] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:34:17.111] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:34:17.111] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:34:17.112] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:34:17.223] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_IP_mogai3zwlkhflow1zwrkh.1726640247.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312457223, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726640247129271, "etime": 1726640247129271, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49274, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:34:17.223] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:34:17.223] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:34:17.223] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:34:20.288] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24673 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_IP_mogai3zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49274.1726640247.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_IP_mogai3zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49274.1726640247.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123419Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=3a49b1f2caf7008d3b3d0b84e4ca955612de357c411c49f6cf86ba1b5553b85f"}
[2025-12-09 20:34:20.288] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:34:20.288] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:34:20.288] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:34:20.288] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:34:20.288] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:34:20.289] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:34:20.401] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_IP_mogai3zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49274.1726640247.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312460400, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726640247129271, "etime": 1726640247129271, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49274, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:34:20.401] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:34:20.401] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:34:20.401] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:34:23.480] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24674 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID38-tls1.2CS4.8_windowsserver2008R2_kali_openjdk_IP.1726229695.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID38-tls1.2CS4.8_windowsserver2008R2_kali_openjdk_IP.1726229695.jsonl?X-Amz-Signature=15d01d09e340fe46b7ca3538a2672fbe59d81b3921121d2ae0729d6aa6a215e3&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T123422Z&X-Amz-SignedHeaders=host"}
[2025-12-09 20:34:23.480] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:34:23.480] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:34:23.480] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:34:23.480] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:34:23.480] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:34:23.481] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:34:27.490] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID38-tls1.2CS4.8_windowsserver2008R2_kali_openjdk_IP.1726229695.jsonl|result:{"code": 1, "total_count": 76, "abnormal_count": 74, "normal_count": 2, "alert_count": 74, "timestamp": 1765312467489, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726229798293656, "etime": 1726229798293656, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49220, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229835110570, "etime": 1726229835110570, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49246, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229799132107, "etime": 1726229799132107, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49221, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229803699033, "etime": 1726229803699033, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49224, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229810322425, "etime": 1726229810322425, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49229, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229815434922, "etime": 1726229815434922, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49233, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229865725341, "etime": 1726229865725341, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49263, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229770214858, "etime": 1726229770214858, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49190, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229851808456, "etime": 1726229851808456, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49257, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229790198841, "etime": 1726229790198841, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49214, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229829075641, "etime": 1726229829075641, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49242, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229777982923, "etime": 1726229777982923, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49200, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229778558470, "etime": 1726229778558470, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49202, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229810908415, "etime": 1726229810908415, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49230, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1726229847212928, "etime": 1726229847212928, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49254, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229850298197, "etime": 1726229850298197, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49256, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229861181236, "etime": 1726229861181236, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49260, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229767122027, "etime": 1726229767122027, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49186, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229795258714, "etime": 1726229795258714, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49218, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229867246003, "etime": 1726229867246003, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49264, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229845732448, "etime": 1726229845732448, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49253, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229788658019, "etime": 1726229788658019, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49212, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229791709190, "etime": 1726229791709190, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49215, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229819968183, "etime": 1726229819968183, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49236, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229808808629, "etime": 1726229808808629, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49228, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229832111705, "etime": 1726229832111705, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49244, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229764085780, "etime": 1726229764085780, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49182, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229783314641, "etime": 1726229783314641, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49206, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229841193103, "etime": 1726229841193103, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49250, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229812412961, "etime": 1726229812412961, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49231, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229780151385, "etime": 1726229780151385, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49204, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229793219679, "etime": 1726229793219679, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49216, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229757936766, "etime": 1726229757936766, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49174, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229765596191, "etime": 1726229765596191, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49184, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229773407395, "etime": 1726229773407395, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49194, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229824498655, "etime": 1726229824498655, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49239, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229844219868, "etime": 1726229844219868, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49252, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229838115054, "etime": 1726229838115054, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49248, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229830586240, "etime": 1726229830586240, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49243, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229800659689, "etime": 1726229800659689, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49222, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229781771908, "etime": 1726229781771908, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49205, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229807294860, "etime": 1726229807294860, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49227, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229762529291, "etime": 1726229762529291, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49180, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229867745189, "etime": 1726229867745189, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49265, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229816946573, "etime": 1726229816946573, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49234, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229862690268, "etime": 1726229862690268, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49261, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229818457991, "etime": 1726229818457991, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49235, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229822989927, "etime": 1726229822989927, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49238, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229776470042, "etime": 1726229776470042, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49198, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229787132688, "etime": 1726229787132688, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49211, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1726229859670567, "etime": 1726229859670567, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49259, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229802165004, "etime": 1726229802165004, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49223, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229759462260, "etime": 1726229759462260, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49176, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229774954368, "etime": 1726229774954368, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49196, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229771749903, "etime": 1726229771749903, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49192, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229827550132, "etime": 1726229827550132, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49241, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229756180807, "etime": 1726229756180807, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49172, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229796768536, "etime": 1726229796768536, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49219, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229804287596, "etime": 1726229804287596, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49225, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1726229858153201, "etime": 1726229858153201, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49258, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1726229784904141, "etime": 1726229784904141, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49208, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229793758625, "etime": 1726229793758625, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49217, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229813924147, "etime": 1726229813924147, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49232, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229760988894, "etime": 1726229760988894, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49178, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229821463606, "etime": 1726229821463606, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49237, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229833620391, "etime": 1726229833620391, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49245, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229786431321, "etime": 1726229786431321, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49209, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229848771837, "etime": 1726229848771837, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49255, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229864186446, "etime": 1726229864186446, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49262, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229842721914, "etime": 1726229842721914, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49251, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229839615594, "etime": 1726229839615594, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49249, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229695400321, "etime": 1726229695400321, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49170, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229768662090, "etime": 1726229768662090, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49188, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229805795174, "etime": 1726229805795174, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49226, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229836613080, "etime": 1726229836613080, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49247, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726229826024979, "etime": 1726229826024979, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.39", "src_port": 49240, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:34:27.490] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 74|max_alert: 1000
[2025-12-09 20:34:27.490] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:34:27.490] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:34:27.490] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24238 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_IP_mogai2zwlkhflow1zwrkh.1726641246.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_IP_mogai2zwlkhflow1zwrkh.1726641246.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123426Z&X-Amz-Expires=604800&X-Amz-Signature=4f6928223b1112ac23f375991177ac77b91ff1051f76c57ffba45dd8bc709ab9&X-Amz-SignedHeaders=host"}
[2025-12-09 20:34:27.490] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:34:27.490] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:34:27.490] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:34:27.491] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:34:27.491] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:34:27.491] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:34:27.548] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_IP_mogai2zwlkhflow1zwrkh.1726641246.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312467548, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726641246242361, "etime": 1726641246242361, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49286, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:34:27.548] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:34:27.548] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:34:27.548] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:34:29.820] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24239 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_IP_mogai2zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49286.1726641246.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_IP_mogai2zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49286.1726641246.jsonl?X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=fd277d5dc4b1ca3cb48ad327284dd23dba3ac8cd4d035a79f94e9edcc19e6c67&X-Amz-Date=20251209T123429Z&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:34:29.821] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:34:29.821] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:34:29.821] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:34:29.821] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:34:29.821] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:34:29.822] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:34:29.896] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_IP_mogai2zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49286.1726641246.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312469895, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726641246242361, "etime": 1726641246242361, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49286, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:34:29.896] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:34:29.896] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:34:29.896] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:34:32.980] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24240 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_domain_mogai.1726046709.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_domain_mogai.1726046709.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123432Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=240d6129111a22f006a317733a3e7f16926034dbf8ead8dafded2cac10e76ab3"}
[2025-12-09 20:34:32.980] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:34:32.980] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:34:32.981] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:34:32.981] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:34:32.981] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:34:32.982] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:34:33.090] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_domain_mogai.1726046709.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312473089, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726046709018272, "etime": 1726046709018272, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.22", "src_port": 50353, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:34:33.090] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:34:33.090] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:34:33.090] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:34:36.166] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24675 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_domain_mogai.pcap.TCP_192-168-88-22_50050_192-168-88-28_50353.1726046709.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_domain_mogai.pcap.TCP_192-168-88-22_50050_192-168-88-28_50353.1726046709.jsonl?X-Amz-Signature=1ceb7d59dc21f829e1f6a6d1954f66dd0a7b61f0905b6d3d8f7d230d289ab537&X-Amz-Date=20251209T123435Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Expires=604800"}
[2025-12-09 20:34:36.166] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:34:36.166] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:34:36.166] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:34:36.166] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:34:36.166] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:34:36.167] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:34:36.278] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_domain_mogai.pcap.TCP_192-168-88-22_50050_192-168-88-28_50353.1726046709.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312476278, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726046709018272, "etime": 1726046709018272, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.22", "src_port": 50353, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:34:36.278] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:34:36.278] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:34:36.278] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:34:39.348] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24676 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_IP_mogai2zwlkhflow1zwrkh.1726640164.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_IP_mogai2zwlkhflow1zwrkh.1726640164.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123438Z&X-Amz-Expires=604800&X-Amz-Signature=3a0db65de1da33c6a304be201e63ef50dd818c1c9a3614d933afa2fd654b708d&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:34:39.348] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:34:39.348] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:34:39.348] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:34:39.349] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:34:39.349] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:34:39.349] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:34:39.463] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_IP_mogai2zwlkhflow1zwrkh.1726640164.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312479463, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726640164900813, "etime": 1726640164900813, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49273, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:34:39.463] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:34:39.463] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:34:39.463] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:34:42.536] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25913 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_IP_mogai2zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49273.1726640164.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_IP_mogai2zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49273.1726640164.jsonl?X-Amz-Signature=85385253ba887c3c1c1a6138bdd29396be632feab1657a18ca6dad43c9f59c8d&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T123442Z"}
[2025-12-09 20:34:42.537] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:34:42.537] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:34:42.537] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:34:42.537] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:34:42.537] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:34:42.538] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:34:42.651] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_IP_mogai2zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49273.1726640164.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312482651, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726640164900813, "etime": 1726640164900813, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49273, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:34:42.651] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:34:42.651] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:34:42.651] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:34:45.695] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25914 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdg_domain_mogai5.1726052381.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdg_domain_mogai5.1726052381.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T123445Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=573acaa8e78f36388053549834ea5959429f3ba0cdda7923190088e8d77cc6d4"}
[2025-12-09 20:34:45.696] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:34:45.696] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:34:45.696] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:34:45.696] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:34:45.696] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:34:45.697] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:34:45.811] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdg_domain_mogai5.1726052381.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312485810, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726052381892033, "etime": 1726052381892033, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.24", "src_port": 50554, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:34:45.811] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:34:45.811] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:34:45.811] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:34:48.905] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24241 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdg_domain_mogai5.pcap.TCP_192-168-88-24_50050_192-168-88-28_50554.1726052381.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdg_domain_mogai5.pcap.TCP_192-168-88-24_50050_192-168-88-28_50554.1726052381.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T123448Z&X-Amz-Signature=955de649f99b7f12340df3d0149db349c4e2b6984a4c041d26fdf1447d87d02e&X-Amz-Expires=604800"}
[2025-12-09 20:34:48.905] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:34:48.905] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:34:48.906] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:34:48.906] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:34:48.906] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:34:48.907] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:34:49.018] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdg_domain_mogai5.pcap.TCP_192-168-88-24_50050_192-168-88-28_50554.1726052381.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312489017, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726052381892033, "etime": 1726052381892033, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.24", "src_port": 50554, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:34:49.018] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:34:49.018] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:34:49.018] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:34:52.060] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24677 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_IP_mogai1zwlkhflow1zwrkh.1726640074.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_IP_mogai1zwlkhflow1zwrkh.1726640074.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T123451Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=58123caf1315e0f1743461ec1c2919b6d51dd0e101b17293f2d798b8ac350c46&X-Amz-Expires=604800"}
[2025-12-09 20:34:52.060] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:34:52.060] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:34:52.060] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:34:52.060] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:34:52.060] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:34:52.061] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:34:52.172] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_IP_mogai1zwlkhflow1zwrkh.1726640074.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312492171, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726640074833465, "etime": 1726640074833465, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49272, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:34:52.172] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:34:52.172] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:34:52.172] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:34:55.242] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24242 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_IP_mogai1zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49272.1726640074.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_IP_mogai1zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49272.1726640074.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=d2327f65e1b6d5680a7da9d15b3b255269b1349bb13a5a0f5218ed1dc1d55e02&X-Amz-Date=20251209T123454Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:34:55.242] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:34:55.242] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:34:55.243] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:34:55.243] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:34:55.243] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:34:55.244] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:34:55.357] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_IP_mogai1zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49272.1726640074.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312495356, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726640074833465, "etime": 1726640074833465, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49272, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:34:55.357] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:34:55.357] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:34:55.357] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:34:58.445] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25915 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_IP_mogai3ywlkhflow1ywrkh.1726052090.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_IP_mogai3ywlkhflow1ywrkh.1726052090.jsonl?X-Amz-Date=20251209T123457Z&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=efa9e871aa78c08d8c85d1e1536aabb3cb3c02431d6308d0604e0c1f34de6ce6"}
[2025-12-09 20:34:58.445] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:34:58.445] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:34:58.445] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:34:58.445] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:34:58.445] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:34:58.446] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:34:58.557] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_IP_mogai3ywlkhflow1ywrkh.1726052090.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312498556, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726052090721159, "etime": 1726052090721159, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.24", "src_port": 50540, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:34:58.557] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:34:58.557] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:34:58.557] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:35:01.684] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24243 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_IP_mogai3ywlkhflow1ywrkh.pcap.TCP_192-168-88-24_50050_192-168-88-28_50540.1726052090.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_IP_mogai3ywlkhflow1ywrkh.pcap.TCP_192-168-88-24_50050_192-168-88-28_50540.1726052090.jsonl?X-Amz-Signature=93700655cc8495bc6a9f397a2e4aba0eb42fb420fdabfc84448b70520d8fb6b6&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T123501Z&X-Amz-Expires=604800"}
[2025-12-09 20:35:01.684] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:35:01.684] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:35:01.684] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:35:01.684] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:35:01.684] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:35:01.685] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:35:01.798] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_IP_mogai3ywlkhflow1ywrkh.pcap.TCP_192-168-88-24_50050_192-168-88-28_50540.1726052090.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312501797, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726052090721159, "etime": 1726052090721159, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.24", "src_port": 50540, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:35:01.798] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:35:01.798] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:35:01.798] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:35:04.845] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25916 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_IP_mogai1zwlkhflow1zwrkh.1726641177.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_IP_mogai1zwlkhflow1zwrkh.1726641177.jsonl?X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=21ce69e5a328afbe4d248cf97eb65bd739db6f28bf5b7dce0319cbcdf0889520&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123504Z"}
[2025-12-09 20:35:04.845] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:35:04.845] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:35:04.845] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:35:04.845] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:35:04.846] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:35:04.846] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:35:04.961] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_IP_mogai1zwlkhflow1zwrkh.1726641177.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765312504960, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726641177983880, "etime": 1726641177983880, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49285, "dest_port": 50050, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:35:04.961] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:35:08.022] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25917 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_IP_mogai1zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49285.1726641177.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_IP_mogai1zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49285.1726641177.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=0f80cc2051517f3d4c4393954f75187124cfa4dd18b8fc0fea55b788be51989d&X-Amz-Date=20251209T123507Z&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:35:08.022] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:35:08.023] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:35:08.023] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:35:08.023] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:35:08.023] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:35:08.024] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:35:08.138] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_IP_mogai1zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49285.1726641177.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765312508137, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726641177983880, "etime": 1726641177983880, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49285, "dest_port": 50050, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:35:08.138] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:35:11.175] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24678 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_IP_mogai2ywlkhflow1ywrkh.1726052039.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_IP_mogai2ywlkhflow1ywrkh.1726052039.jsonl?X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=2051739c50534dd9e539a7bc3857dd00de3092dab8bee98588798aaa9ddcde8f&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T123510Z"}
[2025-12-09 20:35:11.175] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:35:11.175] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:35:11.175] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:35:11.176] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:35:11.176] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:35:11.176] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:35:11.287] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_IP_mogai2ywlkhflow1ywrkh.1726052039.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312511287, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726052039298962, "etime": 1726052039298962, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.24", "src_port": 50537, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:35:11.287] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:35:11.287] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:35:11.287] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:35:14.381] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25918 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_IP_mogai2ywlkhflow1ywrkh.pcap.TCP_192-168-88-24_50050_192-168-88-28_50537.1726052039.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_IP_mogai2ywlkhflow1ywrkh.pcap.TCP_192-168-88-24_50050_192-168-88-28_50537.1726052039.jsonl?X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T123513Z&X-Amz-Signature=0ec5b8122e3d7b5d0ce0405c37d58eb919ca2abe301e7a1cf4f983153aebbcf8"}
[2025-12-09 20:35:14.381] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:35:14.381] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:35:14.382] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:35:14.382] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:35:14.382] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:35:14.383] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:35:14.494] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_IP_mogai2ywlkhflow1ywrkh.pcap.TCP_192-168-88-24_50050_192-168-88-28_50537.1726052039.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312514493, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726052039298962, "etime": 1726052039298962, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.24", "src_port": 50537, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:35:14.494] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:35:14.494] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:35:14.494] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:35:17.574] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25919 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdk_IP_mogai1ywlkhflow1ywrkh.1726051773.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdk_IP_mogai1ywlkhflow1ywrkh.1726051773.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T123517Z&X-Amz-Signature=1d18b5efae516e3f087ffae258d8019dbde11b43c9293404eef08d509b2753d4&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:35:17.574] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:35:17.574] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:35:17.574] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:35:17.574] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:35:17.574] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:35:17.575] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:35:17.685] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdk_IP_mogai1ywlkhflow1ywrkh.1726051773.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312517685, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726051773927465, "etime": 1726051773927465, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.24", "src_port": 50524, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:35:17.685] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:35:17.685] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:35:17.685] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:35:20.757] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24679 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdk_IP_mogai1ywlkhflow1ywrkh.pcap.TCP_192-168-88-24_50050_192-168-88-28_50524.1726051773.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdk_IP_mogai1ywlkhflow1ywrkh.pcap.TCP_192-168-88-24_50050_192-168-88-28_50524.1726051773.jsonl?X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=3d78b408b20f99dbf93ca31dd7eea577ad3fd660a72031427e1e34b0c77c0b87&X-Amz-Date=20251209T123520Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:35:20.757] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:35:20.757] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:35:20.758] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:35:20.758] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:35:20.758] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:35:20.758] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:35:20.866] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdk_IP_mogai1ywlkhflow1ywrkh.pcap.TCP_192-168-88-24_50050_192-168-88-28_50524.1726051773.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312520865, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726051773927465, "etime": 1726051773927465, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.24", "src_port": 50524, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:35:20.866] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:35:20.866] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:35:20.866] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:35:23.923] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25920 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_IP_mogai1ywlkhflow1ywrkh.1726051978.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_IP_mogai1ywlkhflow1ywrkh.1726051978.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=d813a66d527e2d29e6bf1dcaad821ab6cf0598f71cc205f65e0eadbeb64549d5&X-Amz-Date=20251209T123523Z&X-Amz-SignedHeaders=host"}
[2025-12-09 20:35:23.923] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:35:23.923] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:35:23.924] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:35:23.924] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:35:23.924] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:35:23.925] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:35:24.039] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_IP_mogai1ywlkhflow1ywrkh.1726051978.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312524038, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726051978252084, "etime": 1726051978252084, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.24", "src_port": 50534, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:35:24.039] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:35:24.039] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:35:24.039] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:35:27.070] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24680 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_IP_mogai1ywlkhflow1ywrkh.pcap.TCP_192-168-88-24_50050_192-168-88-28_50534.1726051978.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_IP_mogai1ywlkhflow1ywrkh.pcap.TCP_192-168-88-24_50050_192-168-88-28_50534.1726051978.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T123526Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=2c96feb94fbcbdc3e71c9a2a9e969e2fd2e22fb3431e25ceed1b24ac25794abd"}
[2025-12-09 20:35:27.071] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:35:27.071] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:35:27.071] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:35:27.071] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:35:27.071] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:35:27.072] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:35:27.182] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_IP_mogai1ywlkhflow1ywrkh.pcap.TCP_192-168-88-24_50050_192-168-88-28_50534.1726051978.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312527182, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726051978252084, "etime": 1726051978252084, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.24", "src_port": 50534, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:35:27.182] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:35:27.182] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:35:27.182] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:35:30.242] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24244 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_domainzwlkhflow1zwrkh.1726040470.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_domainzwlkhflow1zwrkh.1726040470.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=c3cdacb0c8c8c33e0c25669a2d67df83a9af9850b54c9d4cc4abaf62207b3986&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T123529Z&X-Amz-Expires=604800"}
[2025-12-09 20:35:30.242] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:35:30.242] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:35:30.242] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:35:30.243] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:35:30.243] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:35:30.243] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:35:30.402] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_domainzwlkhflow1zwrkh.1726040470.jsonl|result:{"code": 1, "total_count": 2, "abnormal_count": 1, "normal_count": 1, "alert_count": 1, "timestamp": 1765312530401, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726040470461471, "etime": 1726040470461471, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49217, "dest_port": 50050, "protocol": "tls", "result": "Normal"}, {"stime": 1726040473120564, "etime": 1726040473120564, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49218, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:35:30.402] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:35:30.402] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:35:30.402] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:35:33.410] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24681 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_IP_mogai3ywlkhflow_1ywrkh.1726623784.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_IP_mogai3ywlkhflow_1ywrkh.1726623784.jsonl?X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T123532Z&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=2f9578fc4e86b06dd5972087840be0e98fdd84e38d3b2791064199e021c45bc6"}
[2025-12-09 20:35:33.410] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:35:33.410] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:35:33.410] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:35:33.410] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:35:33.410] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:35:33.411] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:35:33.499] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_IP_mogai3ywlkhflow_1ywrkh.1726623784.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312533498, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726623784238637, "etime": 1726623784238637, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.22", "src_port": 50371, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:35:33.499] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:35:33.499] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:35:33.499] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:35:36.604] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24682 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_IP_mogai3ywlkhflow_1ywrkh.pcap.TCP_192-168-88-22_50050_192-168-88-28_50371.1726623784.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_IP_mogai3ywlkhflow_1ywrkh.pcap.TCP_192-168-88-22_50050_192-168-88-28_50371.1726623784.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Date=20251209T123536Z&X-Amz-Signature=d5b01f3f63749025ae165e2139f8d0bd0e8baeb6a5f368c399fa1986b5617146"}
[2025-12-09 20:35:36.604] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:35:36.604] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:35:36.604] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:35:36.604] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:35:36.604] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:35:36.605] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:35:36.715] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_IP_mogai3ywlkhflow_1ywrkh.pcap.TCP_192-168-88-22_50050_192-168-88-28_50371.1726623784.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312536714, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726623784238637, "etime": 1726623784238637, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.22", "src_port": 50371, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:35:36.715] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:35:36.715] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:35:36.715] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:35:39.764] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24683 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_domainzwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49218.1726040473.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_domainzwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49218.1726040473.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T123539Z&X-Amz-Expires=604800&X-Amz-Signature=d0da0611d19fb9e10caa0a44c9165fa51cefe4cc8aede98bc6f25ef042fbfb43&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:35:39.764] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:35:39.764] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:35:39.765] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:35:39.765] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:35:39.765] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:35:39.766] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:35:39.882] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_domainzwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49218.1726040473.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312539882, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726040473120564, "etime": 1726040473120564, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49218, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:35:39.882] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:35:39.882] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:35:39.882] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:35:42.931] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25921 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_IP.1726046306.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_IP.1726046306.jsonl?X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123542Z&X-Amz-Signature=b1bbc36d037f68c06d6bc2f1f5033d8b47c54a2d5097e6bc44877b6c40e84b1f&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 20:35:42.931] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:35:42.931] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:35:42.931] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:35:42.931] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:35:42.931] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:35:42.932] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:35:43.046] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_IP.1726046306.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312543045, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726046306166828, "etime": 1726046306166828, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.22", "src_port": 50347, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:35:43.046] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:35:43.046] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:35:43.046] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:35:46.081] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24684 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_IP.pcap.TCP_192-168-88-22_50050_192-168-88-28_50347.1726046306.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_IP.pcap.TCP_192-168-88-22_50050_192-168-88-28_50347.1726046306.jsonl?X-Amz-Signature=8e8a2cf8f91248812504e88e6dee065147e0c026f8151b9dad0d1d60583b7ea2&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T123545Z&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 20:35:46.081] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:35:46.081] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:35:46.081] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:35:46.081] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:35:46.081] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:35:46.082] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:35:46.192] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID6-tls1.3CS4.8_win10_kali_openjdk_IP.pcap.TCP_192-168-88-22_50050_192-168-88-28_50347.1726046306.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312546191, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726046306166828, "etime": 1726046306166828, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.22", "src_port": 50347, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:35:46.192] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:35:46.192] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:35:46.192] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:35:49.220] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24245 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_IP.1726046026.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_IP.1726046026.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123548Z&X-Amz-Signature=3ee0a3e2ea1983bfbf660a6521d678bd28134636f95e4923d03ad58cef0c373e"}
[2025-12-09 20:35:49.220] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:35:49.220] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:35:49.220] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:35:49.220] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:35:49.220] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:35:49.221] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:35:49.333] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_IP.1726046026.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312549333, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726046026931894, "etime": 1726046026931894, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.22", "src_port": 50340, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:35:49.333] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:35:49.333] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:35:49.333] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:35:52.368] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24246 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_IP.pcap.TCP_192-168-88-22_50050_192-168-88-28_50340.1726046026.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_IP.pcap.TCP_192-168-88-22_50050_192-168-88-28_50340.1726046026.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=4dbfc4295ebd4affdb15a8487994f0519840178ac0bfc016b0c0587de5301088&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123551Z"}
[2025-12-09 20:35:52.368] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:35:52.368] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:35:52.368] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:35:52.368] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:35:52.368] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:35:52.369] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:35:52.479] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID5-tls1.3CS4.8_win10_kali_jdk_IP.pcap.TCP_192-168-88-22_50050_192-168-88-28_50340.1726046026.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312552479, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726046026931894, "etime": 1726046026931894, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.22", "src_port": 50340, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:35:52.479] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:35:52.479] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:35:52.479] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:35:55.558] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24685 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdg_domain_mogai.1726025194.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdg_domain_mogai.1726025194.jsonl?X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123555Z&X-Amz-SignedHeaders=host&X-Amz-Signature=97843c94b73eed87930710e18690c9d451284572044366ce5dcbfbdcd2e4ea95&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:35:55.558] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:35:55.558] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:35:55.558] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:35:55.558] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:35:55.558] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:35:55.559] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:35:55.670] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdg_domain_mogai.1726025194.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312555670, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726025194226887, "etime": 1726025194226887, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.24", "src_port": 50225, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:35:55.670] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:35:55.670] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:35:55.670] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:35:58.709] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25922 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdk_IP.1726022173.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdk_IP.1726022173.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T123558Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=cc6ed36438d5172abe43a399bbed19bca90b22925b7d31a8a85de8695dfd1072&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:35:58.710] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:35:58.710] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:35:58.710] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:35:58.710] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:35:58.710] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:35:58.711] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:35:58.822] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdk_IP.1726022173.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312558821, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726022173062565, "etime": 1726022173062565, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.24", "src_port": 49948, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:35:58.822] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:35:58.822] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:35:58.822] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:36:01.910] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24686 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdk_IP.pcap.TCP_192-168-88-24_50050_192-168-88-28_49948.1726022173.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdk_IP.pcap.TCP_192-168-88-24_50050_192-168-88-28_49948.1726022173.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T123601Z&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=fe814df405a435a561f86edf3fd32bcf931ef2ded0feed072dc04fde0fedb27a"}
[2025-12-09 20:36:01.910] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:36:01.911] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:36:01.911] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:36:01.911] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:36:01.911] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:36:01.912] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:36:02.023] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdk_IP.pcap.TCP_192-168-88-24_50050_192-168-88-28_49948.1726022173.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312562023, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726022173062565, "etime": 1726022173062565, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.24", "src_port": 49948, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:36:02.024] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:36:02.024] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:36:02.024] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:36:05.073] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25923 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdg_domain_mogai.pcap.TCP_192-168-88-24_50050_192-168-88-28_50225.1726025194.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdg_domain_mogai.pcap.TCP_192-168-88-24_50050_192-168-88-28_50225.1726025194.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=77777a9ce075337912c4caca671a6bb2391d56f4c7cbee05f1794ef2420e0c5e&X-Amz-Date=20251209T123604Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:36:05.073] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:36:05.073] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:36:05.074] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:36:05.074] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:36:05.074] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:36:05.075] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:36:05.186] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdg_domain_mogai.pcap.TCP_192-168-88-24_50050_192-168-88-28_50225.1726025194.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312565185, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726025194226887, "etime": 1726025194226887, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.24", "src_port": 50225, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:36:05.186] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:36:05.186] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:36:05.186] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:36:08.254] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24247 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_IP.1726017084.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_IP.1726017084.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=4943fb6eb3b6697567dd91fccd91f234dc88cbf94f1bc8cb4e1671ebb2a8aecc&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123607Z"}
[2025-12-09 20:36:08.255] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:36:08.255] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:36:08.255] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:36:08.255] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:36:08.255] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:36:08.256] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:36:08.366] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_IP.1726017084.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312568366, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726017084574618, "etime": 1726017084574618, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.24", "src_port": 49721, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:36:08.366] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:36:08.366] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:36:08.366] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:36:11.415] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24248 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_IP.pcap.TCP_192-168-88-24_50050_192-168-88-28_49721.1726017084.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_IP.pcap.TCP_192-168-88-24_50050_192-168-88-28_49721.1726017084.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T123610Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=7c9270938256d50515287041309688be2b4139750110a28f7fa15d1ab82c3d07"}
[2025-12-09 20:36:11.415] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:36:11.415] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:36:11.415] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:36:11.415] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:36:11.415] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:36:11.416] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:36:11.526] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID8-tls1.3CS4.8_win10_ubuntu_openjdk_IP.pcap.TCP_192-168-88-24_50050_192-168-88-28_49721.1726017084.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312571526, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726017084574618, "etime": 1726017084574618, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.24", "src_port": 49721, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:36:11.526] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:36:11.526] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:36:11.526] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:36:14.559] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24249 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_https_ls.pcap.TCP_192-168-52-1_42299_192-168-52-129_443.1726042424.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_https_ls.pcap.TCP_192-168-52-1_42299_192-168-52-129_443.1726042424.jsonl?X-Amz-Signature=4e73c81aa367e7c0f3d716f93ae7412d9816e5029f47f8dd296c873aa7a12daa&X-Amz-Date=20251209T123614Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:36:14.560] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:36:14.560] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:36:14.560] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:36:14.560] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:36:14.560] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:36:14.561] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:36:14.673] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_https_ls.pcap.TCP_192-168-52-1_42299_192-168-52-129_443.1726042424.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312574672, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726042424495342, "etime": 1726042424495342, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 42299, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:36:14.673] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:36:14.673] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:36:14.673] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:36:17.681] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24687 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID60_behinderv4.1_aspx_winserver2012r2-tls1.2_1.pcap.TCP_10-0-4-15_3389_111-53-218-171_6945.1726284531.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID60_behinderv4.1_aspx_winserver2012r2-tls1.2_1.pcap.TCP_10-0-4-15_3389_111-53-218-171_6945.1726284531.jsonl?X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=13370ec4e5b9df1a682f44ae3af586329868ae37ee59c7ab64bf92891daf15bf&X-Amz-Date=20251209T123617Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:36:17.681] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:36:17.681] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:36:17.681] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:36:17.681] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:36:17.681] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:36:17.682] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:36:17.795] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID60_behinderv4.1_aspx_winserver2012r2-tls1.2_1.pcap.TCP_10-0-4-15_3389_111-53-218-171_6945.1726284531.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765312577795, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726284531502049, "etime": 1726284531502049, "src_ip": "111.53.218.171", "dest_ip": "10.0.4.15", "src_port": 6945, "dest_port": 3389, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:36:17.796] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:36:20.801] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25924 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_http_whoami.pcap.TCP_192-168-52-1_11237_192-168-52-129_80.1726192027.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_http_whoami.pcap.TCP_192-168-52-1_11237_192-168-52-129_80.1726192027.jsonl?X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=b4cbc111cae98d464a1122e2cce92a724ed37fd8fec1d1c10982493e149382e2&X-Amz-Date=20251209T123620Z&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:36:20.801] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:36:20.801] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:36:20.801] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:36:20.801] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:36:20.801] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:36:20.802] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:36:20.912] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_http_whoami.pcap.TCP_192-168-52-1_11237_192-168-52-129_80.1726192027.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765312580911, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726192027722279, "etime": 1726192027722279, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 11237, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:36:20.912] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:36:23.917] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25925 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_ls.pcap.TCP_192-168-52-1_11657_192-168-52-129_80.1726192280.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_ls.pcap.TCP_192-168-52-1_11657_192-168-52-129_80.1726192280.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=476b62fa5b64fc3f530ce38df3e9f33becf24c2a63ab90dae6d7d791118c3023&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123623Z"}
[2025-12-09 20:36:23.917] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:36:23.917] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:36:23.918] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:36:23.918] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:36:23.918] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:36:23.919] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:36:24.030] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_ls.pcap.TCP_192-168-52-1_11657_192-168-52-129_80.1726192280.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765312584029, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726192280680886, "etime": 1726192280680886, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 11657, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:36:24.030] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:36:27.048] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25926 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID25-tls1.2CS4.8_centos_ubuntu_jdk_IP.1728732968.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID25-tls1.2CS4.8_centos_ubuntu_jdk_IP.1728732968.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=d6dafe96295f93665682a7799c1fa3dc86fd32bf40dea8e6ed1f4492632957ef&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123626Z"}
[2025-12-09 20:36:27.048] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:36:27.048] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:36:27.048] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:36:27.048] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:36:27.048] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:36:27.049] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:36:28.212] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID25-tls1.2CS4.8_centos_ubuntu_jdk_IP.1728732968.jsonl|result:{"code": 1, "total_count": 21, "abnormal_count": 2, "normal_count": 19, "alert_count": 2, "timestamp": 1765312588211, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1728733009223433, "etime": 1728733009223433, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 34656, "dest_port": 8888, "protocol": "tls", "result": "Godzilla"}, {"stime": 1728733025367250, "etime": 1728733025367250, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 34666, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1728732976735916, "etime": 1728732976735916, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 34632, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1728732996996368, "etime": 1728732996996368, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 34646, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1728732984898406, "etime": 1728732984898406, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 34638, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1728733017255114, "etime": 1728733017255114, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 34660, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1728732988894486, "etime": 1728732988894486, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 34640, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1728732984836648, "etime": 1728732984836648, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 34636, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1728732992945352, "etime": 1728732992945352, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 34644, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1728733005096552, "etime": 1728733005096552, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 34652, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1728733021311724, "etime": 1728733021311724, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 34664, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1728733001100097, "etime": 1728733001100097, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 34650, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1728733001046199, "etime": 1728733001046199, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 34648, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1728732968633786, "etime": 1728732968633786, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 34628, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1728732972685662, "etime": 1728732972685662, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 34630, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1728732968632666, "etime": 1728732968632666, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 34626, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1728732980786015, "etime": 1728732980786015, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 34634, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1728732988947171, "etime": 1728732988947171, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 34642, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1728733009149141, "etime": 1728733009149141, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 34654, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1728733013200728, "etime": 1728733013200728, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 34658, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1728733017339526, "etime": 1728733017339526, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 34662, "dest_port": 8888, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:36:28.212] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 2|max_alert: 1000
[2025-12-09 20:36:28.212] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:36:28.212] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:36:30.197] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24250 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID26-tls1.2CS4.8_centos_ubuntu_openjdk_IP.1728727779.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID26-tls1.2CS4.8_centos_ubuntu_openjdk_IP.1728727779.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123629Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=e088d1c26c9c3823b573cfd9ff3020803d84392580702dc04f01565f45537829"}
[2025-12-09 20:36:30.197] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:36:30.197] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:36:30.197] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:36:30.197] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:36:30.197] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:36:30.198] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:36:31.323] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID26-tls1.2CS4.8_centos_ubuntu_openjdk_IP.1728727779.jsonl|result:{"code": 1, "total_count": 21, "abnormal_count": 2, "normal_count": 19, "alert_count": 2, "timestamp": 1765312591322, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1728727792039159, "etime": 1728727792039159, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 56974, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1728727812295179, "etime": 1728727812295179, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 56986, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1728727820416099, "etime": 1728727820416099, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 56994, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1728727783934142, "etime": 1728727783934142, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 56970, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1728727804191404, "etime": 1728727804191404, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 56980, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1728727808243605, "etime": 1728727808243605, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 56984, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1728727812358925, "etime": 1728727812358925, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 56988, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1728727816358670, "etime": 1728727816358670, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 56990, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1728727816420918, "etime": 1728727816420918, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 56992, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1728727824545244, "etime": 1728727824545244, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 56998, "dest_port": 7777, "protocol": "tls", "result": "Godzilla"}, {"stime": 1728727832578507, "etime": 1728727832578507, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 57002, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1728727796089087, "etime": 1728727796089087, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 56976, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1728727832656041, "etime": 1728727832656041, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 57004, "dest_port": 7777, "protocol": "tls", "result": "Antsword"}, {"stime": 1728727836633195, "etime": 1728727836633195, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 57006, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1728727779880092, "etime": 1728727779880092, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 56968, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1728727804249748, "etime": 1728727804249748, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 56982, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1728727800139367, "etime": 1728727800139367, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 56978, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1728727828524385, "etime": 1728727828524385, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 57000, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1728727787988489, "etime": 1728727787988489, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 56972, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1728727779878198, "etime": 1728727779878198, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 56966, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1728727824470264, "etime": 1728727824470264, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 56996, "dest_port": 7777, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:36:31.323] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 2|max_alert: 1000
[2025-12-09 20:36:31.323] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:36:31.323] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:36:33.341] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25927 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_https_whoami.pcap.TCP_192-168-52-1_20222_192-168-52-129_443.1725954694.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_https_whoami.pcap.TCP_192-168-52-1_20222_192-168-52-129_443.1725954694.jsonl?X-Amz-Signature=1fb15a31a1c47419f98a0c4eebf7edb164140c04da5d11ae2b0a4701d9d533d4&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T123632Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host"}
[2025-12-09 20:36:33.341] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:36:33.341] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:36:33.341] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:36:33.341] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:36:33.341] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:36:33.342] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:36:33.418] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_https_whoami.pcap.TCP_192-168-52-1_20222_192-168-52-129_443.1725954694.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312593418, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1725954694469871, "etime": 1725954694469871, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 20222, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:36:33.418] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:36:33.418] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:36:33.418] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:36:36.452] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24251 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_http_ls.pcap.TCP_192-168-52-1_11237_192-168-52-129_80.1726192068.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_http_ls.pcap.TCP_192-168-52-1_11237_192-168-52-129_80.1726192068.jsonl?X-Amz-Signature=ab8a31511d3b367816a4bb894f75c224745aff001443211b18fba7b0e4f31185&X-Amz-Date=20251209T123635Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:36:36.452] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:36:36.452] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:36:36.452] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:36:36.452] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:36:36.452] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:36:36.453] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:36:36.553] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_http_ls.pcap.TCP_192-168-52-1_11237_192-168-52-129_80.1726192068.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765312596553, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726192068392442, "etime": 1726192068392442, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 11237, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:36:36.553] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:36:39.562] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24252 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_http_cat.pcap.TCP_192-168-52-1_11333_192-168-52-129_80.1726192105.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_http_cat.pcap.TCP_192-168-52-1_11333_192-168-52-129_80.1726192105.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=86c8ef56560cc2b6bf38cab4aafe5a4c14f9b5182211bbcd53bb897d14103543&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T123639Z"}
[2025-12-09 20:36:39.562] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:36:39.562] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:36:39.563] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:36:39.563] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:36:39.563] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:36:39.563] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:36:39.672] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_http_cat.pcap.TCP_192-168-52-1_11333_192-168-52-129_80.1726192105.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765312599671, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726192105257091, "etime": 1726192105257091, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 11333, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:36:39.672] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:36:42.700] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24688 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_IP.1726039121.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_IP.1726039121.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123642Z&X-Amz-Signature=a2ac5022336bc25079edd4987de55aed1705e39d8eadc006968de5a1bfdd915f"}
[2025-12-09 20:36:42.700] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:36:42.700] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:36:42.700] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:36:42.700] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:36:42.700] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:36:42.701] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:36:42.875] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_IP.1726039121.jsonl|result:{"code": 0, "total_count": 2, "abnormal_count": 0, "normal_count": 2, "alert_count": 0, "timestamp": 1765312602874, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726039121341960, "etime": 1726039121341960, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49204, "dest_port": 50050, "protocol": "tls", "result": "Normal"}, {"stime": 1726039128940134, "etime": 1726039128940134, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49205, "dest_port": 50050, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:36:42.875] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:36:45.858] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25928 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_IP.pcap.TCP_192-168-88-24_50050_192-168-88-30_49205.1726039128.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_IP.pcap.TCP_192-168-88-24_50050_192-168-88-30_49205.1726039128.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=459180abb8b28e5fd684ad3324736953b77370cb2acc974d4c7ea12d8f8fe146&X-Amz-Date=20251209T123645Z&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:36:45.858] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:36:45.858] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:36:45.859] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:36:45.859] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:36:45.859] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:36:45.860] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:36:45.947] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID19-tls1.3CS4.8_win7_ubuntu_jdk_IP.pcap.TCP_192-168-88-24_50050_192-168-88-30_49205.1726039128.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765312605946, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726039128940134, "etime": 1726039128940134, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49205, "dest_port": 50050, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:36:45.947] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:36:49.003] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24253 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_https_whoami.pcap.TCP_192-168-52-1_23792_192-168-52-129_443.1725956188.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_https_whoami.pcap.TCP_192-168-52-1_23792_192-168-52-129_443.1725956188.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123648Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=e3a6f2fc16ba9f5c46fd4af1ad71745cbb4369cbd43fb82d5ab8b7843822f2f6"}
[2025-12-09 20:36:49.003] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:36:49.003] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:36:49.003] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:36:49.003] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:36:49.003] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:36:49.004] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:36:49.117] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_https_whoami.pcap.TCP_192-168-52-1_23792_192-168-52-129_443.1725956188.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312609117, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1725956188682291, "etime": 1725956188682291, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 23792, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:36:49.117] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:36:49.117] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:36:49.117] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:36:52.129] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24254 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.TCP_192-168-52-1_11500_192-168-52-129_80.1726192241.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.TCP_192-168-52-1_11500_192-168-52-129_80.1726192241.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T123651Z&X-Amz-SignedHeaders=host&X-Amz-Signature=3a6fc5a3f8df4eef31a884ed7bbdadb228f92fb55a65fb9299751adb50d1384f&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:36:52.129] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:36:52.129] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:36:52.130] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:36:52.130] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:36:52.130] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:36:52.131] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:36:52.242] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_whoami.pcap.TCP_192-168-52-1_11500_192-168-52-129_80.1726192241.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765312612242, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726192241565192, "etime": 1726192241565192, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 11500, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:36:52.242] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:36:55.269] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24689 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_whoami.pcap.TCP_192-168-52-1_42110_192-168-52-129_443.1726042297.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_whoami.pcap.TCP_192-168-52-1_42110_192-168-52-129_443.1726042297.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T123654Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=8bd836718b88efd58082e1aff276be6c0efa07486f73900380e61f6ee62af645"}
[2025-12-09 20:36:55.269] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:36:55.269] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:36:55.269] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:36:55.269] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:36:55.269] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:36:55.270] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:36:55.386] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_whoami.pcap.TCP_192-168-52-1_42110_192-168-52-129_443.1726042297.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312615385, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726042297514577, "etime": 1726042297514577, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 42110, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:36:55.386] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:36:55.386] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:36:55.386] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:36:58.456] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24255 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdk_IP_mogai3ywlkhflow1ywrkh.1726051942.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdk_IP_mogai3ywlkhflow1ywrkh.1726051942.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123657Z&X-Amz-Signature=c2dc5f90d174af4d9a5642b8fc22308493a3d26c575482a71a4ca2e08d1062fc&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:36:58.456] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:36:58.456] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:36:58.456] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:36:58.456] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:36:58.456] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:36:58.457] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:36:58.566] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdk_IP_mogai3ywlkhflow1ywrkh.1726051942.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312618566, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726051942266768, "etime": 1726051942266768, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.24", "src_port": 50532, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:36:58.566] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:36:58.566] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:36:58.566] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:37:01.593] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24690 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdk_IP_mogai3ywlkhflow1ywrkh.pcap.TCP_192-168-88-24_50050_192-168-88-28_50532.1726051942.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdk_IP_mogai3ywlkhflow1ywrkh.pcap.TCP_192-168-88-24_50050_192-168-88-28_50532.1726051942.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=296007048820cd2ef52a24a8f740813f6a8949e487be958fd4212d5b39b81f36&X-Amz-Date=20251209T123701Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:37:01.593] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:37:01.594] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:37:01.594] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:37:01.594] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:37:01.594] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:37:01.595] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:37:01.706] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdk_IP_mogai3ywlkhflow1ywrkh.pcap.TCP_192-168-88-24_50050_192-168-88-28_50532.1726051942.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312621705, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726051942266768, "etime": 1726051942266768, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.24", "src_port": 50532, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:37:01.706] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:37:01.706] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:37:01.706] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:37:04.711] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25929 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_cat.pcap.TCP_192-168-52-1_11657_192-168-52-129_80.1726192308.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_cat.pcap.TCP_192-168-52-1_11657_192-168-52-129_80.1726192308.jsonl?X-Amz-Date=20251209T123704Z&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=4ec203d8a05fbbd04a133e50f89ad96301d7df93a233073c2ebd9fdb40ad376d"}
[2025-12-09 20:37:04.711] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:37:04.711] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:37:04.711] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:37:04.711] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:37:04.711] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:37:04.712] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:37:04.810] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID51_behinderv4.0.7_php_linux_http_cat.pcap.TCP_192-168-52-1_11657_192-168-52-129_80.1726192308.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765312624810, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726192308674125, "etime": 1726192308674125, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 11657, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:37:04.810] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:37:07.867] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24256 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdk_IP_mogai2ywlkhflow1ywrkh.1726051899.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdk_IP_mogai2ywlkhflow1ywrkh.1726051899.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123707Z&X-Amz-Signature=b5be4a1255295dc7245538c048b03ae97a67691d39ed7b6763145bc03dc4429a&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:37:07.867] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:37:07.867] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:37:07.867] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:37:07.867] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:37:07.867] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:37:07.868] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:37:07.981] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdk_IP_mogai2ywlkhflow1ywrkh.1726051899.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312627981, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726051899688726, "etime": 1726051899688726, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.24", "src_port": 50530, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:37:07.981] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:37:07.981] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:37:07.981] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:37:11.005] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25930 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdk_IP_mogai2ywlkhflow1ywrkh.pcap.TCP_192-168-88-24_50050_192-168-88-28_50530.1726051899.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdk_IP_mogai2ywlkhflow1ywrkh.pcap.TCP_192-168-88-24_50050_192-168-88-28_50530.1726051899.jsonl?X-Amz-Signature=19e67b7c317cd136b699f7b341bda48280a1c34ae2057e048bef61b5632d8845&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T123710Z&X-Amz-Expires=604800"}
[2025-12-09 20:37:11.005] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:37:11.005] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:37:11.005] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:37:11.005] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:37:11.005] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:37:11.006] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:37:11.119] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID7-tls1.3CS4.8_win10_ubuntu_jdk_IP_mogai2ywlkhflow1ywrkh.pcap.TCP_192-168-88-24_50050_192-168-88-28_50530.1726051899.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312631118, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726051899688726, "etime": 1726051899688726, "src_ip": "192.168.88.28", "dest_ip": "192.168.88.24", "src_port": 50530, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:37:11.119] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:37:11.119] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:37:11.119] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:37:14.116] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25931 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_https_cat.pcap.TCP_192-168-52-1_42299_192-168-52-129_443.1726042454.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_https_cat.pcap.TCP_192-168-52-1_42299_192-168-52-129_443.1726042454.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T123713Z&X-Amz-Signature=d55c21cc5a876590a1a88b4bdf9f49c3bc03f03fd8938f30f840eab84b19b1ca&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:37:14.116] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:37:14.116] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:37:14.116] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:37:14.116] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:37:14.116] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:37:14.117] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:37:14.227] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID52_behinderv4.1_php_linux_https_cat.pcap.TCP_192-168-52-1_42299_192-168-52-129_443.1726042454.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765312634226, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726042454524772, "etime": 1726042454524772, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 42299, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:37:14.227] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:37:17.271] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24257 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID22-tls1.3CS4.8_mac_kali_openjdk_domain3.1726212571.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID22-tls1.3CS4.8_mac_kali_openjdk_domain3.1726212571.jsonl?X-Amz-Signature=6ebb7882a8f2f9508be3d95fbbd4dd21b6ff7ea25007fc1adedf765483a08b85&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123716Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:37:17.272] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:37:17.272] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:37:17.272] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:37:17.272] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:37:17.272] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:37:17.273] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:37:18.915] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID22-tls1.3CS4.8_mac_kali_openjdk_domain3.1726212571.jsonl|result:{"code": 0, "total_count": 30, "abnormal_count": 0, "normal_count": 30, "alert_count": 0, "timestamp": 1765312638913, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726212600874625, "etime": 1726212600874625, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50121, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212582577974, "etime": 1726212582577974, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50099, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212583597410, "etime": 1726212583597410, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50101, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212587668450, "etime": 1726212587668450, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50106, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212599864464, "etime": 1726212599864464, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50120, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212595828770, "etime": 1726212595828770, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50116, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212596821143, "etime": 1726212596821143, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50117, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212588686451, "etime": 1726212588686451, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50107, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212593777231, "etime": 1726212593777231, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50113, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212590720531, "etime": 1726212590720531, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50109, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212597836036, "etime": 1726212597836036, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50118, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212575493736, "etime": 1726212575493736, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50094, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212579519747, "etime": 1726212579519747, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50095, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212580538940, "etime": 1726212580538940, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50096, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212582592630, "etime": 1726212582592630, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50100, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212594793021, "etime": 1726212594793021, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50114, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212590734115, "etime": 1726212590734115, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50110, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212584613315, "etime": 1726212584613315, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50102, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212581556878, "etime": 1726212581556878, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50097, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212586649881, "etime": 1726212586649881, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50104, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212586663995, "etime": 1726212586663995, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50105, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212591744685, "etime": 1726212591744685, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50111, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212571468512, "etime": 1726212571468512, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50092, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212571469267, "etime": 1726212571469267, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50093, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212581573068, "etime": 1726212581573068, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50098, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212595810129, "etime": 1726212595810129, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50115, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212589703128, "etime": 1726212589703128, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50108, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212592759714, "etime": 1726212592759714, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50112, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212598854624, "etime": 1726212598854624, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50119, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212585629755, "etime": 1726212585629755, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50103, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:37:18.915] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:37:20.410] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24691 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_domain_mogaizwlkhflow1zwrkh.1726044658.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_domain_mogaizwlkhflow1zwrkh.1726044658.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123719Z&X-Amz-Signature=70b42d05d2347f5e758ae5f447e1056eae9c0d457281a69965fff84597641d39&X-Amz-SignedHeaders=host"}
[2025-12-09 20:37:20.410] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:37:20.410] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:37:20.410] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:37:20.410] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:37:20.410] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:37:20.411] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:37:20.529] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_domain_mogaizwlkhflow1zwrkh.1726044658.jsonl|result:{"code": 1, "total_count": 2, "abnormal_count": 1, "normal_count": 1, "alert_count": 1, "timestamp": 1765312640528, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726044661703336, "etime": 1726044661703336, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49260, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}, {"stime": 1726044658246049, "etime": 1726044658246049, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49259, "dest_port": 50050, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:37:20.529] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:37:20.529] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:37:20.529] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:37:23.550] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24692 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_domain_mogaizwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49260.1726044661.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_domain_mogaizwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49260.1726044661.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=ea261cd2baccb91bac06cfbefde6cbafa1801e588937eaefa1341d8448f4ea37&X-Amz-Expires=604800&X-Amz-Date=20251209T123723Z&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:37:23.550] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:37:23.551] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:37:23.551] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:37:23.551] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:37:23.551] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:37:23.551] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:37:23.652] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_domain_mogaizwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49260.1726044661.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312643652, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726044661703336, "etime": 1726044661703336, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49260, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:37:23.652] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:37:23.652] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:37:23.652] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:37:26.655] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24693 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID71_Z_Godzilla_ekp1.1_jsp_linux-http.pcap.TCP_192-168-0-3_62448_192-168-0-202_8080.1726715820.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID71_Z_Godzilla_ekp1.1_jsp_linux-http.pcap.TCP_192-168-0-3_62448_192-168-0-202_8080.1726715820.jsonl?X-Amz-Date=20251209T123726Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=8773867cb8632dc1d1178e431f896f51c85fd59d824d97ff01964d8db8ce088d"}
[2025-12-09 20:37:26.655] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:37:26.655] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:37:26.655] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:37:26.655] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:37:26.655] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:37:26.656] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:37:26.768] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID71_Z_Godzilla_ekp1.1_jsp_linux-http.pcap.TCP_192-168-0-3_62448_192-168-0-202_8080.1726715820.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765312646768, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726715820091771, "etime": 1726715820091771, "src_ip": "192.168.0.3", "dest_ip": "192.168.0.202", "src_port": 62448, "dest_port": 8080, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:37:26.768] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:37:29.775] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24258 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_IP.1726043311.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_IP.1726043311.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=0fcf0091c0cd3e5e2539224b64cd7c6d8d7665a8b43189962dad29cefb7e630a&X-Amz-Date=20251209T123729Z"}
[2025-12-09 20:37:29.775] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:37:29.775] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:37:29.775] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:37:29.775] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:37:29.775] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:37:29.776] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:37:29.987] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_IP.1726043311.jsonl|result:{"code": 1, "total_count": 3, "abnormal_count": 1, "normal_count": 2, "alert_count": 1, "timestamp": 1765312649986, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726043317835800, "etime": 1726043317835800, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49236, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}, {"stime": 1726043314857611, "etime": 1726043314857611, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49235, "dest_port": 50050, "protocol": "tls", "result": "Normal"}, {"stime": 1726043311975271, "etime": 1726043311975271, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49234, "dest_port": 50050, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:37:29.987] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:37:29.987] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:37:29.987] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:37:32.982] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24694 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID22-tls1.3CS4.8_mac_kali_openjdk_domain2.1726212514.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID22-tls1.3CS4.8_mac_kali_openjdk_domain2.1726212514.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123732Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=f0e36adc8681ad3730ad18d9f1e8f646b3da8a0b7a4439c7fac1b403be2763dd"}
[2025-12-09 20:37:32.982] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:37:32.982] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:37:32.982] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:37:32.982] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:37:32.982] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:37:32.983] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:37:34.483] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID22-tls1.3CS4.8_mac_kali_openjdk_domain2.1726212514.jsonl|result:{"code": 0, "total_count": 28, "abnormal_count": 0, "normal_count": 28, "alert_count": 0, "timestamp": 1765312654481, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726212545501989, "etime": 1726212545501989, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50090, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212522123277, "etime": 1726212522123277, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50067, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212528186557, "etime": 1726212528186557, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50071, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212538379312, "etime": 1726212538379312, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50083, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212535326495, "etime": 1726212535326495, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50080, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212527165999, "etime": 1726212527165999, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50069, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212529204194, "etime": 1726212529204194, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50072, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212537362415, "etime": 1726212537362415, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50082, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212518109192, "etime": 1726212518109192, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50066, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212531261814, "etime": 1726212531261814, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50076, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212534307584, "etime": 1726212534307584, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50079, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212536345034, "etime": 1726212536345034, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50081, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212514096975, "etime": 1726212514096975, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50065, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212541432153, "etime": 1726212541432153, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50086, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212543467688, "etime": 1726212543467688, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50088, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212527181009, "etime": 1726212527181009, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50070, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212531245138, "etime": 1726212531245138, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50075, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212529218840, "etime": 1726212529218840, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50073, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212530226465, "etime": 1726212530226465, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50074, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212532266152, "etime": 1726212532266152, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50077, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212539396437, "etime": 1726212539396437, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50084, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212514096211, "etime": 1726212514096211, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50064, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212540412448, "etime": 1726212540412448, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50085, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212542451876, "etime": 1726212542451876, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50087, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212546521385, "etime": 1726212546521385, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50091, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212526148172, "etime": 1726212526148172, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50068, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212533288130, "etime": 1726212533288130, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50078, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212544485194, "etime": 1726212544485194, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50089, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:37:34.483] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:37:36.125] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25932 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_IP.pcap.TCP_192-168-88-22_50050_192-168-88-30_49236.1726043317.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_IP.pcap.TCP_192-168-88-22_50050_192-168-88-30_49236.1726043317.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123735Z&X-Amz-Expires=604800&X-Amz-Signature=72718446d8372d0de4f2bd561a8a3577ff4a7cf4fa7ae0a9ecdd9d564300796e&X-Amz-SignedHeaders=host"}
[2025-12-09 20:37:36.125] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:37:36.125] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:37:36.126] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:37:36.126] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:37:36.126] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:37:36.126] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:37:36.190] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_IP.pcap.TCP_192-168-88-22_50050_192-168-88-30_49236.1726043317.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312656189, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726043317835800, "etime": 1726043317835800, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49236, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:37:36.190] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:37:36.190] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:37:36.190] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:37:39.290] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24695 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID24-tls1.3CS4.8_mac_ubuntu_openjdk_domain3.1726211028.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID24-tls1.3CS4.8_mac_ubuntu_openjdk_domain3.1726211028.jsonl?X-Amz-Signature=6197d977813c83253346bce6e07e0313b7a5245a22f5d1d0c3eeb942d0151415&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T123738Z&X-Amz-Expires=604800"}
[2025-12-09 20:37:39.290] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:37:39.291] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:37:39.291] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:37:39.291] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:37:39.291] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:37:39.292] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:37:40.872] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID24-tls1.3CS4.8_mac_ubuntu_openjdk_domain3.1726211028.jsonl|result:{"code": 0, "total_count": 29, "abnormal_count": 0, "normal_count": 29, "alert_count": 0, "timestamp": 1765312660871, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726211040309461, "etime": 1726211040309461, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49780, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211038285199, "etime": 1726211038285199, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49778, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211044391973, "etime": 1726211044391973, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49786, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211056645267, "etime": 1726211056645267, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49799, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211055629036, "etime": 1726211055629036, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49798, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211046438447, "etime": 1726211046438447, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49788, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211050546788, "etime": 1726211050546788, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49793, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211032231901, "etime": 1726211032231901, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49774, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211053603719, "etime": 1726211053603719, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49796, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211041335017, "etime": 1726211041335017, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49781, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211028212265, "etime": 1726211028212265, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49773, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211039297462, "etime": 1726211039297462, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49779, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211054616249, "etime": 1726211054616249, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49797, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211028211394, "etime": 1726211028211394, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49772, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211052585127, "etime": 1726211052585127, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49795, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211049526381, "etime": 1726211049526381, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49791, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211057658587, "etime": 1726211057658587, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49800, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211036253086, "etime": 1726211036253086, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49775, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211037267067, "etime": 1726211037267067, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49776, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211042361228, "etime": 1726211042361228, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49783, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211043376481, "etime": 1726211043376481, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49784, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211047470135, "etime": 1726211047470135, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49789, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211037284438, "etime": 1726211037284438, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49777, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211049543000, "etime": 1726211049543000, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49792, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211043391833, "etime": 1726211043391833, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49785, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211045421671, "etime": 1726211045421671, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49787, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211051561447, "etime": 1726211051561447, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49794, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211048500678, "etime": 1726211048500678, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49790, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726211041352155, "etime": 1726211041352155, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49782, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:37:40.872] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:37:42.423] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25933 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_IP.1726042715.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_IP.1726042715.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=040ff082be7f300d52fcafb8096596c10ac1dac37d8dea776f0d6a8cba4c910c&X-Amz-Date=20251209T123741Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:37:42.423] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:37:42.423] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:37:42.423] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:37:42.423] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:37:42.423] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:37:42.424] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:37:42.488] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_IP.1726042715.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312662487, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726042715698101, "etime": 1726042715698101, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49227, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:37:42.488] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:37:42.488] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:37:42.488] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:37:45.567] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25934 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_IP.pcap.TCP_192-168-88-22_50050_192-168-88-30_49227.1726042715.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_IP.pcap.TCP_192-168-88-22_50050_192-168-88-30_49227.1726042715.jsonl?X-Amz-Date=20251209T123745Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=73bcfcf55cbf88b281a8fd8ba3a05c550e5f66c7f5254f7a46189b59cd9502db"}
[2025-12-09 20:37:45.567] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:37:45.567] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:37:45.567] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:37:45.567] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:37:45.567] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:37:45.568] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:37:45.675] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_IP.pcap.TCP_192-168-88-22_50050_192-168-88-30_49227.1726042715.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312665674, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726042715698101, "etime": 1726042715698101, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49227, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:37:45.675] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:37:45.675] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:37:45.675] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:37:48.709] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25935 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_tls1.2_whoami.pcap.TCP_192-168-52-1_11978_192-168-52-129_443.1726018395.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_tls1.2_whoami.pcap.TCP_192-168-52-1_11978_192-168-52-129_443.1726018395.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123748Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=3ad538353feea77badef745f86d270405fb9ecc4d8c871d587cb3b59c4291580"}
[2025-12-09 20:37:48.709] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:37:48.709] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:37:48.709] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:37:48.709] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:37:48.709] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:37:48.710] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:37:48.820] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_tls1.2_whoami.pcap.TCP_192-168-52-1_11978_192-168-52-129_443.1726018395.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312668819, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726018395575615, "etime": 1726018395575615, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 11978, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:37:48.820] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:37:48.820] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:37:48.820] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:37:51.850] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24259 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai2_http_ls.pcap.TCP_192-168-52-1_13132_192-168-52-129_80.1726193238.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai2_http_ls.pcap.TCP_192-168-52-1_13132_192-168-52-129_80.1726193238.jsonl?X-Amz-Date=20251209T123751Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=fd04603ec6caff680cc63f3b49654719ab98a7166225e3087208c24e8dc4d956"}
[2025-12-09 20:37:51.850] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:37:51.850] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:37:51.851] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:37:51.851] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:37:51.851] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:37:51.852] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:37:51.965] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai2_http_ls.pcap.TCP_192-168-52-1_13132_192-168-52-129_80.1726193238.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765312671965, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726193238236869, "etime": 1726193238236869, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 13132, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:37:51.965] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:37:54.992] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24696 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID60_behinderv4.1_aspx_winserver2012r2-tls1.3_1.pcap.TCP_10-0-4-15_443_218-26-55-102_43319.1726308806.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID60_behinderv4.1_aspx_winserver2012r2-tls1.3_1.pcap.TCP_10-0-4-15_443_218-26-55-102_43319.1726308806.jsonl?X-Amz-Date=20251209T123754Z&X-Amz-Signature=4deb0fb906738e6f67d5e1cf1844d7b0d52c5ee01bb1e8cec3b4b0629ad5742a&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 20:37:54.992] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:37:54.992] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:37:54.992] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:37:54.992] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:37:54.992] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:37:54.993] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:37:55.104] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID60_behinderv4.1_aspx_winserver2012r2-tls1.3_1.pcap.TCP_10-0-4-15_443_218-26-55-102_43319.1726308806.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312675104, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726308806534538, "etime": 1726308806534538, "src_ip": "218.26.55.102", "dest_ip": "10.0.4.15", "src_port": 43319, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:37:55.104] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:37:55.104] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:37:55.104] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:37:58.122] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24697 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_http_ls.pcap.TCP_192-168-52-1_13351_192-168-52-129_80.1726193406.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_http_ls.pcap.TCP_192-168-52-1_13351_192-168-52-129_80.1726193406.jsonl?X-Amz-Expires=604800&X-Amz-Signature=bbf21b92c6bc7412380a0c48ab5ed6bca57c78cb53508c96eb86d7c06c50adef&X-Amz-Date=20251209T123757Z&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:37:58.122] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:37:58.122] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:37:58.122] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:37:58.122] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:37:58.122] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:37:58.123] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:37:58.234] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_http_ls.pcap.TCP_192-168-52-1_13351_192-168-52-129_80.1726193406.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765312678233, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726193406870934, "etime": 1726193406870934, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 13351, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:37:58.234] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:38:01.259] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24260 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID25-tls1.2CS4.8_centos_ubuntu_jdk_domian.1728733260.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID25-tls1.2CS4.8_centos_ubuntu_jdk_domian.1728733260.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=540e28ac165e52a9e521f69ce08d708fe1859e50812c932023ada058076a9b0a&X-Amz-Date=20251209T123800Z&X-Amz-Expires=604800"}
[2025-12-09 20:38:01.259] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:38:01.259] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:38:01.259] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:38:01.259] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:38:01.259] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:38:01.260] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:38:02.157] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID25-tls1.2CS4.8_centos_ubuntu_jdk_domian.1728733260.jsonl|result:{"code": 1, "total_count": 16, "abnormal_count": 2, "normal_count": 14, "alert_count": 2, "timestamp": 1765312682157, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1728733260868074, "etime": 1728733260868074, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 54674, "dest_port": 9999, "protocol": "tls", "result": "Normal"}, {"stime": 1728733277080836, "etime": 1728733277080836, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 54686, "dest_port": 9999, "protocol": "tls", "result": "Normal"}, {"stime": 1728733273025714, "etime": 1728733273025714, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 54682, "dest_port": 9999, "protocol": "tls", "result": "Normal"}, {"stime": 1728733289237690, "etime": 1728733289237690, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 54698, "dest_port": 9999, "protocol": "tls", "result": "Normal"}, {"stime": 1728733285253028, "etime": 1728733285253028, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 54696, "dest_port": 9999, "protocol": "tls", "result": "Godzilla"}, {"stime": 1728733293292806, "etime": 1728733293292806, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 54702, "dest_port": 9999, "protocol": "tls", "result": "Normal"}, {"stime": 1728733264919326, "etime": 1728733264919326, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 54678, "dest_port": 9999, "protocol": "tls", "result": "Normal"}, {"stime": 1728733273084362, "etime": 1728733273084362, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 54684, "dest_port": 9999, "protocol": "tls", "result": "Normal"}, {"stime": 1728733268975367, "etime": 1728733268975367, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 54680, "dest_port": 9999, "protocol": "tls", "result": "Normal"}, {"stime": 1728733285185876, "etime": 1728733285185876, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 54694, "dest_port": 9999, "protocol": "tls", "result": "Normal"}, {"stime": 1728733289309790, "etime": 1728733289309790, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 54700, "dest_port": 9999, "protocol": "tls", "result": "Antsword"}, {"stime": 1728733260869153, "etime": 1728733260869153, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 54676, "dest_port": 9999, "protocol": "tls", "result": "Normal"}, {"stime": 1728733297345852, "etime": 1728733297345852, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 54704, "dest_port": 9999, "protocol": "tls", "result": "Normal"}, {"stime": 1728733277137125, "etime": 1728733277137125, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 54688, "dest_port": 9999, "protocol": "tls", "result": "Normal"}, {"stime": 1728733281188847, "etime": 1728733281188847, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 54692, "dest_port": 9999, "protocol": "tls", "result": "Normal"}, {"stime": 1728733281133339, "etime": 1728733281133339, "src_ip": "172.26.55.21", "dest_ip": "172.26.55.142", "src_port": 54690, "dest_port": 9999, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:38:02.158] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 2|max_alert: 1000
[2025-12-09 20:38:02.158] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:38:02.158] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:38:04.429] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24698 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogaitls1.2_cat.pcap.TCP_192-168-52-1_41203_192-168-52-129_443.1726041863.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogaitls1.2_cat.pcap.TCP_192-168-52-1_41203_192-168-52-129_443.1726041863.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=e32ead239f31db8dca3710e7b0e0bf2754ae57dfb2dddc50e0bdcec42536cfc3&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T123803Z&X-Amz-SignedHeaders=host"}
[2025-12-09 20:38:04.430] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:38:04.430] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:38:04.430] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:38:04.430] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:38:04.430] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:38:04.431] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:38:04.507] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogaitls1.2_cat.pcap.TCP_192-168-52-1_41203_192-168-52-129_443.1726041863.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312684506, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726041863636984, "etime": 1726041863636984, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 41203, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:38:04.507] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:38:04.507] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:38:04.507] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:38:07.604] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24699 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_https_ls.pcap.TCP_192-168-52-1_11615_192-168-52-129_443.1726018232.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_https_ls.pcap.TCP_192-168-52-1_11615_192-168-52-129_443.1726018232.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T123807Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=cde37aaf6a2d2757ec05e2d2f174b5ec062d30a02b3f09d9026703ca56220c9d&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:38:07.605] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:38:07.605] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:38:07.605] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:38:07.605] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:38:07.605] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:38:07.606] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:38:07.712] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_https_ls.pcap.TCP_192-168-52-1_11615_192-168-52-129_443.1726018232.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312687712, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726018232318333, "etime": 1726018232318333, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 11615, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:38:07.713] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:38:07.713] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:38:07.713] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:38:10.742] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25936 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_tls1.2_ls.pcap.TCP_192-168-52-1_12244_192-168-52-129_443.1726018528.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_tls1.2_ls.pcap.TCP_192-168-52-1_12244_192-168-52-129_443.1726018528.jsonl?X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=97528ecc0db2fa7b79ee9904e1b9e864d632e2219fff2d5d96b9392735fac730&X-Amz-Date=20251209T123810Z"}
[2025-12-09 20:38:10.742] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:38:10.742] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:38:10.742] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:38:10.742] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:38:10.742] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:38:10.743] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:38:10.853] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_tls1.2_ls.pcap.TCP_192-168-52-1_12244_192-168-52-129_443.1726018528.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312690852, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726018528632697, "etime": 1726018528632697, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 12244, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:38:10.853] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:38:10.853] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:38:10.853] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:38:13.923] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25937 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_https_cat.pcap.TCP_192-168-52-1_11799_192-168-52-129_443.1726018273.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_https_cat.pcap.TCP_192-168-52-1_11799_192-168-52-129_443.1726018273.jsonl?X-Amz-Date=20251209T123813Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=025a66671f2ff61e13755f128a4ed5ed48fb2824f5f0298ec68543fed6e537c8&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:38:13.923] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:38:13.923] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:38:13.923] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:38:13.923] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:38:13.923] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:38:13.924] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:38:14.038] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_https_cat.pcap.TCP_192-168-52-1_11799_192-168-52-129_443.1726018273.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312694038, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726018273302711, "etime": 1726018273302711, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 11799, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:38:14.038] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:38:14.038] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:38:14.038] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:38:17.042] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24700 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai3_http_whoami.pcap.TCP_192-168-52-1_13086_192-168-52-129_80.1726193199.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai3_http_whoami.pcap.TCP_192-168-52-1_13086_192-168-52-129_80.1726193199.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123816Z&X-Amz-Signature=ba0b7cec31b86787bc381df3033351794348fe8ff93ac3219a0d9379e3fe957a"}
[2025-12-09 20:38:17.042] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:38:17.042] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:38:17.042] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:38:17.042] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:38:17.042] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:38:17.043] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:38:17.154] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai3_http_whoami.pcap.TCP_192-168-52-1_13086_192-168-52-129_80.1726193199.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765312697154, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726193199095854, "etime": 1726193199095854, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 13086, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:38:17.154] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:38:20.196] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25938 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_tls1.2_cat.pcap.TCP_192-168-52-1_12297_192-168-52-129_443.1726018573.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_tls1.2_cat.pcap.TCP_192-168-52-1_12297_192-168-52-129_443.1726018573.jsonl?X-Amz-Signature=79f019a94ee3e709e010bf3d3ed49272b24b9a5d57ceeb114452d4ddd0b2d74a&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123819Z&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 20:38:20.196] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:38:20.196] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:38:20.196] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:38:20.197] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:38:20.197] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:38:20.197] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:38:20.312] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_tls1.2_cat.pcap.TCP_192-168-52-1_12297_192-168-52-129_443.1726018573.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312700311, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726018573877390, "etime": 1726018573877390, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 12297, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:38:20.312] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:38:20.312] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:38:20.312] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:38:23.307] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25939 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__http_ls.pcap.TCP_192-168-52-1_11912_192-168-52-129_80.1726192481.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__http_ls.pcap.TCP_192-168-52-1_11912_192-168-52-129_80.1726192481.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=95cb14649306971f54e4c2cd2c7312f7ccfc975bf2065ad736c0fcf16e1b39f0&X-Amz-Expires=604800&X-Amz-Date=20251209T123822Z"}
[2025-12-09 20:38:23.307] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:38:23.307] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:38:23.308] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:38:23.308] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:38:23.308] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:38:23.309] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:38:23.419] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__http_ls.pcap.TCP_192-168-52-1_11912_192-168-52-129_80.1726192481.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765312703418, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726192481724122, "etime": 1726192481724122, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 11912, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:38:23.419] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:38:26.449] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25940 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogaitls1.2_whoami.pcap.TCP_192-168-52-1_41141_192-168-52-129_443.1726041812.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogaitls1.2_whoami.pcap.TCP_192-168-52-1_41141_192-168-52-129_443.1726041812.jsonl?X-Amz-Signature=7fbcad06b6acfa48ebb821e6ff3611741faf5aebbc545b4417e51afd6be9d294&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123825Z&X-Amz-Expires=604800"}
[2025-12-09 20:38:26.449] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:38:26.449] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:38:26.450] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:38:26.450] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:38:26.450] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:38:26.451] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:38:26.561] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogaitls1.2_whoami.pcap.TCP_192-168-52-1_41141_192-168-52-129_443.1726041812.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312706560, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726041812803482, "etime": 1726041812803482, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 41141, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:38:26.561] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:38:26.561] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:38:26.561] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:38:29.584] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24701 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai_tls1.2_ls.pcap.TCP_192-168-52-1_42840_192-168-52-129_443.1726042754.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai_tls1.2_ls.pcap.TCP_192-168-52-1_42840_192-168-52-129_443.1726042754.jsonl?X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=05f65a276d7c9d6470b22ede9762086c2ace228a5d1dc374e4df228b59e72cc8&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T123829Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:38:29.584] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:38:29.584] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:38:29.584] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:38:29.584] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:38:29.584] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:38:29.585] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:38:29.697] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai_tls1.2_ls.pcap.TCP_192-168-52-1_42840_192-168-52-129_443.1726042754.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312709697, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726042754623566, "etime": 1726042754623566, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 42840, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}]}
[2025-12-09 20:38:29.697] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:38:29.697] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:38:29.697] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:38:32.729] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25941 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_http_whoami.pcap.TCP_192-168-52-1_13302_192-168-52-129_80.1726193375.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_http_whoami.pcap.TCP_192-168-52-1_13302_192-168-52-129_80.1726193375.jsonl?X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T123832Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=acaccb14a78ebd1b72a7cdffa87f92bc5da2f0cf8767a001fdc9dedc511cf04b"}
[2025-12-09 20:38:32.730] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:38:32.730] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:38:32.730] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:38:32.730] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:38:32.730] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:38:32.731] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:38:32.844] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_http_whoami.pcap.TCP_192-168-52-1_13302_192-168-52-129_80.1726193375.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765312712843, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726193375183616, "etime": 1726193375183616, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 13302, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:38:32.844] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:38:35.856] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25942 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_http_cat.pcap.TCP_192-168-52-1_13377_192-168-52-129_80.1726193427.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_http_cat.pcap.TCP_192-168-52-1_13377_192-168-52-129_80.1726193427.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T123835Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=2a7e0b03304d8b2858be211b659f6147f633519be94180d69a8e61110e799fc7&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:38:35.856] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:38:35.856] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:38:35.856] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:38:35.857] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:38:35.857] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:38:35.857] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:38:35.968] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_http_cat.pcap.TCP_192-168-52-1_13377_192-168-52-129_80.1726193427.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765312715967, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726193427780413, "etime": 1726193427780413, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 13377, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:38:35.968] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:38:38.999] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24702 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_tls1.2_cat.pcap.TCP_192-168-52-1_12295_192-168-52-129_443.1726018573.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_tls1.2_cat.pcap.TCP_192-168-52-1_12295_192-168-52-129_443.1726018573.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123838Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=f31fdbd7e574bb4b12c48a81274be4c26f96e80c92b326498f2e62b8c3de523f&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:38:38.999] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:38:38.999] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:38:38.999] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:38:38.999] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:38:38.999] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:38:39.000] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:38:39.109] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_tls1.2_cat.pcap.TCP_192-168-52-1_12295_192-168-52-129_443.1726018573.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312719108, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726018573503701, "etime": 1726018573503701, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 12295, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:38:39.109] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:38:39.109] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:38:39.109] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:38:42.148] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25943 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_domainzwlkhflow1zwrkh.1726040971.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_domainzwlkhflow1zwrkh.1726040971.jsonl?X-Amz-Signature=dddf8f381481a029364d5e80815dd5352974872fadd7f1f6ee07599043b573ec&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123841Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:38:42.148] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:38:42.148] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:38:42.148] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:38:42.148] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:38:42.148] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:38:42.149] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:38:42.260] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_domainzwlkhflow1zwrkh.1726040971.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312722260, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726040971188333, "etime": 1726040971188333, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49222, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:38:42.260] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:38:42.260] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:38:42.260] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:38:45.303] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25944 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_domainzwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49222.1726040971.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_domainzwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49222.1726040971.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T123844Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=2759019e432e61ea6dc6ce3ea9ad3b575e731d38b94fe5d13fdf04f682fcdf1a&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:38:45.303] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:38:45.303] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:38:45.304] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:38:45.304] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:38:45.304] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:38:45.305] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:38:45.416] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_domainzwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49222.1726040971.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312725415, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726040971188333, "etime": 1726040971188333, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49222, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:38:45.416] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:38:45.416] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:38:45.416] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:38:48.489] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24261 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID40-tls1.2CS4.8_windowsserver2008R2_ubuntu_openjdk_IP.1726233486.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID40-tls1.2CS4.8_windowsserver2008R2_ubuntu_openjdk_IP.1726233486.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T123847Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=bbad6fc4153b2678f6a0991ef6dc58359d84099fa22ac1ecf3b2a37eb33b0c69"}
[2025-12-09 20:38:48.489] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:38:48.489] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:38:48.489] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:38:48.489] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:38:48.489] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:38:48.490] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:38:50.558] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID40-tls1.2CS4.8_windowsserver2008R2_ubuntu_openjdk_IP.1726233486.jsonl|result:{"code": 1, "total_count": 38, "abnormal_count": 36, "normal_count": 2, "alert_count": 36, "timestamp": 1765312730557, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726233578732746, "etime": 1726233578732746, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50226, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726233548250317, "etime": 1726233548250317, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50180, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726233555801386, "etime": 1726233555801386, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50192, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726233590261447, "etime": 1726233590261447, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50232, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726233593903940, "etime": 1726233593903940, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50235, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1726233564864363, "etime": 1726233564864363, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50206, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726233566440524, "etime": 1726233566440524, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50208, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726233559544722, "etime": 1726233559544722, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50198, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726233574012001, "etime": 1726233574012001, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50220, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1726233587812092, "etime": 1726233587812092, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50230, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726233586279279, "etime": 1726233586279279, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50228, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1726233557360756, "etime": 1726233557360756, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50194, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726233561105650, "etime": 1726233561105650, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50200, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726233571808339, "etime": 1726233571808339, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50216, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726233591790814, "etime": 1726233591790814, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50233, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726233561738302, "etime": 1726233561738302, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50202, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726233598498496, "etime": 1726233598498496, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50238, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726233554209336, "etime": 1726233554209336, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50190, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1726233552010596, "etime": 1726233552010596, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50186, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726233557983928, "etime": 1726233557983928, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50196, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726233546660830, "etime": 1726233546660830, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50178, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726233570246708, "etime": 1726233570246708, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50214, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726233568686705, "etime": 1726233568686705, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50212, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726233548871417, "etime": 1726233548871417, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50182, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726233577174516, "etime": 1726233577174516, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50224, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726233596938711, "etime": 1726233596938711, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50237, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726233600026989, "etime": 1726233600026989, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50239, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726233600558131, "etime": 1726233600558131, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50240, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726233550449930, "etime": 1726233550449930, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50184, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726233573397816, "etime": 1726233573397816, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50218, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726233553586064, "etime": 1726233553586064, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50188, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726233567092078, "etime": 1726233567092078, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50210, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1726233575581838, "etime": 1726233575581838, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50222, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726233486051893, "etime": 1726233486051893, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50176, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726233595410377, "etime": 1726233595410377, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50236, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726233588754292, "etime": 1726233588754292, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50231, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1726233593319869, "etime": 1726233593319869, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50234, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726233563288915, "etime": 1726233563288915, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.31", "src_port": 50204, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:38:50.558] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 36|max_alert: 1000
[2025-12-09 20:38:50.558] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:38:50.558] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:38:51.636] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25945 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai1_https_cat.pcap.TCP_192-168-52-1_41044_192-168-52-129_443.1726041741.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai1_https_cat.pcap.TCP_192-168-52-1_41044_192-168-52-129_443.1726041741.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T123851Z&X-Amz-Signature=3b6cf63132f8f3cef440ae49a7045b737ee15a027dc1d84ad08b0c07a8b5e6a4"}
[2025-12-09 20:38:51.636] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:38:51.636] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:38:51.636] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:38:51.636] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:38:51.636] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:38:51.637] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:38:51.700] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai1_https_cat.pcap.TCP_192-168-52-1_41044_192-168-52-129_443.1726041741.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312731700, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726041741791081, "etime": 1726041741791081, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 41044, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:38:51.700] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:38:51.700] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:38:51.700] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:38:54.773] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24262 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai2_https_ls.pcap.TCP_192-168-52-1_41006_192-168-52-129_443.1726041711.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai2_https_ls.pcap.TCP_192-168-52-1_41006_192-168-52-129_443.1726041711.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=2e053a0f1364b975f02375ca3003de5ac49a6f66edf6a76c83678c4301b30dd5&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123854Z"}
[2025-12-09 20:38:54.773] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:38:54.773] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:38:54.773] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:38:54.773] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:38:54.773] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:38:54.774] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:38:54.878] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai2_https_ls.pcap.TCP_192-168-52-1_41006_192-168-52-129_443.1726041711.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312734877, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726041711735073, "etime": 1726041711735073, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 41006, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:38:54.878] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:38:54.878] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:38:54.878] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:38:57.906] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24263 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai_tls1.2_whoami.pcap.TCP_192-168-52-1_42804_192-168-52-129_443.1726042728.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai_tls1.2_whoami.pcap.TCP_192-168-52-1_42804_192-168-52-129_443.1726042728.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T123857Z&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=0670c5706834e14922a08f4919d44ce806818bb054a1dd86b0f159c4aa77c5ae"}
[2025-12-09 20:38:57.906] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:38:57.906] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:38:57.906] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:38:57.906] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:38:57.906] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:38:57.907] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:38:58.018] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai_tls1.2_whoami.pcap.TCP_192-168-52-1_42804_192-168-52-129_443.1726042728.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312738018, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726042728016653, "etime": 1726042728016653, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 42804, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:38:58.018] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:38:58.018] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:38:58.018] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:39:01.049] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24264 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID26-tls1.2CS4.8_centos_ubuntu_openjdk_domain.1728728620.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID26-tls1.2CS4.8_centos_ubuntu_openjdk_domain.1728728620.jsonl?X-Amz-Expires=604800&X-Amz-Signature=73478105d9c463ad7a2757e7ac2bb58bf0d7a7a81109cf6e37fe918ba11fcbfd&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123900Z"}
[2025-12-09 20:39:01.049] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:39:01.049] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:39:01.049] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:39:01.049] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:39:01.049] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:39:01.050] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:39:01.892] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID26-tls1.2CS4.8_centos_ubuntu_openjdk_domain.1728728620.jsonl|result:{"code": 1, "total_count": 15, "abnormal_count": 2, "normal_count": 13, "alert_count": 2, "timestamp": 1765312741891, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1728728620330066, "etime": 1728728620330066, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 57764, "dest_port": 6666, "protocol": "tls", "result": "Normal"}, {"stime": 1728728632563415, "etime": 1728728632563415, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 57774, "dest_port": 6666, "protocol": "tls", "result": "Normal"}, {"stime": 1728728624383336, "etime": 1728728624383336, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 57768, "dest_port": 6666, "protocol": "tls", "result": "Normal"}, {"stime": 1728728640611752, "etime": 1728728640611752, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 57780, "dest_port": 6666, "protocol": "tls", "result": "Normal"}, {"stime": 1728728644664961, "etime": 1728728644664961, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 57784, "dest_port": 6666, "protocol": "tls", "result": "Normal"}, {"stime": 1728728632488685, "etime": 1728728632488685, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 57772, "dest_port": 6666, "protocol": "tls", "result": "Normal"}, {"stime": 1728728644735538, "etime": 1728728644735538, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 57786, "dest_port": 6666, "protocol": "tls", "result": "Godzilla"}, {"stime": 1728728620331297, "etime": 1728728620331297, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 57766, "dest_port": 6666, "protocol": "tls", "result": "Normal"}, {"stime": 1728728628433317, "etime": 1728728628433317, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 57770, "dest_port": 6666, "protocol": "tls", "result": "Normal"}, {"stime": 1728728648786147, "etime": 1728728648786147, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 57790, "dest_port": 6666, "protocol": "tls", "result": "Antsword"}, {"stime": 1728728636558485, "etime": 1728728636558485, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 57776, "dest_port": 6666, "protocol": "tls", "result": "Normal"}, {"stime": 1728728640674907, "etime": 1728728640674907, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 57782, "dest_port": 6666, "protocol": "tls", "result": "Normal"}, {"stime": 1728728636618307, "etime": 1728728636618307, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 57778, "dest_port": 6666, "protocol": "tls", "result": "Normal"}, {"stime": 1728728652773977, "etime": 1728728652773977, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 57792, "dest_port": 6666, "protocol": "tls", "result": "Normal"}, {"stime": 1728728648717212, "etime": 1728728648717212, "src_ip": "172.26.55.21", "dest_ip": "172.26.53.255", "src_port": 57788, "dest_port": 6666, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:39:01.892] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 2|max_alert: 1000
[2025-12-09 20:39:01.892] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:39:01.892] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:39:04.183] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24265 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_cat.pcap.TCP_192-168-52-1_42735_192-168-52-129_443.1726042673.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_cat.pcap.TCP_192-168-52-1_42735_192-168-52-129_443.1726042673.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=af622f8997151491ccfed9eefbb95905ca9ca7aebdbf3fcbe6456f9c57312875&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T123903Z&X-Amz-SignedHeaders=host"}
[2025-12-09 20:39:04.183] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:39:04.184] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:39:04.184] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:39:04.184] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:39:04.184] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:39:04.184] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:39:04.260] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_cat.pcap.TCP_192-168-52-1_42735_192-168-52-129_443.1726042673.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312744259, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726042673539315, "etime": 1726042673539315, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 42735, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:39:04.260] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:39:04.260] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:39:04.260] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:39:07.295] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24266 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai1_http_cat.pcap.TCP_192-168-52-1_13160_192-168-52-129_80.1726193257.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai1_http_cat.pcap.TCP_192-168-52-1_13160_192-168-52-129_80.1726193257.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T123906Z&X-Amz-Signature=8065bc03aeca23cad00de087d349cc9139860a896b325435c4ac12e18aa4a574&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:39:07.295] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:39:07.295] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:39:07.295] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:39:07.295] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:39:07.295] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:39:07.296] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:39:07.405] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai1_http_cat.pcap.TCP_192-168-52-1_13160_192-168-52-129_80.1726193257.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765312747405, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726193257556220, "etime": 1726193257556220, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 13160, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:39:07.405] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:39:10.413] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24267 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai_http_cat.pcap.TCP_192-168-52-1_11943_192-168-52-129_80.1726192508.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai_http_cat.pcap.TCP_192-168-52-1_11943_192-168-52-129_80.1726192508.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Date=20251209T123909Z&X-Amz-Signature=e4f722f2ab21a7347b5549dd10a28e9418d25a3375e7da9de02d273323722ae1&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 20:39:10.413] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:39:10.414] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:39:10.414] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:39:10.414] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:39:10.414] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:39:10.415] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:39:10.515] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai_http_cat.pcap.TCP_192-168-52-1_11943_192-168-52-129_80.1726192508.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765312750514, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726192508859470, "etime": 1726192508859470, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 11943, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:39:10.515] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:39:13.554] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24268 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_https_whoami.pcap.TCP_192-168-52-1_25201_192-168-52-129_443.1725956945.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_https_whoami.pcap.TCP_192-168-52-1_25201_192-168-52-129_443.1725956945.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123913Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=bfd703ce8d411f68a694b1edd71145eecd11db4b3d89b8d2f5fd534700ccdf86"}
[2025-12-09 20:39:13.554] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:39:13.554] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:39:13.554] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:39:13.554] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:39:13.554] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:39:13.555] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:39:13.662] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID49_behinderv2.0.1_php_linux_https_whoami.pcap.TCP_192-168-52-1_25201_192-168-52-129_443.1725956945.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312753661, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1725956945714364, "etime": 1725956945714364, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 25201, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:39:13.662] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:39:13.662] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:39:13.662] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:39:16.691] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24703 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_ls.pcap.TCP_192-168-52-1_42702_192-168-52-129_443.1726042647.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_ls.pcap.TCP_192-168-52-1_42702_192-168-52-129_443.1726042647.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123916Z&X-Amz-Signature=5ead3ffd414fb6d67133c4703a772df4594a5b68ce1432c687b063854a848451&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:39:16.691] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:39:16.691] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:39:16.691] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:39:16.691] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:39:16.692] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:39:16.692] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:39:16.801] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_ls.pcap.TCP_192-168-52-1_42702_192-168-52-129_443.1726042647.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312756800, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726042647731014, "etime": 1726042647731014, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 42702, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:39:16.801] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:39:16.801] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:39:16.801] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:39:19.802] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24704 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__http_whoami.pcap.TCP_192-168-52-1_11875_192-168-52-129_80.1726192452.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__http_whoami.pcap.TCP_192-168-52-1_11875_192-168-52-129_80.1726192452.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=6c12f74a450a64c76adf7b0d96b8df6b635a0774113e0cb6b6e68249d1ed3246&X-Amz-Date=20251209T123919Z&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:39:19.802] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:39:19.802] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:39:19.802] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:39:19.802] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:39:19.802] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:39:19.803] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:39:19.919] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__http_whoami.pcap.TCP_192-168-52-1_11875_192-168-52-129_80.1726192452.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765312759918, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726192452777119, "etime": 1726192452777119, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 11875, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:39:19.919] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:39:22.935] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25946 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_whoami.pcap.TCP_192-168-52-1_21125_192-168-52-129_443.1725955214.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_whoami.pcap.TCP_192-168-52-1_21125_192-168-52-129_443.1725955214.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T123922Z&X-Amz-Signature=95c6310c11a7921bb0a9ab1f990fbcf22495530326810cf99802dd869a5a3688"}
[2025-12-09 20:39:22.935] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:39:22.935] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:39:22.936] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:39:22.936] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:39:22.936] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:39:22.937] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:39:23.048] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai__https_whoami.pcap.TCP_192-168-52-1_21125_192-168-52-129_443.1725955214.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312763048, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1725955214223561, "etime": 1725955214223561, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 21125, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:39:23.049] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:39:23.049] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:39:23.049] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:39:26.106] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24269 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogaitls1.2_ls.pcap.TCP_192-168-52-1_41174_192-168-52-129_443.1726041840.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogaitls1.2_ls.pcap.TCP_192-168-52-1_41174_192-168-52-129_443.1726041840.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123925Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=3da110f1839ddbb13332a3803f5f16124b6d814849af4638aaa1954ccab21540"}
[2025-12-09 20:39:26.107] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:39:26.107] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:39:26.107] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:39:26.107] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:39:26.107] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:39:26.108] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:39:26.220] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogaitls1.2_ls.pcap.TCP_192-168-52-1_41174_192-168-52-129_443.1726041840.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312766219, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726041840473148, "etime": 1726041840473148, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 41174, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:39:26.220] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:39:26.220] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:39:26.220] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:39:29.235] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24705 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID22-tls1.3CS4.8_mac_kali_openjdk_domain1.1726212464.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID22-tls1.3CS4.8_mac_kali_openjdk_domain1.1726212464.jsonl?X-Amz-Date=20251209T123928Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=ea68c7c3af3365fdce4695d7617ed1036c274dfa137933aac50b7af575e1cd76&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Expires=604800"}
[2025-12-09 20:39:29.235] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:39:29.235] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:39:29.235] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:39:29.235] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:39:29.235] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:39:29.236] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:39:30.454] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID22-tls1.3CS4.8_mac_kali_openjdk_domain1.1726212464.jsonl|result:{"code": 0, "total_count": 22, "abnormal_count": 0, "normal_count": 22, "alert_count": 0, "timestamp": 1765312770453, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726212491772676, "etime": 1726212491772676, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50061, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212484648782, "etime": 1726212484648782, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50053, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212482627885, "etime": 1726212482627885, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50050, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212481599366, "etime": 1726212481599366, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50048, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212489744393, "etime": 1726212489744393, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50059, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212493798340, "etime": 1726212493798340, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50063, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212482612104, "etime": 1726212482612104, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50049, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212487698808, "etime": 1726212487698808, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50056, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212464490580, "etime": 1726212464490580, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50043, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212490762281, "etime": 1726212490762281, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50060, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212492784191, "etime": 1726212492784191, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50062, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212486682461, "etime": 1726212486682461, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50055, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212485665317, "etime": 1726212485665317, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50054, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212472536318, "etime": 1726212472536318, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50045, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212476564231, "etime": 1726212476564231, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50046, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212464489757, "etime": 1726212464489757, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50042, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212480588982, "etime": 1726212480588982, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50047, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212483630297, "etime": 1726212483630297, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50051, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212488721423, "etime": 1726212488721423, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50058, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212483646159, "etime": 1726212483646159, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50052, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212468510725, "etime": 1726212468510725, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50044, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726212487715994, "etime": 1726212487715994, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.139", "src_port": 50057, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:39:30.454] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:39:32.395] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24270 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai3_https_whoami.pcap.TCP_192-168-52-1_40774_192-168-52-129_443.1726041616.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai3_https_whoami.pcap.TCP_192-168-52-1_40774_192-168-52-129_443.1726041616.jsonl?X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T123931Z&X-Amz-Signature=fd0558cbc7ef5cae971851832ae928de03ce87c0a8ba06a2308a408572668cac"}
[2025-12-09 20:39:32.395] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:39:32.395] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:39:32.395] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:39:32.395] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:39:32.395] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:39:32.395] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:39:32.459] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai3_https_whoami.pcap.TCP_192-168-52-1_40774_192-168-52-129_443.1726041616.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312772458, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726041616292738, "etime": 1726041616292738, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 40774, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:39:32.459] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:39:32.459] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:39:32.459] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:39:35.528] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24271 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID24-tls1.3CS4.8_mac_ubuntu_openjdk_domain1.1726210647.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID24-tls1.3CS4.8_mac_ubuntu_openjdk_domain1.1726210647.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=0f2c838960c681f447518f87a837cda6264ef2c8dd447e9c9d82767e6fe09b6f&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T123934Z"}
[2025-12-09 20:39:35.528] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:39:35.528] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:39:35.528] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:39:35.528] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:39:35.528] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:39:35.529] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:39:36.734] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID24-tls1.3CS4.8_mac_ubuntu_openjdk_domain1.1726210647.jsonl|result:{"code": 0, "total_count": 22, "abnormal_count": 0, "normal_count": 22, "alert_count": 0, "timestamp": 1765312776733, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726210699317398, "etime": 1726210699317398, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49754, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726210659103958, "etime": 1726210659103958, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49739, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726210696301685, "etime": 1726210696301685, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49751, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726210705339329, "etime": 1726210705339329, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49756, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726210699301143, "etime": 1726210699301143, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49752, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726210647031214, "etime": 1726210647031214, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49735, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726210699316862, "etime": 1726210699316862, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49753, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726210687234098, "etime": 1726210687234098, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49746, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726210690270222, "etime": 1726210690270222, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49748, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726210647032079, "etime": 1726210647032079, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49736, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726210690248910, "etime": 1726210690248910, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49747, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726210671169962, "etime": 1726210671169962, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49742, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726210675183620, "etime": 1726210675183620, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49743, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726210679195418, "etime": 1726210679195418, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49744, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726210683215684, "etime": 1726210683215684, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49745, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726210651054862, "etime": 1726210651054862, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49737, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726210696284458, "etime": 1726210696284458, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49750, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726210663129623, "etime": 1726210663129623, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49740, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726210667142830, "etime": 1726210667142830, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49741, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726210655082578, "etime": 1726210655082578, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49738, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726210693265454, "etime": 1726210693265454, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49749, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1726210702325043, "etime": 1726210702325043, "src_ip": "192.168.112.141", "dest_ip": "192.168.112.135", "src_port": 49755, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:39:36.734] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:39:38.666] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24706 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai_tls1.2_cat.pcap.TCP_192-168-52-1_42866_192-168-52-129_443.1726042775.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai_tls1.2_cat.pcap.TCP_192-168-52-1_42866_192-168-52-129_443.1726042775.jsonl?X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=ef1e8a8f4c23ef66062ba233b3acf15a3fe0e3bab3b83646bfea4139ef5b96fb&X-Amz-Date=20251209T123938Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 20:39:38.666] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:39:38.666] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:39:38.666] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:39:38.666] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:39:38.666] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:39:38.667] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:39:38.735] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID50_behinderv3.0.11_php_linux__mogai_tls1.2_cat.pcap.TCP_192-168-52-1_42866_192-168-52-129_443.1726042775.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765312778735, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726042775709648, "etime": 1726042775709648, "src_ip": "192.168.52.1", "dest_ip": "192.168.52.129", "src_port": 42866, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:39:38.735] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:39:38.735] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:39:38.735] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:42:47.408] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25947 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-https.pcap.UDP_10-0-4-15_3389_111-53-218-171_51841.1726283902.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-https.pcap.UDP_10-0-4-15_3389_111-53-218-171_51841.1726283902.jsonl?X-Amz-Signature=1707917e61e4342652a4c7ddae97a8404fffe897ceff3bcda62542e2bd50a0b7&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T124246Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:42:47.409] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:42:47.409] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:42:47.409] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:42:47.409] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:42:47.409] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:42:47.410] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:42:47.418] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-https.pcap.UDP_10-0-4-15_3389_111-53-218-171_51841.1726283902.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765312967417, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 20:42:47.418] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:42:50.863] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25948 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID9-tls1.2CS4.8_win8.1_kali_jdk_IP.1727073768.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID9-tls1.2CS4.8_win8.1_kali_jdk_IP.1727073768.jsonl?X-Amz-Date=20251209T124250Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=e7fae253fa2f2bccbfd999b2ee1c3ede487b5947c2cac631aa5dc36ef99bd918"}
[2025-12-09 20:42:50.863] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:42:50.863] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:42:50.863] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:42:50.863] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:42:50.863] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:42:50.864] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:43:06.181] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID9-tls1.2CS4.8_win8.1_kali_jdk_IP.1727073768.jsonl|result:{"code": 1, "total_count": 323, "abnormal_count": 1, "normal_count": 322, "alert_count": 1, "timestamp": 1765312986177, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727074144440266, "etime": 1727074144440266, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50149, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073985952789, "etime": 1727073985952789, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49997, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074073605053, "etime": 1727074073605053, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50081, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073949563074, "etime": 1727073949563074, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49962, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074070451678, "etime": 1727074070451678, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50078, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073871515423, "etime": 1727073871515423, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49887, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074080905328, "etime": 1727074080905328, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50088, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073881922151, "etime": 1727073881922151, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49897, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073948530923, "etime": 1727073948530923, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49961, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074003700241, "etime": 1727074003700241, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50014, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074082982622, "etime": 1727074082982622, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50090, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074096483736, "etime": 1727074096483736, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50103, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074136112871, "etime": 1727074136112871, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50141, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074067326989, "etime": 1727074067326989, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50075, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074116312699, "etime": 1727074116312699, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50122, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073890267834, "etime": 1727073890267834, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49905, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073986995521, "etime": 1727073986995521, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49998, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073941235183, "etime": 1727073941235183, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49954, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073991161438, "etime": 1727073991161438, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50002, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074129875900, "etime": 1727074129875900, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50135, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073832886225, "etime": 1727073832886225, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49849, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073896516879, "etime": 1727073896516879, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49911, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073982810712, "etime": 1727073982810712, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49994, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074026685715, "etime": 1727074026685715, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50036, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074039200555, "etime": 1727074039200555, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50048, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073768303403, "etime": 1727073768303403, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49844, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727073866237464, "etime": 1727073866237464, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49881, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073994295004, "etime": 1727073994295004, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50005, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074012076473, "etime": 1727074012076473, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50022, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073921456213, "etime": 1727073921456213, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49935, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073862076453, "etime": 1727073862076453, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49877, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074048592651, "etime": 1727074048592651, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50057, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073958906399, "etime": 1727073958906399, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49971, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073964108641, "etime": 1727073964108641, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49976, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074014154870, "etime": 1727074014154870, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50024, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073989075186, "etime": 1727073989075186, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50000, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073963076748, "etime": 1727073963076748, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49975, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074011028933, "etime": 1727074011028933, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50021, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073900691246, "etime": 1727073900691246, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49915, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074099625573, "etime": 1727074099625573, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50106, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073984905421, "etime": 1727073984905421, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49996, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074007887503, "etime": 1727074007887503, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50018, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073998466526, "etime": 1727073998466526, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50009, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073851685280, "etime": 1727073851685280, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49867, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073995341453, "etime": 1727073995341453, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50006, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074069405221, "etime": 1727074069405221, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50077, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073959937125, "etime": 1727073959937125, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49972, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073947484997, "etime": 1727073947484997, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49960, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073907957620, "etime": 1727073907957620, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49922, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073993247695, "etime": 1727073993247695, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50004, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073894440391, "etime": 1727073894440391, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49909, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073905893474, "etime": 1727073905893474, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49920, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073877749450, "etime": 1727073877749450, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49893, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074047544464, "etime": 1727074047544464, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50056, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074095452084, "etime": 1727074095452084, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50102, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074074655003, "etime": 1727074074655003, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50082, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073953717889, "etime": 1727073953717889, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49966, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074103812784, "etime": 1727074103812784, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50110, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074149659437, "etime": 1727074149659437, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50154, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074124642695, "etime": 1727074124642695, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50130, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073954749778, "etime": 1727073954749778, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49967, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073940189057, "etime": 1727073940189057, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49953, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073914222632, "etime": 1727073914222632, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49928, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073879830485, "etime": 1727073879830485, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49895, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073857920247, "etime": 1727073857920247, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49873, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073966190511, "etime": 1727073966190511, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49978, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073997435401, "etime": 1727073997435401, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50008, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074063169556, "etime": 1727074063169556, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50071, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074072545749, "etime": 1727074072545749, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50080, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073899645081, "etime": 1727073899645081, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49914, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074033996970, "etime": 1727074033996970, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50043, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074097531822, "etime": 1727074097531822, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50104, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073972420062, "etime": 1727073972420062, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49984, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074104858997, "etime": 1727074104858997, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50111, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074152960383, "etime": 1727074152960383, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50158, "dest_port": 4143, "protocol": "tls", "result": "Behinder"}, {"stime": 1727074155050085, "etime": 1727074155050085, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50160, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073878797170, "etime": 1727073878797170, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49894, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073841230871, "etime": 1727073841230871, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49857, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074020419346, "etime": 1727074020419346, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50030, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073842262068, "etime": 1727073842262068, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49858, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073901737338, "etime": 1727073901737338, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49916, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073902768650, "etime": 1727073902768650, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49917, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073980732224, "etime": 1727073980732224, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49992, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074085061975, "etime": 1727074085061975, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50092, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073990109823, "etime": 1727073990109823, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50001, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073930861660, "etime": 1727073930861660, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49944, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074075686054, "etime": 1727074075686054, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50083, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074094421355, "etime": 1727074094421355, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50101, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073935001385, "etime": 1727073935001385, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49948, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073847498298, "etime": 1727073847498298, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49863, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074135063576, "etime": 1727074135063576, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50140, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073910053945, "etime": 1727073910053945, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49924, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073951640472, "etime": 1727073951640472, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49964, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073927736948, "etime": 1727073927736948, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49941, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073969296767, "etime": 1727073969296767, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49981, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073981764560, "etime": 1727073981764560, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49993, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074111062724, "etime": 1727074111062724, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50117, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074023560054, "etime": 1727074023560054, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50033, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073939142691, "etime": 1727073939142691, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49952, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073936032726, "etime": 1727073936032726, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49949, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074056934789, "etime": 1727074056934789, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50065, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073931893195, "etime": 1727073931893195, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49945, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073978669744, "etime": 1727073978669744, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49990, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074088186572, "etime": 1727074088186572, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50095, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073992201863, "etime": 1727073992201863, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50003, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074122579989, "etime": 1727074122579989, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50128, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073852733412, "etime": 1727073852733412, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49868, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073893392703, "etime": 1727073893392703, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49908, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073979702350, "etime": 1727073979702350, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49991, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073952671655, "etime": 1727073952671655, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49965, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073976576861, "etime": 1727073976576861, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49988, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074051717018, "etime": 1727074051717018, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50060, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074008936077, "etime": 1727074008936077, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50019, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074079873883, "etime": 1727074079873883, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50087, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073849590990, "etime": 1727073849590990, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49865, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073868389774, "etime": 1727073868389774, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49884, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074110031961, "etime": 1727074110031961, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50116, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074009982021, "etime": 1727074009982021, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50020, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073920424632, "etime": 1727073920424632, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49934, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073915254124, "etime": 1727073915254124, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49929, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073898610998, "etime": 1727073898610998, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49913, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073838105154, "etime": 1727073838105154, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49854, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073913175220, "etime": 1727073913175220, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49927, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073886109809, "etime": 1727073886109809, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49901, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073888188068, "etime": 1727073888188068, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49903, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073889220376, "etime": 1727073889220376, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49904, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073892345501, "etime": 1727073892345501, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49907, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074001607257, "etime": 1727074001607257, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50012, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073884016196, "etime": 1727073884016196, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49899, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074025638343, "etime": 1727074025638343, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50035, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073916284636, "etime": 1727073916284636, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49930, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073970342544, "etime": 1727073970342544, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49982, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074031904358, "etime": 1727074031904358, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50041, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073929829879, "etime": 1727073929829879, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49943, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074037122450, "etime": 1727074037122450, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50046, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074061107871, "etime": 1727074061107871, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50069, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074087155551, "etime": 1727074087155551, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50094, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074092343393, "etime": 1727074092343393, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50099, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074127798426, "etime": 1727074127798426, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50133, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074157113225, "etime": 1727074157113225, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50162, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074000561355, "etime": 1727074000561355, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50011, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074160222277, "etime": 1727074160222277, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50165, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074107953330, "etime": 1727074107953330, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50114, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073859997596, "etime": 1727073859997596, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49875, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073955796356, "etime": 1727073955796356, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49968, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073887156392, "etime": 1727073887156392, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49902, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073855841178, "etime": 1727073855841178, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49871, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073885062850, "etime": 1727073885062850, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49900, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074059014172, "etime": 1727074059014172, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50067, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073870468078, "etime": 1727073870468078, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49886, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073975544689, "etime": 1727073975544689, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49987, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074050685009, "etime": 1727074050685009, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50059, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074093390078, "etime": 1727074093390078, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50100, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073854795057, "etime": 1727073854795057, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49870, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074137158250, "etime": 1727074137158250, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50142, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074044404355, "etime": 1727074044404355, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50053, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074152783483, "etime": 1727074152783483, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50157, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074053797562, "etime": 1727074053797562, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50062, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074090264769, "etime": 1727074090264769, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50097, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074159190418, "etime": 1727074159190418, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50164, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073960991922, "etime": 1727073960991922, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49973, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073928784402, "etime": 1727073928784402, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49942, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074112110394, "etime": 1727074112110394, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50118, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073873608918, "etime": 1727073873608918, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49889, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074132985603, "etime": 1727074132985603, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50138, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074055889496, "etime": 1727074055889496, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50064, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073830684073, "etime": 1727073830684073, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49846, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073863110505, "etime": 1727073863110505, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49878, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074060073557, "etime": 1727074060073557, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50068, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074160264756, "etime": 1727074160264756, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50166, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073850638510, "etime": 1727073850638510, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49866, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074118408400, "etime": 1727074118408400, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50124, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073875671681, "etime": 1727073875671681, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49891, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073965139275, "etime": 1727073965139275, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49977, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074084014784, "etime": 1727074084014784, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50091, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073950593760, "etime": 1727073950593760, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49963, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073974499979, "etime": 1727073974499979, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49986, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073932924042, "etime": 1727073932924042, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49946, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074015200697, "etime": 1727074015200697, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50025, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074120500158, "etime": 1727074120500158, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50126, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074076733972, "etime": 1727074076733972, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50084, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074102766517, "etime": 1727074102766517, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50109, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073839137150, "etime": 1727073839137150, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49855, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074005795083, "etime": 1727074005795083, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50016, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074035044646, "etime": 1727074035044646, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50044, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073830779895, "etime": 1727073830779895, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49847, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073872561760, "etime": 1727073872561760, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49888, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074043371994, "etime": 1727074043371994, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50052, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074057967552, "etime": 1727074057967552, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50066, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074078827397, "etime": 1727074078827397, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50086, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074024592641, "etime": 1727074024592641, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50034, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074142346163, "etime": 1727074142346163, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50147, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074146517511, "etime": 1727074146517511, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50151, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074114204647, "etime": 1727074114204647, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50120, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073957889526, "etime": 1727073957889526, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49970, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074065251573, "etime": 1727074065251573, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50073, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073882970563, "etime": 1727073882970563, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49898, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073945390702, "etime": 1727073945390702, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49958, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073845403276, "etime": 1727073845403276, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49861, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074089218765, "etime": 1727074089218765, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50096, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074019372571, "etime": 1727074019372571, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50029, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074117360173, "etime": 1727074117360173, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50123, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074119454579, "etime": 1727074119454579, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50125, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073844355779, "etime": 1727073844355779, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49860, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074054842010, "etime": 1727074054842010, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50063, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074041297026, "etime": 1727074041297026, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50050, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073933970182, "etime": 1727073933970182, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49947, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074158159467, "etime": 1727074158159467, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50163, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074006841210, "etime": 1727074006841210, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50017, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074077780000, "etime": 1727074077780000, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50085, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074091298850, "etime": 1727074091298850, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50098, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073973453999, "etime": 1727073973453999, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49985, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073880891042, "etime": 1727073880891042, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49896, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074141305954, "etime": 1727074141305954, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50146, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074121533109, "etime": 1727074121533109, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50127, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073869437585, "etime": 1727073869437585, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49885, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073926705857, "etime": 1727073926705857, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49940, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073904862040, "etime": 1727073904862040, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49919, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073858955599, "etime": 1727073858955599, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49874, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073946438063, "etime": 1727073946438063, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49959, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074064202177, "etime": 1727074064202177, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50072, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073853762758, "etime": 1727073853762758, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49869, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074086108129, "etime": 1727074086108129, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50093, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074045453123, "etime": 1727074045453123, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50054, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073861045872, "etime": 1727073861045872, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49876, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073909004618, "etime": 1727073909004618, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49923, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074148606803, "etime": 1727074148606803, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50153, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073897563902, "etime": 1727073897563902, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49912, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074131955513, "etime": 1727074131955513, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50137, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073876706261, "etime": 1727073876706261, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49892, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073770622878, "etime": 1727073770622878, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49845, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074021468002, "etime": 1727074021468002, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50031, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074027731649, "etime": 1727074027731649, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50037, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074098578455, "etime": 1727074098578455, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50105, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073834996360, "etime": 1727073834996360, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49851, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074126750577, "etime": 1727074126750577, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50132, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073925658047, "etime": 1727073925658047, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49939, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073996389338, "etime": 1727073996389338, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50007, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074113158240, "etime": 1727074113158240, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50119, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073865186012, "etime": 1727073865186012, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49880, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073831823929, "etime": 1727073831823929, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49848, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073903814739, "etime": 1727073903814739, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49918, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073924606014, "etime": 1727073924606014, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49938, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074115252333, "etime": 1727074115252333, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50121, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073967233096, "etime": 1727073967233096, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49979, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073846450049, "etime": 1727073846450049, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49862, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073836042284, "etime": 1727073836042284, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49852, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074032950617, "etime": 1727074032950617, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50042, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074042327299, "etime": 1727074042327299, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50051, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074147564741, "etime": 1727074147564741, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50152, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074066294770, "etime": 1727074066294770, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50074, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073988033182, "etime": 1727073988033182, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49999, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074040248657, "etime": 1727074040248657, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50049, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073840184109, "etime": 1727073840184109, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49856, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073943297012, "etime": 1727073943297012, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49956, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073971374042, "etime": 1727073971374042, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49983, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074068372745, "etime": 1727074068372745, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50076, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074081944463, "etime": 1727074081944463, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50089, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073937080310, "etime": 1727073937080310, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49950, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074150689644, "etime": 1727074150689644, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50155, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074022514209, "etime": 1727074022514209, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50032, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074016247380, "etime": 1727074016247380, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50026, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073962030181, "etime": 1727073962030181, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49974, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074046501251, "etime": 1727074046501251, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50055, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073856888251, "etime": 1727073856888251, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49872, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073942267042, "etime": 1727073942267042, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49955, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074151737390, "etime": 1727074151737390, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50156, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073906910460, "etime": 1727073906910460, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49921, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073837074584, "etime": 1727073837074584, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49853, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073919393587, "etime": 1727073919393587, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49933, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073999513315, "etime": 1727073999513315, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50010, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073922504086, "etime": 1727073922504086, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49936, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073977623573, "etime": 1727073977623573, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49989, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074105891026, "etime": 1727074105891026, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50112, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073923549491, "etime": 1727073923549491, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49937, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073833933897, "etime": 1727073833933897, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49850, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074108984086, "etime": 1727074108984086, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50115, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074145486253, "etime": 1727074145486253, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50150, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073867283541, "etime": 1727073867283541, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49882, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073938110393, "etime": 1727073938110393, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49951, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074013106846, "etime": 1727074013106846, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50023, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074030857087, "etime": 1727074030857087, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50040, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074038153445, "etime": 1727074038153445, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50047, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073874640325, "etime": 1727073874640325, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49890, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073843309844, "etime": 1727073843309844, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49859, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073891313340, "etime": 1727073891313340, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49906, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074130909947, "etime": 1727074130909947, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50136, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073912139715, "etime": 1727073912139715, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49926, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073944329291, "etime": 1727073944329291, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49957, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073983858207, "etime": 1727073983858207, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49995, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074101718584, "etime": 1727074101718584, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50108, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074134016981, "etime": 1727074134016981, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50139, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074140267485, "etime": 1727074140267485, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50145, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073911096956, "etime": 1727073911096956, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49925, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074154003567, "etime": 1727074154003567, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50159, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074062138646, "etime": 1727074062138646, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50070, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074100671845, "etime": 1727074100671845, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50107, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074143391995, "etime": 1727074143391995, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50148, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073917315188, "etime": 1727073917315188, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49931, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074036076261, "etime": 1727074036076261, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50045, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074028779555, "etime": 1727074028779555, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50038, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074106921252, "etime": 1727074106921252, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50113, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074017278815, "etime": 1727074017278815, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50027, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073956843082, "etime": 1727073956843082, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49969, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073864154497, "etime": 1727073864154497, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49879, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074139220064, "etime": 1727074139220064, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50144, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073867352478, "etime": 1727073867352478, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49883, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074128844538, "etime": 1727074128844538, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50134, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073848545190, "etime": 1727073848545190, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49864, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074029825733, "etime": 1727074029825733, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50039, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074138188545, "etime": 1727074138188545, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50143, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073918348025, "etime": 1727073918348025, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49932, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074049654316, "etime": 1727074049654316, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50058, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074002655145, "etime": 1727074002655145, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50013, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074004749372, "etime": 1727074004749372, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50015, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074018326234, "etime": 1727074018326234, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50028, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073895487092, "etime": 1727073895487092, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49910, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074156081482, "etime": 1727074156081482, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50161, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727073968264571, "etime": 1727073968264571, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 49980, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074123610173, "etime": 1727074123610173, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50129, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074071498961, "etime": 1727074071498961, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50079, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074125688603, "etime": 1727074125688603, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50131, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727074052748594, "etime": 1727074052748594, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50061, "dest_port": 4143, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:43:06.181] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:43:06.181] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:43:06.181] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:43:06.181] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25949 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID60_behinderv4.1_aspx_winserver2012r2-tls1.2_1.pcap.UDP_10-0-4-15_3389_111-53-218-171_51841.1726284531.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID60_behinderv4.1_aspx_winserver2012r2-tls1.2_1.pcap.UDP_10-0-4-15_3389_111-53-218-171_51841.1726284531.jsonl?X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=9b514b33138b5fd9eabea04df9741e511641dcaaf9fec0003198f34f63614e12&X-Amz-Date=20251209T124253Z"}
[2025-12-09 20:43:06.181] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:43:06.181] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:43:06.181] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:43:06.181] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:43:06.181] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:43:06.181] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:43:06.184] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID60_behinderv4.1_aspx_winserver2012r2-tls1.2_1.pcap.UDP_10-0-4-15_3389_111-53-218-171_51841.1726284531.jsonl|result:{"code": 0, "total_count": 0, "abnormal_count": 0, "normal_count": 0, "alert_count": 0, "timestamp": 1765312986184, "module": "anquanchu", "proto": "other", "alerted": false, "details": []}
[2025-12-09 20:43:06.184] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:43:06.184] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24272 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID10-tls1.2CS4.8_win8.1_kali_openjdk_IP.1727075387.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID10-tls1.2CS4.8_win8.1_kali_openjdk_IP.1727075387.jsonl?X-Amz-Signature=c898925a6278e58c8756c0b471c6ea47f4582b6a6761fb91ec4cd39e19fee4c1&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T124256Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:43:06.184] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:43:06.184] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:43:06.184] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:43:06.184] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:43:06.184] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:43:06.184] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:43:10.175] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID10-tls1.2CS4.8_win8.1_kali_openjdk_IP.1727075387.jsonl|result:{"code": 1, "total_count": 96, "abnormal_count": 1, "normal_count": 95, "alert_count": 1, "timestamp": 1765312990174, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727075487451614, "etime": 1727075487451614, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50265, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075498536042, "etime": 1727075498536042, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50276, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075470699815, "etime": 1727075470699815, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50247, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075511231630, "etime": 1727075511231630, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50289, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075491684265, "etime": 1727075491684265, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50270, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075493761873, "etime": 1727075493761873, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50272, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075522653914, "etime": 1727075522653914, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50300, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075469668003, "etime": 1727075469668003, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50246, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075480075521, "etime": 1727075480075521, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50256, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075521607425, "etime": 1727075521607425, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50299, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075506056078, "etime": 1727075506056078, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50284, "dest_port": 4143, "protocol": "tls", "result": "Behinder"}, {"stime": 1727075507106622, "etime": 1727075507106622, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50285, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075481185468, "etime": 1727075481185468, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50258, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075457135470, "etime": 1727075457135470, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50234, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075449855514, "etime": 1727075449855514, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50227, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075456106003, "etime": 1727075456106003, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50233, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075486404281, "etime": 1727075486404281, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50264, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075499576777, "etime": 1727075499576777, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50277, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075505795549, "etime": 1727075505795549, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50283, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075476949065, "etime": 1727075476949065, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50253, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075523700614, "etime": 1727075523700614, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50301, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075525764021, "etime": 1727075525764021, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50303, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075541389242, "etime": 1727075541389242, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50318, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075510200539, "etime": 1727075510200539, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50288, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075532014977, "etime": 1727075532014977, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50309, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075529935787, "etime": 1727075529935787, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50307, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075503732569, "etime": 1727075503732569, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50281, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075502688974, "etime": 1727075502688974, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50280, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075387650753, "etime": 1727075387650753, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50225, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727075458198570, "etime": 1727075458198570, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50235, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075454027619, "etime": 1727075454027619, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50231, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075495841444, "etime": 1727075495841444, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50274, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075466543022, "etime": 1727075466543022, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50243, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075508137781, "etime": 1727075508137781, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50286, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075452979619, "etime": 1727075452979619, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50230, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075517465797, "etime": 1727075517465797, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50295, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075533060964, "etime": 1727075533060964, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50310, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075472792828, "etime": 1727075472792828, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50249, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075494797013, "etime": 1727075494797013, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50273, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075389792348, "etime": 1727075389792348, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50226, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075513325576, "etime": 1727075513325576, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50291, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075482230597, "etime": 1727075482230597, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50259, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075538263791, "etime": 1727075538263791, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50315, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075524731814, "etime": 1727075524731814, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50302, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075471745761, "etime": 1727075471745761, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50248, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075489608844, "etime": 1727075489608844, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50268, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075492730815, "etime": 1727075492730815, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50271, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075534108233, "etime": 1727075534108233, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50311, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075528904742, "etime": 1727075528904742, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50306, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075542453706, "etime": 1727075542453706, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50320, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075461339706, "etime": 1727075461339706, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50238, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075451948955, "etime": 1727075451948955, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50229, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075464449080, "etime": 1727075464449080, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50241, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075460292535, "etime": 1727075460292535, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50237, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075468621764, "etime": 1727075468621764, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50245, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075477982026, "etime": 1727075477982026, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50254, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075501653628, "etime": 1727075501653628, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50279, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075496887834, "etime": 1727075496887834, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50275, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075509169016, "etime": 1727075509169016, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50287, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075459246345, "etime": 1727075459246345, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50236, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075515388732, "etime": 1727075515388732, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50293, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075474858936, "etime": 1727075474858936, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50251, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075516434641, "etime": 1727075516434641, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50294, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075518500909, "etime": 1727075518500909, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50296, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075527857855, "etime": 1727075527857855, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50305, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075479011183, "etime": 1727075479011183, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50255, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075484332520, "etime": 1727075484332520, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50262, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075465501079, "etime": 1727075465501079, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50242, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075484294445, "etime": 1727075484294445, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50261, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075530966836, "etime": 1727075530966836, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50308, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075483261453, "etime": 1727075483261453, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50260, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075488560672, "etime": 1727075488560672, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50267, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075475903989, "etime": 1727075475903989, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50252, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075504762914, "etime": 1727075504762914, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50282, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075520575610, "etime": 1727075520575610, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50298, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075535154352, "etime": 1727075535154352, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50312, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075537232563, "etime": 1727075537232563, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50314, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075473823940, "etime": 1727075473823940, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50250, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075450902118, "etime": 1727075450902118, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50228, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075500621860, "etime": 1727075500621860, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50278, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075463417431, "etime": 1727075463417431, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50240, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075512278837, "etime": 1727075512278837, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50290, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075539294578, "etime": 1727075539294578, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50316, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075455058964, "etime": 1727075455058964, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50232, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075481120960, "etime": 1727075481120960, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50257, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075485372059, "etime": 1727075485372059, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50263, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075514355956, "etime": 1727075514355956, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50292, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075519544747, "etime": 1727075519544747, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50297, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075488497021, "etime": 1727075488497021, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50266, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075540342469, "etime": 1727075540342469, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50317, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075542420141, "etime": 1727075542420141, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50319, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075467590260, "etime": 1727075467590260, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50244, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075490653884, "etime": 1727075490653884, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50269, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075526811266, "etime": 1727075526811266, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50304, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075536200883, "etime": 1727075536200883, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50313, "dest_port": 4143, "protocol": "tls", "result": "Normal"}, {"stime": 1727075462386300, "etime": 1727075462386300, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50239, "dest_port": 4143, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:43:10.175] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:43:10.175] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:43:10.175] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:43:10.175] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24273 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID41-tls1.2CS4.8_windowsserver2016_kali_jdk_domain.1727337756.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID41-tls1.2CS4.8_windowsserver2016_kali_jdk_domain.1727337756.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=770ab515d9ce97079c49d9e674d2fc948798866236f988dcc47b3c2222ecf04f&X-Amz-Date=20251209T124259Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:43:10.175] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:43:10.175] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:43:10.176] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:43:10.176] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:43:10.176] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:43:10.176] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:43:14.330] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID41-tls1.2CS4.8_windowsserver2016_kali_jdk_domain.1727337756.jsonl|result:{"code": 1, "total_count": 100, "abnormal_count": 6, "normal_count": 94, "alert_count": 6, "timestamp": 1765312994328, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727337845486386, "etime": 1727337845486386, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52142, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337853611599, "etime": 1727337853611599, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52150, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337820924114, "etime": 1727337820924114, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52117, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337826017601, "etime": 1727337826017601, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52122, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337838268233, "etime": 1727337838268233, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52134, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337847518357, "etime": 1727337847518357, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52144, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337862752201, "etime": 1727337862752201, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52159, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337844471174, "etime": 1727337844471174, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52141, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337849549514, "etime": 1727337849549514, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52146, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337756652779, "etime": 1727337756652779, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52110, "dest_port": 8990, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727337817736783, "etime": 1727337817736783, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52113, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337835221547, "etime": 1727337835221547, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52131, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337871893034, "etime": 1727337871893034, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52168, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337829111554, "etime": 1727337829111554, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52125, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337866814680, "etime": 1727337866814680, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52163, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337865799401, "etime": 1727337865799401, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52162, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337882049207, "etime": 1727337882049207, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52178, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337883064559, "etime": 1727337883064559, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52179, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337825003947, "etime": 1727337825003947, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52121, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337864783515, "etime": 1727337864783515, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52161, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337887189709, "etime": 1727337887189709, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52184, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337842440759, "etime": 1727337842440759, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52139, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337890236617, "etime": 1727337890236617, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52187, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337891284030, "etime": 1727337891284030, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52189, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337893330760, "etime": 1727337893330760, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52191, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337827058993, "etime": 1727337827058993, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52123, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337868846569, "etime": 1727337868846569, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52165, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337894436913, "etime": 1727337894436913, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52193, "dest_port": 8990, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727337833189504, "etime": 1727337833189504, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52129, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337895455394, "etime": 1727337895455394, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52194, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337897487283, "etime": 1727337897487283, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52196, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337841314924, "etime": 1727337841314924, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52137, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337828080068, "etime": 1727337828080068, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52124, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337846502236, "etime": 1727337846502236, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52143, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337850565584, "etime": 1727337850565584, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52147, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337898633855, "etime": 1727337898633855, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52198, "dest_port": 8990, "protocol": "tls", "result": "Antsword"}, {"stime": 1727337900658331, "etime": 1727337900658331, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52200, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337906783477, "etime": 1727337906783477, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52207, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337859705322, "etime": 1727337859705322, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52156, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337879002306, "etime": 1727337879002306, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52175, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337889220933, "etime": 1727337889220933, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52186, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337840299331, "etime": 1727337840299331, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52136, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337823970963, "etime": 1727337823970963, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52120, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337843455105, "etime": 1727337843455105, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52140, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337819892986, "etime": 1727337819892986, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52116, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337861736598, "etime": 1727337861736598, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52158, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337896473145, "etime": 1727337896473145, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52195, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337898519534, "etime": 1727337898519534, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52197, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337907807576, "etime": 1727337907807576, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52209, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337855643250, "etime": 1727337855643250, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52152, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337816721041, "etime": 1727337816721041, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52112, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337822956952, "etime": 1727337822956952, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52119, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337858689320, "etime": 1727337858689320, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52155, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337892314828, "etime": 1727337892314828, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52190, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337899643243, "etime": 1727337899643243, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52199, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337880017773, "etime": 1727337880017773, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52176, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337876971116, "etime": 1727337876971116, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52173, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337902721118, "etime": 1727337902721118, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52203, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337821939363, "etime": 1727337821939363, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52118, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337881034347, "etime": 1727337881034347, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52177, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337841423657, "etime": 1727337841423657, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52138, "dest_port": 8990, "protocol": "tls", "result": "Antsword"}, {"stime": 1727337839283791, "etime": 1727337839283791, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52135, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337830142634, "etime": 1727337830142634, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52126, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337869861311, "etime": 1727337869861311, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52166, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337831158091, "etime": 1727337831158091, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52127, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337884096086, "etime": 1727337884096086, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52180, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337886173957, "etime": 1727337886173957, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52183, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337904751986, "etime": 1727337904751986, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52205, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337894348567, "etime": 1727337894348567, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52192, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337818753721, "etime": 1727337818753721, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52114, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337837252511, "etime": 1727337837252511, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52133, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337885111746, "etime": 1727337885111746, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52181, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337834205260, "etime": 1727337834205260, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52130, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337854627318, "etime": 1727337854627318, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52151, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337870877600, "etime": 1727337870877600, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52167, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337872908324, "etime": 1727337872908324, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52169, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337901710779, "etime": 1727337901710779, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52202, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337873923996, "etime": 1727337873923996, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52170, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337851580624, "etime": 1727337851580624, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52148, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337888205116, "etime": 1727337888205116, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52185, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337875955662, "etime": 1727337875955662, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52172, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337756706083, "etime": 1727337756706083, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52111, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337874939385, "etime": 1727337874939385, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52171, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337890273444, "etime": 1727337890273444, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52188, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337903736684, "etime": 1727337903736684, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52204, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337907799858, "etime": 1727337907799858, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52208, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337863768198, "etime": 1727337863768198, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52160, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337848533124, "etime": 1727337848533124, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52145, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337818886988, "etime": 1727337818886988, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52115, "dest_port": 8990, "protocol": "tls", "result": "Antsword"}, {"stime": 1727337885158879, "etime": 1727337885158879, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52182, "dest_port": 8990, "protocol": "tls", "result": "Antsword"}, {"stime": 1727337852596132, "etime": 1727337852596132, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52149, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337832174112, "etime": 1727337832174112, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52128, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337860721181, "etime": 1727337860721181, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52157, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337857673805, "etime": 1727337857673805, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52154, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337867830668, "etime": 1727337867830668, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52164, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337877987046, "etime": 1727337877987046, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52174, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337836236734, "etime": 1727337836236734, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52132, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337901673936, "etime": 1727337901673936, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52201, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337905767851, "etime": 1727337905767851, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52206, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727337856658972, "etime": 1727337856658972, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52153, "dest_port": 8990, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:43:14.330] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 6|max_alert: 1000
[2025-12-09 20:43:14.330] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:43:14.330] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:43:14.330] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24707 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID43-tls1.2CS4.8_windowsserver2016_ubuntu_jdk_IP.1727398358.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID43-tls1.2CS4.8_windowsserver2016_ubuntu_jdk_IP.1727398358.jsonl?X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T124303Z&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=8ec7136a3435ab3d9da372cd655ce3d0fa98e1d710321d89971ef5aefed53889"}
[2025-12-09 20:43:14.330] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:43:14.330] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:43:14.330] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:43:14.330] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:43:14.330] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:43:14.331] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:43:18.162] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID43-tls1.2CS4.8_windowsserver2016_ubuntu_jdk_IP.1727398358.jsonl|result:{"code": 1, "total_count": 92, "abnormal_count": 15, "normal_count": 77, "alert_count": 15, "timestamp": 1765312998160, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727398434174753, "etime": 1727398434174753, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49838, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398443346644, "etime": 1727398443346644, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49848, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398423174606, "etime": 1727398423174606, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49828, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398470033804, "etime": 1727398470033804, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49878, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398483908452, "etime": 1727398483908452, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49891, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398482893243, "etime": 1727398482893243, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49890, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398468002686, "etime": 1727398468002686, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49876, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398441315782, "etime": 1727398441315782, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49846, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398481878087, "etime": 1727398481878087, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49889, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398453581271, "etime": 1727398453581271, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49860, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398452518263, "etime": 1727398452518263, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49858, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398460842162, "etime": 1727398460842162, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49868, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727398464960922, "etime": 1727398464960922, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49873, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398494065800, "etime": 1727398494065800, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49901, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398477814969, "etime": 1727398477814969, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49885, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398444362645, "etime": 1727398444362645, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49849, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398500237370, "etime": 1727398500237370, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49910, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398487972010, "etime": 1727398487972010, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49895, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398442332280, "etime": 1727398442332280, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49847, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398436206351, "etime": 1727398436206351, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49840, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398498203253, "etime": 1727398498203253, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49907, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727398358034277, "etime": 1727398358034277, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49821, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727398418096585, "etime": 1727398418096585, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49823, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727398422158803, "etime": 1727398422158803, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49827, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398459690290, "etime": 1727398459690290, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49866, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398432035037, "etime": 1727398432035037, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49835, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398472661561, "etime": 1727398472661561, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49879, "dest_port": 443, "protocol": "tls", "result": "Behinder"}, {"stime": 1727398358076545, "etime": 1727398358076545, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49822, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398420128304, "etime": 1727398420128304, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49825, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398449473223, "etime": 1727398449473223, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49855, "dest_port": 443, "protocol": "tls", "result": "Behinder"}, {"stime": 1727398464908442, "etime": 1727398464908442, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49872, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398491019080, "etime": 1727398491019080, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49898, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398457659296, "etime": 1727398457659296, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49864, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398440299611, "etime": 1727398440299611, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49845, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398448426143, "etime": 1727398448426143, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49853, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398458676962, "etime": 1727398458676962, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49865, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398428989463, "etime": 1727398428989463, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49832, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398498158668, "etime": 1727398498158668, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49906, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727398449441608, "etime": 1727398449441608, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49854, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398486956494, "etime": 1727398486956494, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49894, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398480862146, "etime": 1727398480862146, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49888, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398465972335, "etime": 1727398465972335, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49874, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398466987064, "etime": 1727398466987064, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49875, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398463894092, "etime": 1727398463894092, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49871, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398469018843, "etime": 1727398469018843, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49877, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398452562041, "etime": 1727398452562041, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49859, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727398425205691, "etime": 1727398425205691, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49830, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727398495112474, "etime": 1727398495112474, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49903, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398430002739, "etime": 1727398430002739, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49833, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398433165235, "etime": 1727398433165235, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49837, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727398450487031, "etime": 1727398450487031, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49856, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398427981151, "etime": 1727398427981151, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49831, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727398461862323, "etime": 1727398461862323, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49869, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398462878120, "etime": 1727398462878120, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49870, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398439293802, "etime": 1727398439293802, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49844, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727398473674235, "etime": 1727398473674235, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49880, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398435190689, "etime": 1727398435190689, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49839, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398460719514, "etime": 1727398460719514, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49867, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398474692524, "etime": 1727398474692524, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49881, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398485940259, "etime": 1727398485940259, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49893, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398456644084, "etime": 1727398456644084, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49863, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398445378499, "etime": 1727398445378499, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49850, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398431018713, "etime": 1727398431018713, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49834, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398421143529, "etime": 1727398421143529, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49826, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398437223311, "etime": 1727398437223311, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49841, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398478830800, "etime": 1727398478830800, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49886, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398439253415, "etime": 1727398439253415, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49843, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398488987171, "etime": 1727398488987171, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49896, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398492033730, "etime": 1727398492033730, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49899, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398493050087, "etime": 1727398493050087, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49900, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398501253934, "etime": 1727398501253934, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49911, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398433049518, "etime": 1727398433049518, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49836, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727398479847920, "etime": 1727398479847920, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49887, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398451502421, "etime": 1727398451502421, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49857, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398476794739, "etime": 1727398476794739, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49884, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727398502268493, "etime": 1727398502268493, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49912, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398438238192, "etime": 1727398438238192, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49842, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398446393687, "etime": 1727398446393687, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49851, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398475721385, "etime": 1727398475721385, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49882, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398496128996, "etime": 1727398496128996, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49904, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398490003133, "etime": 1727398490003133, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49897, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398502279382, "etime": 1727398502279382, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49913, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398424190567, "etime": 1727398424190567, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49829, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398455628110, "etime": 1727398455628110, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49862, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398447410265, "etime": 1727398447410265, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49852, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398497143015, "etime": 1727398497143015, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49905, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398484924364, "etime": 1727398484924364, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49892, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398454601908, "etime": 1727398454601908, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49861, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398419111520, "etime": 1727398419111520, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49824, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398499221673, "etime": 1727398499221673, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49909, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727398476736938, "etime": 1727398476736938, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49883, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727398494104157, "etime": 1727398494104157, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49902, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:43:18.162] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 15|max_alert: 1000
[2025-12-09 20:43:18.162] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:43:18.162] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:43:18.162] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25950 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.1727228273.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.1727228273.jsonl?X-Amz-Expires=604800&X-Amz-Signature=f27df2b1abec929a907e661619dfb6221537871ec304d856b60e96427162c6e8&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T124306Z"}
[2025-12-09 20:43:18.162] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:43:18.162] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:43:18.162] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:43:18.162] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:43:18.162] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:43:18.162] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:43:25.822] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID35-tls1.2CS4.8_windowsserver2008_kali_jdk_domain.1727228273.jsonl|result:{"code": 1, "total_count": 184, "abnormal_count": 4, "normal_count": 180, "alert_count": 4, "timestamp": 1765313005819, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727228372773284, "etime": 1727228372773284, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49300, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228347242283, "etime": 1727228347242283, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49213, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228369707753, "etime": 1727228369707753, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49289, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228373572828, "etime": 1727228373572828, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49303, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228344340363, "etime": 1727228344340363, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49202, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228378769312, "etime": 1727228378769312, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49323, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228341250575, "etime": 1727228341250575, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49190, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228361453443, "etime": 1727228361453443, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49258, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228361718571, "etime": 1727228361718571, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49259, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228335604283, "etime": 1727228335604283, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49169, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228363621705, "etime": 1727228363621705, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49266, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228364980110, "etime": 1727228364980110, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49271, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228369215196, "etime": 1727228369215196, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49287, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228371384150, "etime": 1727228371384150, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49295, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228372217116, "etime": 1727228372217116, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49298, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228354105108, "etime": 1727228354105108, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49239, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228350346222, "etime": 1727228350346222, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49225, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228343622427, "etime": 1727228343622427, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49199, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228337382030, "etime": 1727228337382030, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49176, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228377770967, "etime": 1727228377770967, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49319, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228367319163, "etime": 1727228367319163, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49280, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228368641417, "etime": 1727228368641417, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49285, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228338146227, "etime": 1727228338146227, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49179, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228368317780, "etime": 1727228368317780, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49284, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228340673637, "etime": 1727228340673637, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49188, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228273267937, "etime": 1727228273267937, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49161, "dest_port": 51129, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727228380672237, "etime": 1727228380672237, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49330, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228362295628, "etime": 1727228362295628, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49261, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228347746667, "etime": 1727228347746667, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49215, "dest_port": 51129, "protocol": "tls", "result": "Behinder"}, {"stime": 1727228334371239, "etime": 1727228334371239, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49164, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228376190320, "etime": 1727228376190320, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49313, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228345419563, "etime": 1727228345419563, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49206, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228337164004, "etime": 1727228337164004, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49175, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228349331864, "etime": 1727228349331864, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49221, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228355555892, "etime": 1727228355555892, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49244, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228363324896, "etime": 1727228363324896, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49265, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228365225356, "etime": 1727228365225356, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49272, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228365980500, "etime": 1727228365980500, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49275, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228352093153, "etime": 1727228352093153, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49231, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228337663125, "etime": 1727228337663125, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49177, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228352545491, "etime": 1727228352545491, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49233, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228383324402, "etime": 1727228383324402, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49340, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228354728974, "etime": 1727228354728974, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49241, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228343387909, "etime": 1727228343387909, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49198, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228340142970, "etime": 1727228340142970, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49186, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228344621070, "etime": 1727228344621070, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49203, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228342897145, "etime": 1727228342897145, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49196, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228374527429, "etime": 1727228374527429, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49307, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228377011494, "etime": 1727228377011494, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49316, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228366782327, "etime": 1727228366782327, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49278, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228346945087, "etime": 1727228346945087, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49212, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228363915331, "etime": 1727228363915331, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49267, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228379596288, "etime": 1727228379596288, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49326, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228376732938, "etime": 1727228376732938, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49315, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228338396306, "etime": 1727228338396306, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49180, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228381452104, "etime": 1727228381452104, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49333, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228383542297, "etime": 1727228383542297, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49341, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228375374975, "etime": 1727228375374975, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49310, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228340424653, "etime": 1727228340424653, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49187, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228354979232, "etime": 1727228354979232, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49242, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228334667490, "etime": 1727228334667490, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49165, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228349581830, "etime": 1727228349581830, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49222, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228362826024, "etime": 1727228362826024, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49263, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228364161349, "etime": 1727228364161349, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49268, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228382512819, "etime": 1727228382512819, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49337, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228355837000, "etime": 1727228355837000, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49245, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228376453266, "etime": 1727228376453266, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49314, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228379331990, "etime": 1727228379331990, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49325, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228341531774, "etime": 1727228341531774, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49191, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228342545875, "etime": 1727228342545875, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49195, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228379845666, "etime": 1727228379845666, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49327, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228337897332, "etime": 1727228337897332, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49178, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228364407939, "etime": 1727228364407939, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49269, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228373310114, "etime": 1727228373310114, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49302, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228370261846, "etime": 1727228370261846, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49291, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228368103232, "etime": 1727228368103232, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49283, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228351421820, "etime": 1727228351421820, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49229, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228377538177, "etime": 1727228377538177, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49318, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228352779716, "etime": 1727228352779716, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49234, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228367564972, "etime": 1727228367564972, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49281, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228350632802, "etime": 1727228350632802, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49226, "dest_port": 51129, "protocol": "tls", "result": "Behinder"}, {"stime": 1727228350907601, "etime": 1727228350907601, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49227, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228380921813, "etime": 1727228380921813, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49331, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228334044596, "etime": 1727228334044596, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49163, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228362545466, "etime": 1727228362545466, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49262, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228365704107, "etime": 1727228365704107, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49274, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228361234274, "etime": 1727228361234274, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49257, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228372479896, "etime": 1727228372479896, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49299, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228359424722, "etime": 1727228359424722, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49250, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228356101916, "etime": 1727228356101916, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49246, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228273791286, "etime": 1727228273791286, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49162, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228348801927, "etime": 1727228348801927, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49219, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228359924705, "etime": 1727228359924705, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49252, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228369970663, "etime": 1727228369970663, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49290, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228371907738, "etime": 1727228371907738, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49297, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228348271033, "etime": 1727228348271033, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49217, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228336664968, "etime": 1727228336664968, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49173, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228374049553, "etime": 1727228374049553, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49305, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228351796311, "etime": 1727228351796311, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49230, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228346695402, "etime": 1727228346695402, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49211, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228335884396, "etime": 1727228335884396, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49170, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228336150048, "etime": 1727228336150048, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49171, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228336898017, "etime": 1727228336898017, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49174, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228339535628, "etime": 1727228339535628, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49184, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228344074466, "etime": 1727228344074466, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49201, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228347491356, "etime": 1727228347491356, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49214, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228338677021, "etime": 1727228338677021, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49181, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228349815676, "etime": 1727228349815676, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49223, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228360938052, "etime": 1727228360938052, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49256, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228363059879, "etime": 1727228363059879, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49264, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228381982756, "etime": 1727228381982756, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49335, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228367088633, "etime": 1727228367088633, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49279, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228354432762, "etime": 1727228354432762, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49240, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228371092176, "etime": 1727228371092176, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49294, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228336399349, "etime": 1727228336399349, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49172, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228377305601, "etime": 1727228377305601, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49317, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228345930668, "etime": 1727228345930668, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49208, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228375114604, "etime": 1727228375114604, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49309, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228375636055, "etime": 1727228375636055, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49311, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228380094941, "etime": 1727228380094941, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49328, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228360626331, "etime": 1727228360626331, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49255, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228346211338, "etime": 1727228346211338, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49209, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228382279256, "etime": 1727228382279256, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49336, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228373819470, "etime": 1727228373819470, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49304, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228384276013, "etime": 1727228384276013, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49344, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228366489399, "etime": 1727228366489399, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49277, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228339207953, "etime": 1727228339207953, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49183, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228345691604, "etime": 1727228345691604, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49207, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228368920004, "etime": 1727228368920004, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49286, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228380391741, "etime": 1727228380391741, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49329, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228381202479, "etime": 1727228381202479, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49332, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228343139302, "etime": 1727228343139302, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49197, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228379049739, "etime": 1727228379049739, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49324, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228341797077, "etime": 1727228341797077, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49192, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228370507253, "etime": 1727228370507253, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49292, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228373049477, "etime": 1727228373049477, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49301, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228381717115, "etime": 1727228381717115, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49334, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228335353818, "etime": 1727228335353818, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49168, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228359191609, "etime": 1727228359191609, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49249, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228342266820, "etime": 1727228342266820, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49194, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228350064585, "etime": 1727228350064585, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49224, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228355260490, "etime": 1727228355260490, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49243, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228348551688, "etime": 1727228348551688, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49218, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228358959122, "etime": 1727228358959122, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49248, "dest_port": 51129, "protocol": "tls", "result": "Behinder"}, {"stime": 1727228352311015, "etime": 1727228352311015, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49232, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228364671115, "etime": 1727228364671115, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49270, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228356398525, "etime": 1727228356398525, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49247, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228346429981, "etime": 1727228346429981, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49210, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228366226935, "etime": 1727228366226935, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49276, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228360376726, "etime": 1727228360376726, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49254, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228370815934, "etime": 1727228370815934, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49293, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228348053195, "etime": 1727228348053195, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49216, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228349082630, "etime": 1727228349082630, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49220, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228353340946, "etime": 1727228353340946, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49236, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228339831525, "etime": 1727228339831525, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49185, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228342030775, "etime": 1727228342030775, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49193, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228353840290, "etime": 1727228353840290, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49238, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228369430192, "etime": 1727228369430192, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49288, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228371646592, "etime": 1727228371646592, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49296, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228338926801, "etime": 1727228338926801, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49182, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228340938701, "etime": 1727228340938701, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49189, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228345150791, "etime": 1727228345150791, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49205, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228361998599, "etime": 1727228361998599, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49260, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228378296422, "etime": 1727228378296422, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49321, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228359690181, "etime": 1727228359690181, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49251, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228378535026, "etime": 1727228378535026, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49322, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228383059110, "etime": 1727228383059110, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49339, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228344854861, "etime": 1727228344854861, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49204, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228383823889, "etime": 1727228383823889, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49342, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228384057715, "etime": 1727228384057715, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49343, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228374280350, "etime": 1727228374280350, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49306, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228335119982, "etime": 1727228335119982, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49167, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228360158336, "etime": 1727228360158336, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49253, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228365472584, "etime": 1727228365472584, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49273, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228375867547, "etime": 1727228375867547, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49312, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228351141340, "etime": 1727228351141340, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49228, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228374836041, "etime": 1727228374836041, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49308, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228378048157, "etime": 1727228378048157, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49320, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228334886361, "etime": 1727228334886361, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49166, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228343856020, "etime": 1727228343856020, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49200, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228353559245, "etime": 1727228353559245, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49237, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228353091241, "etime": 1727228353091241, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49235, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228367841207, "etime": 1727228367841207, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49282, "dest_port": 51129, "protocol": "tls", "result": "Normal"}, {"stime": 1727228382747182, "etime": 1727228382747182, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49338, "dest_port": 51129, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:43:25.822] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 4|max_alert: 1000
[2025-12-09 20:43:25.822] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:43:25.822] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:43:25.822] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24274 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID42-tls1.2CS4.8_windowsserver2016_kali_openjdk_IP.1727339480.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID42-tls1.2CS4.8_windowsserver2016_kali_openjdk_IP.1727339480.jsonl?X-Amz-Signature=f8bcec2fef1644e9a3a6705753d5f3c4a1b2a348590a3d6bbbbcd6dd4ca508b3&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T124309Z&X-Amz-SignedHeaders=host"}
[2025-12-09 20:43:25.822] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:43:25.822] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:43:25.822] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:43:25.822] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:43:25.822] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:43:25.822] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:43:29.300] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID42-tls1.2CS4.8_windowsserver2016_kali_openjdk_IP.1727339480.jsonl|result:{"code": 1, "total_count": 84, "abnormal_count": 16, "normal_count": 68, "alert_count": 16, "timestamp": 1765313009299, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727339548458992, "etime": 1727339548458992, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53929, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339603927705, "etime": 1727339603927705, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53991, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339560770894, "etime": 1727339560770894, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53943, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339540599740, "etime": 1727339540599740, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53923, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339549505491, "etime": 1727339549505491, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53931, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727339570036531, "etime": 1727339570036531, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53953, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339578323566, "etime": 1727339578323566, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53963, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727339593631017, "etime": 1727339593631017, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53979, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339548488803, "etime": 1727339548488803, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53930, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339588552387, "etime": 1727339588552387, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53974, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339614740590, "etime": 1727339614740590, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54001, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339583427557, "etime": 1727339583427557, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53968, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727339592614849, "etime": 1727339592614849, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53978, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727339480539565, "etime": 1727339480539565, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53921, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727339545415458, "etime": 1727339545415458, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53926, "dest_port": 443, "protocol": "tls", "result": "Behinder"}, {"stime": 1727339571084569, "etime": 1727339571084569, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53955, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339615755621, "etime": 1727339615755621, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54002, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339613724715, "etime": 1727339613724715, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54000, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339568006036, "etime": 1727339568006036, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53951, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339584444851, "etime": 1727339584444851, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53969, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339569021234, "etime": 1727339569021234, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53952, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339542630182, "etime": 1727339542630182, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53925, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727339594646147, "etime": 1727339594646147, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53980, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339546428604, "etime": 1727339546428604, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53927, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339573146432, "etime": 1727339573146432, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53957, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339547443438, "etime": 1727339547443438, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53928, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339582412204, "etime": 1727339582412204, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53967, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339553599801, "etime": 1727339553599801, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53935, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339541614892, "etime": 1727339541614892, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53924, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339586521624, "etime": 1727339586521624, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53972, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339597724267, "etime": 1727339597724267, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53984, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339598740116, "etime": 1727339598740116, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53985, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339580351079, "etime": 1727339580351079, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53965, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339605958869, "etime": 1727339605958869, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53993, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339574178882, "etime": 1727339574178882, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53958, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339575193624, "etime": 1727339575193624, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53959, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339601787081, "etime": 1727339601787081, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53988, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339578275539, "etime": 1727339578275539, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53962, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339612661512, "etime": 1727339612661512, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53998, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727339616777854, "etime": 1727339616777854, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54004, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727339591599475, "etime": 1727339591599475, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53977, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339600771683, "etime": 1727339600771683, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53987, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339555630396, "etime": 1727339555630396, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53937, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339599755508, "etime": 1727339599755508, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53986, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339556663070, "etime": 1727339556663070, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53938, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339559755608, "etime": 1727339559755608, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53942, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339554616360, "etime": 1727339554616360, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53936, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339585503361, "etime": 1727339585503361, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53971, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727339587536766, "etime": 1727339587536766, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53973, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727339590583885, "etime": 1727339590583885, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53976, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339558739889, "etime": 1727339558739889, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53941, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339596709309, "etime": 1727339596709309, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53983, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339572132048, "etime": 1727339572132048, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53956, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339602917098, "etime": 1727339602917098, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53990, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727339607990003, "etime": 1727339607990003, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53995, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339562801998, "etime": 1727339562801998, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53945, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339552569661, "etime": 1727339552569661, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53934, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339556697863, "etime": 1727339556697863, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53939, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339563818316, "etime": 1727339563818316, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53946, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339577240217, "etime": 1727339577240217, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53961, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339480582231, "etime": 1727339480582231, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53922, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339561786498, "etime": 1727339561786498, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53944, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339576225965, "etime": 1727339576225965, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53960, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339589568425, "etime": 1727339589568425, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53975, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339585459205, "etime": 1727339585459205, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53970, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339563943521, "etime": 1727339563943521, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53947, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727339612710828, "etime": 1727339612710828, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53999, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727339570077573, "etime": 1727339570077573, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53954, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339581380422, "etime": 1727339581380422, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53966, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339565974380, "etime": 1727339565974380, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53949, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339604942825, "etime": 1727339604942825, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53992, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339557709548, "etime": 1727339557709548, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53940, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339606974159, "etime": 1727339606974159, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53994, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339611643124, "etime": 1727339611643124, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53997, "dest_port": 443, "protocol": "tls", "result": "Behinder"}, {"stime": 1727339551537157, "etime": 1727339551537157, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53933, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339564958509, "etime": 1727339564958509, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53948, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339566989979, "etime": 1727339566989979, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53950, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339579333889, "etime": 1727339579333889, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53964, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339595693031, "etime": 1727339595693031, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53982, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727339602802454, "etime": 1727339602802454, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53989, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339594678261, "etime": 1727339594678261, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53981, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339550523294, "etime": 1727339550523294, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53932, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339616771081, "etime": 1727339616771081, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54003, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727339609006381, "etime": 1727339609006381, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53996, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:43:29.300] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 16|max_alert: 1000
[2025-12-09 20:43:29.300] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:43:29.300] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:43:29.300] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25951 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID4_CS4.8_win11_Ubuntu_openjdk_Domain_http.1726054979.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID4_CS4.8_win11_Ubuntu_openjdk_Domain_http.1726054979.jsonl?X-Amz-Date=20251209T124312Z&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=cfe7dcbf7087700a22c384a5bdef1983e298992c56ce148678b48554b82de105"}
[2025-12-09 20:43:29.300] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:43:29.301] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:43:29.301] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:43:29.301] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:43:29.301] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:43:29.301] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:43:30.587] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID4_CS4.8_win11_Ubuntu_openjdk_Domain_http.1726054979.jsonl|result:{"code": 0, "total_count": 31, "abnormal_count": 0, "normal_count": 31, "alert_count": 0, "timestamp": 1765313010586, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726055016235989, "etime": 1726055016235989, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53090, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726055041072112, "etime": 1726055041072112, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53102, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726055050129010, "etime": 1726055050129010, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53105, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726055006512530, "etime": 1726055006512530, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53086, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726055015566953, "etime": 1726055015566953, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53089, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726054985203066, "etime": 1726054985203066, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53075, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726055047103992, "etime": 1726055047103992, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53104, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726055003497680, "etime": 1726055003497680, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53085, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726054991420662, "etime": 1726054991420662, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53078, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726055022276517, "etime": 1726055022276517, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53093, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726054979179812, "etime": 1726054979179812, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53073, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726055009526045, "etime": 1726055009526045, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53087, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726055044093183, "etime": 1726055044093183, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53103, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726055019251056, "etime": 1726055019251056, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53091, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726055028989947, "etime": 1726055028989947, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53098, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726055012550321, "etime": 1726055012550321, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53088, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726055038062091, "etime": 1726055038062091, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53101, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726054988219951, "etime": 1726054988219951, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53076, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726054991234577, "etime": 1726054991234577, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53077, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726055025955536, "etime": 1726055025955536, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53096, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726055000480483, "etime": 1726055000480483, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53084, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726055025945840, "etime": 1726055025945840, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53095, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726055028979110, "etime": 1726055028979110, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53097, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726055032013003, "etime": 1726055032013003, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53099, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726054982195136, "etime": 1726054982195136, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53074, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726055035045670, "etime": 1726055035045670, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53100, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726055022932604, "etime": 1726055022932604, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53094, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726055019264142, "etime": 1726055019264142, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53092, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726054994441442, "etime": 1726054994441442, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53082, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726054997455462, "etime": 1726054997455462, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53083, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726055053147729, "etime": 1726055053147729, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 53106, "dest_port": 8889, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:43:30.587] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:43:30.587] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24708 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID35-httpCS4.8_windowsserver2008_kali_jdk_domain.1727228426.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID35-httpCS4.8_windowsserver2008_kali_jdk_domain.1727228426.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T124316Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=4b4a0cc3e6ddd5a202bf59700ca665a9940d27acdc4e078fa1fc06cce5ec8ebb"}
[2025-12-09 20:43:30.587] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:43:30.587] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:43:30.587] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:43:30.587] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:43:30.587] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:43:30.587] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:43:43.979] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID35-httpCS4.8_windowsserver2008_kali_jdk_domain.1727228426.jsonl|result:{"code": 0, "total_count": 324, "abnormal_count": 0, "normal_count": 324, "alert_count": 0, "timestamp": 1765313023975, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727228505160478, "etime": 1727228505160478, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49720, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228489014000, "etime": 1727228489014000, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49497, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228508342638, "etime": 1727228508342638, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49772, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228494390478, "etime": 1727228494390478, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49579, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228500496184, "etime": 1727228500496184, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49677, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228500870140, "etime": 1727228500870140, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49683, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228506798408, "etime": 1727228506798408, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49747, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228487251405, "etime": 1727228487251405, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49471, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228505784306, "etime": 1727228505784306, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49729, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228495987417, "etime": 1727228495987417, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49605, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228493023566, "etime": 1727228493023566, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49558, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228493631686, "etime": 1727228493631686, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49568, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228499435317, "etime": 1727228499435317, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49661, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228504520677, "etime": 1727228504520677, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49710, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228488452717, "etime": 1727228488452717, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49491, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228489201695, "etime": 1727228489201695, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49501, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228492602351, "etime": 1727228492602351, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49551, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228500012352, "etime": 1727228500012352, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49670, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228486408943, "etime": 1727228486408943, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49459, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228505097974, "etime": 1727228505097974, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49719, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228497547352, "etime": 1727228497547352, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49631, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228498436410, "etime": 1727228498436410, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49644, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228496517393, "etime": 1727228496517393, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49615, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228495565907, "etime": 1727228495565907, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49599, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228487875226, "etime": 1727228487875226, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49482, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228489732240, "etime": 1727228489732240, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49508, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228487984984, "etime": 1727228487984984, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49484, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228488749140, "etime": 1727228488749140, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49494, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228497625293, "etime": 1727228497625293, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49632, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228499762549, "etime": 1727228499762549, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49666, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228500792426, "etime": 1727228500792426, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49682, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228506626718, "etime": 1727228506626718, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49744, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228490231046, "etime": 1727228490231046, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49516, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228492150016, "etime": 1727228492150016, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49545, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228487859725, "etime": 1727228487859725, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49481, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228492742444, "etime": 1727228492742444, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49554, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228500215304, "etime": 1727228500215304, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49674, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228508233762, "etime": 1727228508233762, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49771, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228490652127, "etime": 1727228490652127, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49522, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228493288564, "etime": 1727228493288564, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49562, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228499622206, "etime": 1727228499622206, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49663, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228501962163, "etime": 1727228501962163, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49700, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228505441812, "etime": 1727228505441812, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49723, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228493741233, "etime": 1727228493741233, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49570, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228505690292, "etime": 1727228505690292, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49728, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228501509592, "etime": 1727228501509592, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49694, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228498951494, "etime": 1727228498951494, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49650, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228506876442, "etime": 1727228506876442, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49749, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228501338188, "etime": 1727228501338188, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49690, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228507859150, "etime": 1727228507859150, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49765, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228508763961, "etime": 1727228508763961, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49778, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228495175977, "etime": 1727228495175977, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49593, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228507921785, "etime": 1727228507921785, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49766, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228488062674, "etime": 1727228488062674, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49485, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228488202870, "etime": 1727228488202870, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49487, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228499076109, "etime": 1727228499076109, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49652, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228492820286, "etime": 1727228492820286, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49555, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228494349442, "etime": 1727228494349442, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49578, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228501650165, "etime": 1727228501650165, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49696, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228506969735, "etime": 1727228506969735, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49751, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228491151485, "etime": 1727228491151485, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49529, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228494162050, "etime": 1727228494162050, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49576, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228506455308, "etime": 1727228506455308, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49741, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228499872009, "etime": 1727228499872009, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49668, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228491447847, "etime": 1727228491447847, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49534, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228496392841, "etime": 1727228496392841, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49613, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228494459044, "etime": 1727228494459044, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49580, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228494255651, "etime": 1727228494255651, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49577, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228505503261, "etime": 1727228505503261, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49724, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228497188631, "etime": 1727228497188631, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49626, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228495114202, "etime": 1727228495114202, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49591, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228494817377, "etime": 1727228494817377, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49585, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228505862725, "etime": 1727228505862725, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49730, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228501696910, "etime": 1727228501696910, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49697, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228496891886, "etime": 1727228496891886, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49621, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228497828194, "etime": 1727228497828194, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49635, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228505347371, "etime": 1727228505347371, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49722, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228499341191, "etime": 1727228499341191, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49659, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228497688067, "etime": 1727228497688067, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49633, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228506330596, "etime": 1727228506330596, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49738, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228488921267, "etime": 1727228488921267, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49496, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228426214987, "etime": 1727228426214987, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49455, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228486892403, "etime": 1727228486892403, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49465, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228493163633, "etime": 1727228493163633, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49560, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228504676727, "etime": 1727228504676727, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49713, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228505035314, "etime": 1727228505035314, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49718, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228505628087, "etime": 1727228505628087, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49727, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228500932686, "etime": 1727228500932686, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49684, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228505581294, "etime": 1727228505581294, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49726, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228490449327, "etime": 1727228490449327, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49519, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228490153270, "etime": 1727228490153270, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49514, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228500308495, "etime": 1727228500308495, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49675, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228492445923, "etime": 1727228492445923, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49549, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228497875441, "etime": 1727228497875441, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49636, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228505909501, "etime": 1727228505909501, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49731, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228508031113, "etime": 1727228508031113, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49767, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228497407036, "etime": 1727228497407036, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49629, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228490355757, "etime": 1727228490355757, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49518, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228492695887, "etime": 1727228492695887, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49553, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228493085641, "etime": 1727228493085641, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49559, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228495753349, "etime": 1727228495753349, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49602, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228495207361, "etime": 1727228495207361, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49594, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228493210532, "etime": 1727228493210532, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49561, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228496720827, "etime": 1727228496720827, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49618, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228491853291, "etime": 1727228491853291, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49539, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228506424500, "etime": 1727228506424500, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49740, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228497297891, "etime": 1727228497297891, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49628, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228493304322, "etime": 1727228493304322, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49563, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228504770037, "etime": 1727228504770037, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49714, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228487609907, "etime": 1727228487609907, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49477, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228491260843, "etime": 1727228491260843, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49531, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228500745510, "etime": 1727228500745510, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49681, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228487080312, "etime": 1727228487080312, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49468, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228492914104, "etime": 1727228492914104, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49556, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228497933635, "etime": 1727228497933635, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49637, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228506220743, "etime": 1727228506220743, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49736, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228489388444, "etime": 1727228489388444, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49504, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228505269199, "etime": 1727228505269199, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49721, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228506127374, "etime": 1727228506127374, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49734, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228496034051, "etime": 1727228496034051, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49606, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228487828504, "etime": 1727228487828504, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49480, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228492524594, "etime": 1727228492524594, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49550, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228497953900, "etime": 1727228497953900, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49638, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228493444769, "etime": 1727228493444769, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49565, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228504442589, "etime": 1727228504442589, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49709, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228504879234, "etime": 1727228504879234, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49716, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228508467578, "etime": 1727228508467578, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49774, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228508545701, "etime": 1727228508545701, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49775, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228488655667, "etime": 1727228488655667, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49493, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228499684374, "etime": 1727228499684374, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49664, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228488546064, "etime": 1727228488546064, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49492, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228500620617, "etime": 1727228500620617, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49679, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228497469376, "etime": 1727228497469376, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49630, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228487454441, "etime": 1727228487454441, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49474, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228487563334, "etime": 1727228487563334, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49476, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228489029956, "etime": 1727228489029956, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49498, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228506174065, "etime": 1727228506174065, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49735, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228506736039, "etime": 1727228506736039, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49745, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228499107198, "etime": 1727228499107198, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49653, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228491369766, "etime": 1727228491369766, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49533, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228504598937, "etime": 1727228504598937, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49712, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228492228065, "etime": 1727228492228065, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49546, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228488281093, "etime": 1727228488281093, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49488, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228489934719, "etime": 1727228489934719, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49511, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228506252182, "etime": 1727228506252182, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49737, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228498842857, "etime": 1727228498842857, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49649, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228495784329, "etime": 1727228495784329, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49603, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228499216982, "etime": 1727228499216982, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49657, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228496190067, "etime": 1727228496190067, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49609, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228486487192, "etime": 1727228486487192, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49460, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228426238543, "etime": 1727228426238543, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49456, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228494052995, "etime": 1727228494052995, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49574, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228491728586, "etime": 1727228491728586, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49537, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228497110691, "etime": 1727228497110691, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49625, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228498171653, "etime": 1727228498171653, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49641, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228501432093, "etime": 1727228501432093, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49692, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228507750115, "etime": 1727228507750115, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49763, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228500105934, "etime": 1727228500105934, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49672, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228496112075, "etime": 1727228496112075, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49608, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228495051561, "etime": 1727228495051561, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49590, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228486642943, "etime": 1727228486642943, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49462, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228488405926, "etime": 1727228488405926, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49490, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228489482243, "etime": 1727228489482243, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49505, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228493600323, "etime": 1727228493600323, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49567, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228494708759, "etime": 1727228494708759, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49584, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228506501562, "etime": 1727228506501562, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49742, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228487048815, "etime": 1727228487048815, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49467, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228486736800, "etime": 1727228486736800, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49463, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228489903127, "etime": 1727228489903127, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49510, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228492633629, "etime": 1727228492633629, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49552, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228499793425, "etime": 1727228499793425, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49667, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228501244683, "etime": 1727228501244683, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49689, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228492118480, "etime": 1727228492118480, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49544, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228498623926, "etime": 1727228498623926, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49646, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228503928150, "etime": 1727228503928150, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49702, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228504301976, "etime": 1727228504301976, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49707, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228491057672, "etime": 1727228491057672, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49528, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228487937556, "etime": 1727228487937556, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49483, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228495659902, "etime": 1727228495659902, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49600, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228498265182, "etime": 1727228498265182, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49642, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228495519664, "etime": 1727228495519664, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49598, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228487220453, "etime": 1727228487220453, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49470, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228497203827, "etime": 1727228497203827, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49627, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228508061692, "etime": 1727228508061692, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49768, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228490012791, "etime": 1727228490012791, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49512, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228499715788, "etime": 1727228499715788, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49665, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228498342945, "etime": 1727228498342945, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49643, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228506766586, "etime": 1727228506766586, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49746, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228489232556, "etime": 1727228489232556, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49502, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228507640557, "etime": 1727228507640557, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49762, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228490860131, "etime": 1727228490860131, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49525, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228501026187, "etime": 1727228501026187, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49686, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228501181943, "etime": 1727228501181943, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49688, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228500542802, "etime": 1727228500542802, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49678, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228499013626, "etime": 1727228499013626, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49651, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228504832436, "etime": 1727228504832436, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49715, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228499122818, "etime": 1727228499122818, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49654, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228500995202, "etime": 1727228500995202, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49685, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228487687967, "etime": 1727228487687967, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49478, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228493538063, "etime": 1727228493538063, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49566, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228500059001, "etime": 1727228500059001, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49671, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228491916264, "etime": 1727228491916264, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49540, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228487298049, "etime": 1727228487298049, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49472, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228504208659, "etime": 1727228504208659, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49706, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228496330444, "etime": 1727228496330444, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49612, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228506064758, "etime": 1727228506064758, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49733, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228503975094, "etime": 1727228503975094, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49703, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228492071353, "etime": 1727228492071353, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49543, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228499512789, "etime": 1727228499512789, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49662, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228491962676, "etime": 1727228491962676, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49541, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228504099830, "etime": 1727228504099830, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49705, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228501478879, "etime": 1727228501478879, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49693, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228496861364, "etime": 1727228496861364, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49620, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228493678621, "etime": 1727228493678621, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49569, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228496783566, "etime": 1727228496783566, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49619, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228492321637, "etime": 1727228492321637, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49547, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228492056433, "etime": 1727228492056433, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49542, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228487142419, "etime": 1727228487142419, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49469, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228493818999, "etime": 1727228493818999, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49571, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228499403629, "etime": 1727228499403629, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49660, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228490979661, "etime": 1727228490979661, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49527, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228498062239, "etime": 1727228498062239, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49640, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228497063542, "etime": 1727228497063542, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49624, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228503900836, "etime": 1727228503900836, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49701, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228494084585, "etime": 1727228494084585, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49575, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228508170805, "etime": 1727228508170805, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49770, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228490934133, "etime": 1727228490934133, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49526, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228501072835, "etime": 1727228501072835, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49687, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228507344300, "etime": 1727228507344300, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49756, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228489622707, "etime": 1727228489622707, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49507, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228497734494, "etime": 1727228497734494, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49634, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228490043539, "etime": 1727228490043539, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49513, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228498764075, "etime": 1727228498764075, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49648, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228507765208, "etime": 1727228507765208, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49764, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228495706560, "etime": 1727228495706560, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49601, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228507453408, "etime": 1727228507453408, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49759, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228501884577, "etime": 1727228501884577, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49699, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228490215504, "etime": 1727228490215504, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49515, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228486565327, "etime": 1727228486565327, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49461, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228490683037, "etime": 1727228490683037, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49523, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228492430766, "etime": 1727228492430766, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49548, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228495020275, "etime": 1727228495020275, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49588, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228498545646, "etime": 1727228498545646, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49645, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228501369285, "etime": 1727228501369285, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49691, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228499247360, "etime": 1727228499247360, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49658, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228498015261, "etime": 1727228498015261, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49639, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228487469471, "etime": 1727228487469471, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49475, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228507593948, "etime": 1727228507593948, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49761, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228496486428, "etime": 1727228496486428, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49614, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228489154319, "etime": 1727228489154319, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49500, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228494646061, "etime": 1727228494646061, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49583, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228506361461, "etime": 1727228506361461, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49739, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228490621238, "etime": 1727228490621238, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49521, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228491213921, "etime": 1727228491213921, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49530, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228488827207, "etime": 1727228488827207, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49495, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228495878604, "etime": 1727228495878604, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49604, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228496299016, "etime": 1727228496299016, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49611, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228495035713, "etime": 1727228495035713, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49589, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228496564804, "etime": 1727228496564804, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49616, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228500386530, "etime": 1727228500386530, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49676, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228500136905, "etime": 1727228500136905, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49673, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228504396221, "etime": 1727228504396221, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49708, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228507375092, "etime": 1727228507375092, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49757, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228507156915, "etime": 1727228507156915, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49754, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228490776954, "etime": 1727228490776954, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49524, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228494583271, "etime": 1727228494583271, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49582, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228504988731, "etime": 1727228504988731, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49717, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228489513533, "etime": 1727228489513533, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49506, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228491635372, "etime": 1727228491635372, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49536, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228494520866, "etime": 1727228494520866, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49581, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228491775988, "etime": 1727228491775988, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49538, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228489342198, "etime": 1727228489342198, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49503, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228493912972, "etime": 1727228493912972, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49572, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228495425686, "etime": 1727228495425686, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49597, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228496985745, "etime": 1727228496985745, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49623, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228495129047, "etime": 1727228495129047, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49592, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228495363534, "etime": 1727228495363534, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49596, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228496939070, "etime": 1727228496939070, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49622, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228500698426, "etime": 1727228500698426, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49680, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228508420506, "etime": 1727228508420506, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49773, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228499153875, "etime": 1727228499153875, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49655, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228504052838, "etime": 1727228504052838, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49704, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228496252491, "etime": 1727228496252491, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49610, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228507422600, "etime": 1727228507422600, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49758, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228501790950, "etime": 1727228501790950, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49698, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228505519031, "etime": 1727228505519031, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49725, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228489810690, "etime": 1727228489810690, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49509, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228499185473, "etime": 1727228499185473, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49656, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228506829434, "etime": 1727228506829434, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49748, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228490527072, "etime": 1727228490527072, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49520, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228501603703, "etime": 1727228501603703, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49695, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228487392147, "etime": 1727228487392147, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49473, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228489107772, "etime": 1727228489107772, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49499, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228490277910, "etime": 1727228490277910, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49517, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228487719273, "etime": 1727228487719273, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49479, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228491338478, "etime": 1727228491338478, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49532, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228494880025, "etime": 1727228494880025, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49586, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228506564272, "etime": 1727228506564272, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49743, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228492961110, "etime": 1727228492961110, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49557, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228496642790, "etime": 1727228496642790, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49617, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228507094612, "etime": 1727228507094612, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49753, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228486798717, "etime": 1727228486798717, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49464, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228508639389, "etime": 1727228508639389, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49776, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228486254184, "etime": 1727228486254184, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49457, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228508124246, "etime": 1727228508124246, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49769, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228506939001, "etime": 1727228506939001, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49750, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228507562455, "etime": 1727228507562455, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49760, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228504551866, "etime": 1727228504551866, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49711, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228486970670, "etime": 1727228486970670, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49466, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228491541511, "etime": 1727228491541511, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49535, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228507250717, "etime": 1727228507250717, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49755, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228488343312, "etime": 1727228488343312, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49489, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228496081560, "etime": 1727228496081560, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49607, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228508670363, "etime": 1727228508670363, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49777, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228498670346, "etime": 1727228498670346, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49647, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228499965561, "etime": 1727228499965561, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49669, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228494957661, "etime": 1727228494957661, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49587, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228486300128, "etime": 1727228486300128, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49458, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228507032435, "etime": 1727228507032435, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49752, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228506002990, "etime": 1727228506002990, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49732, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228495253996, "etime": 1727228495253996, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49595, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228493366601, "etime": 1727228493366601, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49564, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228493975365, "etime": 1727228493975365, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49573, "dest_port": 51139, "protocol": "tls", "result": "Normal"}, {"stime": 1727228488125375, "etime": 1727228488125375, "src_ip": "192.168.112.142", "dest_ip": "192.168.112.140", "src_port": 49486, "dest_port": 51139, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:43:43.979] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:43:43.979] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24275 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID2-4-tls1.3CS4.8_win11_kali_openjdk_Domain.1730306354.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID2-4-tls1.3CS4.8_win11_kali_openjdk_Domain.1730306354.jsonl?X-Amz-Signature=cfe4018d6f5664ab1fb19200738a435c92704caa668bff1063bccbe128678026&X-Amz-Date=20251209T124319Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 20:43:43.979] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:43:43.979] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:43:43.979] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:43:43.979] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:43:43.979] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:43:43.980] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:43:45.725] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID2-4-tls1.3CS4.8_win11_kali_openjdk_Domain.1730306354.jsonl|result:{"code": 1, "total_count": 42, "abnormal_count": 16, "normal_count": 26, "alert_count": 16, "timestamp": 1765313025724, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1730306454798921, "etime": 1730306454798921, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51385, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306618082858, "etime": 1730306618082858, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51431, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306495527795, "etime": 1730306495527795, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51398, "dest_port": 8888, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1730306540932053, "etime": 1730306540932053, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51410, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306474969062, "etime": 1730306474969062, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51390, "dest_port": 8888, "protocol": "tls", "result": "Antsword"}, {"stime": 1730306550943542, "etime": 1730306550943542, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51412, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306485044425, "etime": 1730306485044425, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51394, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306561078717, "etime": 1730306561078717, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51416, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306414740705, "etime": 1730306414740705, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51377, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306571093086, "etime": 1730306571093086, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51419, "dest_port": 8888, "protocol": "tls", "result": "Antsword"}, {"stime": 1730306354693670, "etime": 1730306354693670, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51368, "dest_port": 8888, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1730306528385092, "etime": 1730306528385092, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51406, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306495113887, "etime": 1730306495113887, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51397, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306551008185, "etime": 1730306551008185, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51413, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306571317897, "etime": 1730306571317897, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51420, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306505783235, "etime": 1730306505783235, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51401, "dest_port": 8888, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1730306464891810, "etime": 1730306464891810, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51388, "dest_port": 8888, "protocol": "tls", "result": "Antsword"}, {"stime": 1730306464950611, "etime": 1730306464950611, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51389, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306454882535, "etime": 1730306454882535, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51386, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306518370885, "etime": 1730306518370885, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51404, "dest_port": 8888, "protocol": "tls", "result": "Antsword"}, {"stime": 1730306561024098, "etime": 1730306561024098, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51415, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306581333185, "etime": 1730306581333185, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51421, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306354733170, "etime": 1730306354733170, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51369, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306621180762, "etime": 1730306621180762, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51432, "dest_port": 8888, "protocol": "tls", "result": "Antsword"}, {"stime": 1730306648077362, "etime": 1730306648077362, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51438, "dest_port": 8888, "protocol": "tls", "result": "Antsword"}, {"stime": 1730306475037646, "etime": 1730306475037646, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51391, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306434775864, "etime": 1730306434775864, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51380, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306505544996, "etime": 1730306505544996, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51400, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306530844799, "etime": 1730306530844799, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51408, "dest_port": 8888, "protocol": "tls", "result": "Antsword"}, {"stime": 1730306604824875, "etime": 1730306604824875, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51428, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306581531557, "etime": 1730306581531557, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51422, "dest_port": 8888, "protocol": "tls", "result": "Antsword"}, {"stime": 1730306591543948, "etime": 1730306591543948, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51424, "dest_port": 8888, "protocol": "tls", "result": "Antsword"}, {"stime": 1730306648083081, "etime": 1730306648083081, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51439, "dest_port": 8888, "protocol": "tls", "result": "Antsword"}, {"stime": 1730306444785989, "etime": 1730306444785989, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51383, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306424761269, "etime": 1730306424761269, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51379, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306515794357, "etime": 1730306515794357, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51402, "dest_port": 8888, "protocol": "tls", "result": "Antsword"}, {"stime": 1730306594810093, "etime": 1730306594810093, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51425, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306485100986, "etime": 1730306485100986, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51395, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306608069437, "etime": 1730306608069437, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51429, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306638059463, "etime": 1730306638059463, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51436, "dest_port": 8888, "protocol": "tls", "result": "Antsword"}, {"stime": 1730306631195347, "etime": 1730306631195347, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51434, "dest_port": 8888, "protocol": "tls", "result": "Antsword"}, {"stime": 1730306540856292, "etime": 1730306540856292, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51409, "dest_port": 8888, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:43:45.725] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 16|max_alert: 1000
[2025-12-09 20:43:45.725] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:43:45.725] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:43:45.725] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24709 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID2-4-tls1.2CS4.8_win11_kali_openjdk_Domain.1730306699.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID2-4-tls1.2CS4.8_win11_kali_openjdk_Domain.1730306699.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T124322Z&X-Amz-Expires=604800&X-Amz-Signature=6a0a963d8da69c26891cbd7ac091762d31ddeb589a49fcdf74afff40f6e4eb38&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:43:45.725] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:43:45.725] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:43:45.726] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:43:45.726] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:43:45.726] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:43:45.726] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:43:47.584] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID2-4-tls1.2CS4.8_win11_kali_openjdk_Domain.1730306699.jsonl|result:{"code": 1, "total_count": 45, "abnormal_count": 18, "normal_count": 27, "alert_count": 18, "timestamp": 1765313027583, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1730306800192685, "etime": 1730306800192685, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51468, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306996032755, "etime": 1730306996032755, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51522, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306820826929, "etime": 1730306820826929, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51475, "dest_port": 8888, "protocol": "tls", "result": "Godzilla"}, {"stime": 1730306853394087, "etime": 1730306853394087, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51484, "dest_port": 8888, "protocol": "tls", "result": "Antsword"}, {"stime": 1730306770040392, "etime": 1730306770040392, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51459, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306875827449, "etime": 1730306875827449, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51490, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306800242670, "etime": 1730306800242670, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51469, "dest_port": 8888, "protocol": "tls", "result": "Antsword"}, {"stime": 1730306946742242, "etime": 1730306946742242, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51511, "dest_port": 8888, "protocol": "tls", "result": "Antsword"}, {"stime": 1730306926426985, "etime": 1730306926426985, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51506, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730307009137624, "etime": 1730307009137624, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51527, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306850876618, "etime": 1730306850876618, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51483, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306790179156, "etime": 1730306790179156, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51465, "dest_port": 8888, "protocol": "tls", "result": "Antsword"}, {"stime": 1730306895998536, "etime": 1730306895998536, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51498, "dest_port": 8888, "protocol": "tls", "result": "Antsword"}, {"stime": 1730307009132842, "etime": 1730307009132842, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51526, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306865811757, "etime": 1730306865811757, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51489, "dest_port": 8888, "protocol": "tls", "result": "Antsword"}, {"stime": 1730306885894710, "etime": 1730306885894710, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51494, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306820505956, "etime": 1730306820505956, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51474, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306956749010, "etime": 1730306956749010, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51512, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306699915036, "etime": 1730306699915036, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51448, "dest_port": 8888, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1730306959845431, "etime": 1730306959845431, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51514, "dest_port": 8888, "protocol": "tls", "result": "Antsword"}, {"stime": 1730306840862213, "etime": 1730306840862213, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51480, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306986027795, "etime": 1730306986027795, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51521, "dest_port": 8888, "protocol": "tls", "result": "Antsword"}, {"stime": 1730306830844115, "etime": 1730306830844115, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51477, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306929674737, "etime": 1730306929674737, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51507, "dest_port": 8888, "protocol": "tls", "result": "Antsword"}, {"stime": 1730306895955285, "etime": 1730306895955285, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51497, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306810258881, "etime": 1730306810258881, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51471, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306916421067, "etime": 1730306916421067, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51503, "dest_port": 8888, "protocol": "tls", "result": "Antsword"}, {"stime": 1730306810486928, "etime": 1730306810486928, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51473, "dest_port": 8888, "protocol": "tls", "result": "Godzilla"}, {"stime": 1730306790128868, "etime": 1730306790128868, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51464, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306906208847, "etime": 1730306906208847, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51501, "dest_port": 8888, "protocol": "tls", "result": "Antsword"}, {"stime": 1730306916214983, "etime": 1730306916214983, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51502, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306906007114, "etime": 1730306906007114, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51500, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306875883469, "etime": 1730306875883469, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51491, "dest_port": 8888, "protocol": "tls", "result": "Antsword"}, {"stime": 1730306972935259, "etime": 1730306972935259, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51518, "dest_port": 8888, "protocol": "tls", "result": "Antsword"}, {"stime": 1730306780057954, "etime": 1730306780057954, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51461, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306999124404, "etime": 1730306999124404, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51524, "dest_port": 8888, "protocol": "tls", "result": "Antsword"}, {"stime": 1730306759963385, "etime": 1730306759963385, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51456, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306699952572, "etime": 1730306699952572, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51449, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306769980137, "etime": 1730306769980137, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51458, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306939682445, "etime": 1730306939682445, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51509, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306982953360, "etime": 1730306982953360, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51519, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306863407054, "etime": 1730306863407054, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51488, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306885942353, "etime": 1730306885942353, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51495, "dest_port": 8888, "protocol": "tls", "result": "Antsword"}, {"stime": 1730306780110724, "etime": 1730306780110724, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51462, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1730306969855314, "etime": 1730306969855314, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51516, "dest_port": 8888, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:43:47.584] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 18|max_alert: 1000
[2025-12-09 20:43:47.584] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:43:47.584] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:43:47.584] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24276 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID1-1-tls1.2CS4.8_win11_kali_jdk_IP.1730650871.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID1-1-tls1.2CS4.8_win11_kali_jdk_IP.1730650871.jsonl?X-Amz-Date=20251209T124325Z&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=35181212600868d66e6ac6398f49a47cc06a41e944d6faf8657ab959d2ecda1c"}
[2025-12-09 20:43:47.584] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:43:47.584] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:43:47.584] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:43:47.584] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:43:47.584] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:43:47.584] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:43:49.621] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID1-1-tls1.2CS4.8_win11_kali_jdk_IP.1730650871.jsonl|result:{"code": 1, "total_count": 49, "abnormal_count": 11, "normal_count": 38, "alert_count": 11, "timestamp": 1765313029620, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1730651004012337, "etime": 1730651004012337, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50513, "dest_port": 7777, "protocol": "tls", "result": "Antsword"}, {"stime": 1730651024145556, "etime": 1730651024145556, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50520, "dest_port": 7777, "protocol": "tls", "result": "Antsword"}, {"stime": 1730650871153187, "etime": 1730650871153187, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50431, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730651207059061, "etime": 1730651207059061, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50552, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730651024100419, "etime": 1730651024100419, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50519, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730651167012302, "etime": 1730651167012302, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50547, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730651001575330, "etime": 1730651001575330, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50512, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730650981277395, "etime": 1730650981277395, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50506, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730651080761127, "etime": 1730651080761127, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50533, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730651257141375, "etime": 1730651257141375, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50560, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730651070740864, "etime": 1730651070740864, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50531, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730650931162802, "etime": 1730650931162802, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50436, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730650991559086, "etime": 1730650991559086, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50510, "dest_port": 7777, "protocol": "tls", "result": "Godzilla"}, {"stime": 1730651157005265, "etime": 1730651157005265, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50546, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730651187041417, "etime": 1730651187041417, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50550, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730651177027515, "etime": 1730651177027515, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50548, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730651287186796, "etime": 1730651287186796, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50566, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730651227093329, "etime": 1730651227093329, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50556, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730651044385039, "etime": 1730651044385039, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50524, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730651100792722, "etime": 1730651100792722, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50537, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730651123907189, "etime": 1730651123907189, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50541, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730650981332050, "etime": 1730650981332050, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50507, "dest_port": 7777, "protocol": "tls", "result": "Antsword"}, {"stime": 1730651034372477, "etime": 1730651034372477, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50522, "dest_port": 7777, "protocol": "tls", "result": "Antsword"}, {"stime": 1730650941175489, "etime": 1730650941175489, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50439, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730651126982174, "etime": 1730651126982174, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50542, "dest_port": 7777, "protocol": "tls", "result": "Antsword"}, {"stime": 1730650971209447, "etime": 1730650971209447, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50487, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730651110807893, "etime": 1730651110807893, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50539, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730650991346914, "etime": 1730650991346914, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50509, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730651014030963, "etime": 1730651014030963, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50515, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730651090776690, "etime": 1730651090776690, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50534, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730651014087814, "etime": 1730651014087814, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50516, "dest_port": 7777, "protocol": "tls", "result": "Antsword"}, {"stime": 1730651113889540, "etime": 1730651113889540, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50540, "dest_port": 7777, "protocol": "tls", "result": "Antsword"}, {"stime": 1730651146998109, "etime": 1730651146998109, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50545, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730651217076086, "etime": 1730651217076086, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50554, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730651060731767, "etime": 1730651060731767, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50529, "dest_port": 7777, "protocol": "tls", "result": "Antsword"}, {"stime": 1730651237109610, "etime": 1730651237109610, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50557, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730651197050866, "etime": 1730651197050866, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50551, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730651267154886, "etime": 1730651267154886, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50562, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730650951185173, "etime": 1730650951185173, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50455, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730651057651736, "etime": 1730651057651736, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50527, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730651287181887, "etime": 1730651287181887, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50565, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730651034152861, "etime": 1730651034152861, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50521, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730651136990538, "etime": 1730651136990538, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50543, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730651047645662, "etime": 1730651047645662, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50525, "dest_port": 7777, "protocol": "tls", "result": "Antsword"}, {"stime": 1730650961197273, "etime": 1730650961197273, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50469, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730650971260206, "etime": 1730650971260206, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50488, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730651247125994, "etime": 1730651247125994, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50558, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730650871123534, "etime": 1730650871123534, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50430, "dest_port": 7777, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1730651277162522, "etime": 1730651277162522, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50563, "dest_port": 7777, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:43:49.621] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 11|max_alert: 1000
[2025-12-09 20:43:49.621] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:43:49.621] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:43:49.621] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25952 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID1-1-tls1.3CS4.8_win11_kali_jdk_IP.1730649414.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID1-1-tls1.3CS4.8_win11_kali_jdk_IP.1730649414.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T124328Z&X-Amz-Signature=9138b10cf6d1a4b2b2de1ad52d0a09058b7c1eafb65ca844eb6ab0aedaa9638a&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:43:49.621] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:43:49.621] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:43:49.621] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:43:49.621] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:43:49.621] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:43:49.622] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:43:51.444] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID1-1-tls1.3CS4.8_win11_kali_jdk_IP.1730649414.jsonl|result:{"code": 1, "total_count": 44, "abnormal_count": 9, "normal_count": 35, "alert_count": 9, "timestamp": 1765313031443, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1730649770859960, "etime": 1730649770859960, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50116, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730649474701250, "etime": 1730649474701250, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50000, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730649707684508, "etime": 1730649707684508, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50085, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730649687659265, "etime": 1730649687659265, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50056, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730649737720433, "etime": 1730649737720433, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50095, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730649780881596, "etime": 1730649780881596, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50123, "dest_port": 7777, "protocol": "tls", "result": "Antsword"}, {"stime": 1730649547731233, "etime": 1730649547731233, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50018, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730649557845655, "etime": 1730649557845655, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50021, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730649504806956, "etime": 1730649504806956, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50007, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730649697670645, "etime": 1730649697670645, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50079, "dest_port": 7777, "protocol": "tls", "result": "Antsword"}, {"stime": 1730649414691127, "etime": 1730649414691127, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 49983, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730649484716607, "etime": 1730649484716607, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50001, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730649547797336, "etime": 1730649547797336, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50019, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730649414659758, "etime": 1730649414659758, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 49982, "dest_port": 7777, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1730649494725971, "etime": 1730649494725971, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50005, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730649627565203, "etime": 1730649627565203, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50038, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730649557803171, "etime": 1730649557803171, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50020, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730649581336068, "etime": 1730649581336068, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50028, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730649614469083, "etime": 1730649614469083, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50035, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730649535092836, "etime": 1730649535092836, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50016, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730649578085125, "etime": 1730649578085125, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50027, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730649514865659, "etime": 1730649514865659, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50009, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730649594444293, "etime": 1730649594444293, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50030, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730649647597541, "etime": 1730649647597541, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50043, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730649525081580, "etime": 1730649525081580, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50011, "dest_port": 7777, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1730649514812967, "etime": 1730649514812967, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50008, "dest_port": 7777, "protocol": "tls", "result": "Antsword"}, {"stime": 1730649677648278, "etime": 1730649677648278, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50051, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730649727712260, "etime": 1730649727712260, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50091, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730649537720561, "etime": 1730649537720561, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50017, "dest_port": 7777, "protocol": "tls", "result": "Antsword"}, {"stime": 1730649604460002, "etime": 1730649604460002, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50031, "dest_port": 7777, "protocol": "tls", "result": "Antsword"}, {"stime": 1730649504742021, "etime": 1730649504742021, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50006, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730649667628567, "etime": 1730649667628567, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50050, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730649567857696, "etime": 1730649567857696, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50022, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730649757757476, "etime": 1730649757757476, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50111, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730649617547634, "etime": 1730649617547634, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50037, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730649524871839, "etime": 1730649524871839, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50010, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730649568066417, "etime": 1730649568066417, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50023, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730649637583218, "etime": 1730649637583218, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50040, "dest_port": 7777, "protocol": "tls", "result": "Antsword"}, {"stime": 1730649591354379, "etime": 1730649591354379, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50029, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730649657618377, "etime": 1730649657618377, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50047, "dest_port": 7777, "protocol": "tls", "result": "Antsword"}, {"stime": 1730649747734126, "etime": 1730649747734126, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50099, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730649780875317, "etime": 1730649780875317, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50122, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730649717693314, "etime": 1730649717693314, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50087, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730649767776923, "etime": 1730649767776923, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50115, "dest_port": 7777, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:43:51.444] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 9|max_alert: 1000
[2025-12-09 20:43:51.444] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:43:51.444] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:43:51.444] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25953 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID1-4-tls1.2CS4.8_win11_kali_jdk_Domain.1730650467.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID1-4-tls1.2CS4.8_win11_kali_jdk_Domain.1730650467.jsonl?X-Amz-Date=20251209T124332Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=61bb8a6f4ed87047cba1584e4b5a5eae16fd039cd6f032e2fd7f58632a00e5c6"}
[2025-12-09 20:43:51.444] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:43:51.444] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:43:51.444] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:43:51.444] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:43:51.444] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:43:51.445] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:43:53.390] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID1-4-tls1.2CS4.8_win11_kali_jdk_Domain.1730650467.jsonl|result:{"code": 1, "total_count": 47, "abnormal_count": 19, "normal_count": 28, "alert_count": 19, "timestamp": 1765313033389, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1730650636725089, "etime": 1730650636725089, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50324, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650467219329, "etime": 1730650467219329, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50284, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1730650600184239, "etime": 1730650600184239, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50314, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650683332265, "etime": 1730650683332265, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50336, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650765912697, "etime": 1730650765912697, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50356, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650527265404, "etime": 1730650527265404, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50290, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650646746313, "etime": 1730650646746313, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50326, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650696601290, "etime": 1730650696601290, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50340, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1730650659860870, "etime": 1730650659860870, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50330, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650802126606, "etime": 1730650802126606, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50371, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650779010288, "etime": 1730650779010288, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50360, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650547348395, "etime": 1730650547348395, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50298, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650693522013, "etime": 1730650693522013, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50338, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650537282791, "etime": 1730650537282791, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50295, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650570058265, "etime": 1730650570058265, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50304, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1730650649841952, "etime": 1730650649841952, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50327, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1730650580118318, "etime": 1730650580118318, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50309, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1730650663111412, "etime": 1730650663111412, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50332, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1730650547398113, "etime": 1730650547398113, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50299, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1730650610377010, "etime": 1730650610377010, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50317, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650623632871, "etime": 1730650623632871, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50322, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650709683576, "etime": 1730650709683576, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50346, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1730650729713175, "etime": 1730650729713175, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50348, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650467250677, "etime": 1730650467250677, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50285, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650732790756, "etime": 1730650732790756, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50349, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1730650673320112, "etime": 1730650673320112, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50335, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1730650590133830, "etime": 1730650590133830, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50311, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650567623425, "etime": 1730650567623425, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50303, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650755894446, "etime": 1730650755894446, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50355, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650802120430, "etime": 1730650802120430, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50370, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650745879983, "etime": 1730650745879983, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50354, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1730650590173564, "etime": 1730650590173564, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50312, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1730650557605551, "etime": 1730650557605551, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50301, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1730650706616418, "etime": 1730650706616418, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50345, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650537333246, "etime": 1730650537333246, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50296, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650557411024, "etime": 1730650557411024, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50300, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650600373305, "etime": 1730650600373305, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50315, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1730650673126108, "etime": 1730650673126108, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50334, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650792102751, "etime": 1730650792102751, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50369, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1730650683515783, "etime": 1730650683515783, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50337, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1730650719694237, "etime": 1730650719694237, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50347, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650626707198, "etime": 1730650626707198, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50323, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1730650768999969, "etime": 1730650768999969, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50357, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1730650613627384, "etime": 1730650613627384, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50318, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1730650789022808, "etime": 1730650789022808, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50367, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650580064698, "etime": 1730650580064698, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50308, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650742797506, "etime": 1730650742797506, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50353, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:43:53.390] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 19|max_alert: 1000
[2025-12-09 20:43:53.390] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:43:53.390] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:43:53.390] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25954 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.1726814632.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.1726814632.jsonl?X-Amz-Date=20251209T124335Z&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=f7d85e068a5ddf97baae90dda5503a791e4dc2a96b01d2aa052b9237b36c9e51"}
[2025-12-09 20:43:53.390] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:43:53.390] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:43:53.390] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:43:53.390] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:43:53.390] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:43:53.390] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:43:53.891] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.1726814632.jsonl|result:{"code": 1, "total_count": 12, "abnormal_count": 11, "normal_count": 1, "alert_count": 11, "timestamp": 1765313033891, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726814875856371, "etime": 1726814875856371, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51810, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726814891301072, "etime": 1726814891301072, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51811, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726814724556757, "etime": 1726814724556757, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51805, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726814707450913, "etime": 1726814707450913, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51802, "dest_port": 446, "protocol": "tls", "result": "Behinder"}, {"stime": 1726814799990987, "etime": 1726814799990987, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51807, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726814815421540, "etime": 1726814815421540, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51808, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726814967196763, "etime": 1726814967196763, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51814, "dest_port": 446, "protocol": "tls", "result": "Antsword"}, {"stime": 1726815043086014, "etime": 1726815043086014, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51817, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726814723520596, "etime": 1726814723520596, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.137", "src_port": 51804, "dest_port": 22, "protocol": "tls", "result": "Normal"}, {"stime": 1726814632001396, "etime": 1726814632001396, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51800, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726815027628973, "etime": 1726815027628973, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51816, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726814951753833, "etime": 1726814951753833, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51813, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:43:53.891] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 11|max_alert: 1000
[2025-12-09 20:43:53.891] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:43:53.891] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:43:53.891] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25955 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.1726796372.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.1726796372.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=0c9927fd6d8bc0795b632c774e2c015954be41fd0b5aaad06be09be02386e3bd&X-Amz-Date=20251209T124338Z&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:43:53.891] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:43:53.891] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:43:53.891] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:43:53.891] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:43:53.891] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:43:53.892] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:43:54.390] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.1726796372.jsonl|result:{"code": 1, "total_count": 12, "abnormal_count": 11, "normal_count": 1, "alert_count": 11, "timestamp": 1765313034390, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726796616036795, "etime": 1726796616036795, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51152, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726796463705132, "etime": 1726796463705132, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.137", "src_port": 51146, "dest_port": 22, "protocol": "tls", "result": "Normal"}, {"stime": 1726796372166386, "etime": 1726796372166386, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51142, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726796540166380, "etime": 1726796540166380, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51149, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726796631511396, "etime": 1726796631511396, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51153, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726796555607769, "etime": 1726796555607769, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51150, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726796783315699, "etime": 1726796783315699, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51159, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726796691923763, "etime": 1726796691923763, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51155, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726796447607414, "etime": 1726796447607414, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51144, "dest_port": 443, "protocol": "tls", "result": "Behinder"}, {"stime": 1726796707365874, "etime": 1726796707365874, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51156, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1726796767859603, "etime": 1726796767859603, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51158, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726796464731835, "etime": 1726796464731835, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51147, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:43:54.390] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 11|max_alert: 1000
[2025-12-09 20:43:54.390] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:43:54.390] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:43:54.390] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25956 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.1726817457.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.1726817457.jsonl?X-Amz-Date=20251209T124341Z&X-Amz-Expires=604800&X-Amz-Signature=03b96799ce081ee36a9def1bfbfaa1a313ca86bc47e4b4d2267f37450a724ee9&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 20:43:54.390] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:43:54.390] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:43:54.390] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:43:54.390] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:43:54.390] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:43:54.391] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:43:54.891] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.1726817457.jsonl|result:{"code": 1, "total_count": 12, "abnormal_count": 11, "normal_count": 1, "alert_count": 11, "timestamp": 1765313034890, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726817837490769, "etime": 1726817837490769, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51913, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726817761587139, "etime": 1726817761587139, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51910, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726817625182947, "etime": 1726817625182947, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51905, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726817548826889, "etime": 1726817548826889, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.137", "src_port": 51901, "dest_port": 22, "protocol": "tls", "result": "Normal"}, {"stime": 1726817685669791, "etime": 1726817685669791, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51907, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726817549330216, "etime": 1726817549330216, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51902, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726817457283627, "etime": 1726817457283627, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51898, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726817852939448, "etime": 1726817852939448, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51914, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726817609754651, "etime": 1726817609754651, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51904, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726817777020698, "etime": 1726817777020698, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51911, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1726817701131928, "etime": 1726817701131928, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51908, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726817532765719, "etime": 1726817532765719, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51900, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:43:54.891] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 11|max_alert: 1000
[2025-12-09 20:43:54.891] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:43:54.891] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:43:54.891] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24710 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.1726800568.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.1726800568.jsonl?X-Amz-Expires=604800&X-Amz-Signature=f0db11050b53b885a80a51fb3721b0cbf4e2f634f36a72e13711950dfa2a0a1d&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T124345Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:43:54.891] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:43:54.891] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:43:54.891] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:43:54.891] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:43:54.891] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:43:54.891] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:43:55.393] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.1726800568.jsonl|result:{"code": 1, "total_count": 12, "abnormal_count": 11, "normal_count": 1, "alert_count": 11, "timestamp": 1765313035392, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726800827740005, "etime": 1726800827740005, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51271, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726800660429479, "etime": 1726800660429479, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.137", "src_port": 51264, "dest_port": 22, "protocol": "tls", "result": "Normal"}, {"stime": 1726800660944253, "etime": 1726800660944253, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51265, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726800736369572, "etime": 1726800736369572, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51267, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726800903601288, "etime": 1726800903601288, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51274, "dest_port": 446, "protocol": "tls", "result": "Antsword"}, {"stime": 1726800979479221, "etime": 1726800979479221, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51277, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726800644346585, "etime": 1726800644346585, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51262, "dest_port": 446, "protocol": "tls", "result": "Behinder"}, {"stime": 1726800568894429, "etime": 1726800568894429, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51260, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726800964034758, "etime": 1726800964034758, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51276, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726800751837711, "etime": 1726800751837711, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51268, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726800888157473, "etime": 1726800888157473, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51273, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726800812294590, "etime": 1726800812294590, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51270, "dest_port": 446, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:43:55.393] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 11|max_alert: 1000
[2025-12-09 20:43:55.393] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:43:55.393] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:43:55.393] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24277 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID1-4-tls1.3CS4.8_win11_kali_jdk_Domain.1730649909.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID1-4-tls1.3CS4.8_win11_kali_jdk_Domain.1730649909.jsonl?X-Amz-Signature=02dd69d519ddac6d0f1583c3fd879021a950e5b6609e006110c4eb160509e671&X-Amz-Date=20251209T124348Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host"}
[2025-12-09 20:43:55.393] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:43:55.393] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:43:55.393] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:43:55.393] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:43:55.393] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:43:55.393] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:43:57.298] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID1-4-tls1.3CS4.8_win11_kali_jdk_Domain.1730649909.jsonl|result:{"code": 1, "total_count": 41, "abnormal_count": 10, "normal_count": 31, "alert_count": 10, "timestamp": 1765313037297, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1730650122248709, "etime": 1730650122248709, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50218, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650178469668, "etime": 1730650178469668, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50235, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650175389967, "etime": 1730650175389967, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50233, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1730650066018622, "etime": 1730650066018622, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50207, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730649999755423, "etime": 1730649999755423, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50159, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650022421299, "etime": 1730650022421299, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50195, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1730649989741616, "etime": 1730649989741616, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50158, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1730650208511833, "etime": 1730650208511833, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50240, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730649909567128, "etime": 1730649909567128, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50141, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1730650092209167, "etime": 1730650092209167, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50211, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650102231904, "etime": 1730650102231904, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50216, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730649909596500, "etime": 1730649909596500, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50142, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650042546438, "etime": 1730650042546438, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50200, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730649979685059, "etime": 1730649979685059, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50155, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650112240220, "etime": 1730650112240220, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50217, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730649969616362, "etime": 1730649969616362, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50150, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1730650188480292, "etime": 1730650188480292, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50237, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730649989691367, "etime": 1730649989691367, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50157, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730649979631484, "etime": 1730649979631484, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50154, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650012402831, "etime": 1730650012402831, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50163, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1730650069103891, "etime": 1730650069103891, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50208, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1730650082194703, "etime": 1730650082194703, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50210, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650228530388, "etime": 1730650228530388, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50245, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650022478815, "etime": 1730650022478815, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50196, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650032529670, "etime": 1730650032529670, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50198, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1730650009971550, "etime": 1730650009971550, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50161, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650079123149, "etime": 1730650079123149, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50209, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650165383123, "etime": 1730650165383123, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50231, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650218521940, "etime": 1730650218521940, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50243, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730649999962727, "etime": 1730649999962727, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50160, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1730650052749438, "etime": 1730650052749438, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50202, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650238549857, "etime": 1730650238549857, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50246, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650155372298, "etime": 1730650155372298, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50228, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1730650142281713, "etime": 1730650142281713, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50224, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650055999837, "etime": 1730650055999837, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50205, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650152287645, "etime": 1730650152287645, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50226, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650032486498, "etime": 1730650032486498, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50197, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650238555411, "etime": 1730650238555411, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50247, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650198496516, "etime": 1730650198496516, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50239, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650132267815, "etime": 1730650132267815, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50219, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1730650042735709, "etime": 1730650042735709, "src_ip": "172.20.15.142", "dest_ip": "172.20.5.122", "src_port": 50201, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:43:57.298] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 10|max_alert: 1000
[2025-12-09 20:43:57.298] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:43:57.298] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:43:57.298] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24278 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID43-tls1.2CS4.8_windowsserver2016_ubuntu_jdk_domain.1727400446.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID43-tls1.2CS4.8_windowsserver2016_ubuntu_jdk_domain.1727400446.jsonl?X-Amz-Signature=a0a20417c5f27b2e34337a417fc9e0660bf55ef9be1b11baa0a93e416d98affe&X-Amz-Expires=604800&X-Amz-Date=20251209T124351Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:43:57.298] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:43:57.298] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:43:57.298] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:43:57.298] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:43:57.298] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:43:57.298] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:44:00.298] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID43-tls1.2CS4.8_windowsserver2016_ubuntu_jdk_domain.1727400446.jsonl|result:{"code": 1, "total_count": 72, "abnormal_count": 10, "normal_count": 62, "alert_count": 10, "timestamp": 1765313040297, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727400509069861, "etime": 1727400509069861, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50143, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400511100207, "etime": 1727400511100207, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50145, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400536547477, "etime": 1727400536547477, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50173, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400557834786, "etime": 1727400557834786, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50196, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400565069503, "etime": 1727400565069503, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50205, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400548522245, "etime": 1727400548522245, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50184, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400549599304, "etime": 1727400549599304, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50186, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400531352998, "etime": 1727400531352998, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50166, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400531399354, "etime": 1727400531399354, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50167, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400553709756, "etime": 1727400553709756, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50191, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400516905903, "etime": 1727400516905903, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50149, "dest_port": 8843, "protocol": "tls", "result": "Antsword"}, {"stime": 1727400547506681, "etime": 1727400547506681, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50183, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400549537864, "etime": 1727400549537864, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50185, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400559881792, "etime": 1727400559881792, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50198, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400564059195, "etime": 1727400564059195, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50204, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400518944338, "etime": 1727400518944338, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50151, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400538586676, "etime": 1727400538586676, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50175, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400446892135, "etime": 1727400446892135, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50139, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400546350400, "etime": 1727400546350400, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50181, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400508060309, "etime": 1727400508060309, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50142, "dest_port": 8843, "protocol": "tls", "result": "Antsword"}, {"stime": 1727400525192010, "etime": 1727400525192010, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50159, "dest_port": 8843, "protocol": "tls", "result": "Antsword"}, {"stime": 1727400540634280, "etime": 1727400540634280, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50177, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400559938370, "etime": 1727400559938370, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50199, "dest_port": 8843, "protocol": "tls", "result": "Antsword"}, {"stime": 1727400530335392, "etime": 1727400530335392, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50165, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400562975282, "etime": 1727400562975282, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50202, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400522053574, "etime": 1727400522053574, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50155, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400529320914, "etime": 1727400529320914, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50164, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400520008091, "etime": 1727400520008091, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50153, "dest_port": 8843, "protocol": "tls", "result": "Behinder"}, {"stime": 1727400539599886, "etime": 1727400539599886, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50176, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400546485584, "etime": 1727400546485584, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50182, "dest_port": 8843, "protocol": "tls", "result": "Antsword"}, {"stime": 1727400512116963, "etime": 1727400512116963, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50146, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400533430831, "etime": 1727400533430831, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50169, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400551632084, "etime": 1727400551632084, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50188, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400521042588, "etime": 1727400521042588, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50154, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400525133909, "etime": 1727400525133909, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50158, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400519959748, "etime": 1727400519959748, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50152, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400526209717, "etime": 1727400526209717, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50160, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400550615914, "etime": 1727400550615914, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50187, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400560944449, "etime": 1727400560944449, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50200, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400532413312, "etime": 1727400532413312, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50168, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400544317379, "etime": 1727400544317379, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50179, "dest_port": 8843, "protocol": "tls", "result": "Antsword"}, {"stime": 1727400564008701, "etime": 1727400564008701, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50203, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400556821157, "etime": 1727400556821157, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50195, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400566084709, "etime": 1727400566084709, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50206, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400517929611, "etime": 1727400517929611, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50150, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400552694168, "etime": 1727400552694168, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50190, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400510084549, "etime": 1727400510084549, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50144, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400567100575, "etime": 1727400567100575, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50207, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400561961465, "etime": 1727400561961465, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50201, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400506912915, "etime": 1727400506912915, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50140, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400568138371, "etime": 1727400568138371, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50209, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400529273494, "etime": 1727400529273494, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50163, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400523086730, "etime": 1727400523086730, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50156, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400554787391, "etime": 1727400554787391, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50193, "dest_port": 8843, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727400527227416, "etime": 1727400527227416, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50161, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400446842971, "etime": 1727400446842971, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50138, "dest_port": 8843, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727400568131793, "etime": 1727400568131793, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50208, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400536491077, "etime": 1727400536491077, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50172, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400537554217, "etime": 1727400537554217, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50174, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400541647564, "etime": 1727400541647564, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50178, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400524100498, "etime": 1727400524100498, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50157, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400555803864, "etime": 1727400555803864, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50194, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400534444312, "etime": 1727400534444312, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50170, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400535476333, "etime": 1727400535476333, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50171, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400545335403, "etime": 1727400545335403, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50180, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400507928153, "etime": 1727400507928153, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50141, "dest_port": 8843, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727400514147670, "etime": 1727400514147670, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50148, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400551678762, "etime": 1727400551678762, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50189, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400528241114, "etime": 1727400528241114, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50162, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400513131751, "etime": 1727400513131751, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50147, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400554725133, "etime": 1727400554725133, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50192, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727400558869310, "etime": 1727400558869310, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50197, "dest_port": 8843, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:44:00.298] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 10|max_alert: 1000
[2025-12-09 20:44:00.298] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:44:00.298] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:44:00.298] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25957 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID45-tls1.2CS4.8_windowsserver2022_kali_jdk_domain.1727333188.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID45-tls1.2CS4.8_windowsserver2022_kali_jdk_domain.1727333188.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T124354Z&X-Amz-Expires=604800&X-Amz-Signature=6825da35ed71002d89867cadb3e46cc65766a11a2c55a9646b76d97554ba01eb&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:44:00.298] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:44:00.298] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:44:00.298] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:44:00.298] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:44:00.298] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:44:00.298] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:44:03.260] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID45-tls1.2CS4.8_windowsserver2022_kali_jdk_domain.1727333188.jsonl|result:{"code": 1, "total_count": 71, "abnormal_count": 17, "normal_count": 54, "alert_count": 17, "timestamp": 1765313043258, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727333294159411, "etime": 1727333294159411, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52207, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333261628525, "etime": 1727333261628525, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52173, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333264862107, "etime": 1727333264862107, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52177, "dest_port": 8443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727333275659241, "etime": 1727333275659241, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52186, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333282846989, "etime": 1727333282846989, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52194, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333285956593, "etime": 1727333285956593, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52198, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333296205507, "etime": 1727333296205507, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52209, "dest_port": 8443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727333290105444, "etime": 1727333290105444, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52203, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333298236923, "etime": 1727333298236923, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52211, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333308393026, "etime": 1727333308393026, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52221, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333256549240, "etime": 1727333256549240, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52168, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333254455729, "etime": 1727333254455729, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52165, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333310424599, "etime": 1727333310424599, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52223, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333312455697, "etime": 1727333312455697, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52225, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333273628918, "etime": 1727333273628918, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52184, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333252424266, "etime": 1727333252424266, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52163, "dest_port": 8443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727333278784211, "etime": 1727333278784211, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52190, "dest_port": 8443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727333258581678, "etime": 1727333258581678, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52170, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333309408998, "etime": 1727333309408998, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52222, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333272580977, "etime": 1727333272580977, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52183, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333271558241, "etime": 1727333271558241, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52182, "dest_port": 8443, "protocol": "tls", "result": "Behinder"}, {"stime": 1727333313487289, "etime": 1727333313487289, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52226, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333292127689, "etime": 1727333292127689, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52205, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333262643439, "etime": 1727333262643439, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52174, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333291112664, "etime": 1727333291112664, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52204, "dest_port": 8443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727333313497597, "etime": 1727333313497597, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52227, "dest_port": 8443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727333301283841, "etime": 1727333301283841, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52214, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333311440739, "etime": 1727333311440739, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52224, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333305346402, "etime": 1727333305346402, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52218, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333257565537, "etime": 1727333257565537, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52169, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333248362642, "etime": 1727333248362642, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52159, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333299252974, "etime": 1727333299252974, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52212, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333286971193, "etime": 1727333286971193, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52199, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333306362517, "etime": 1727333306362517, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52219, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333277769526, "etime": 1727333277769526, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52189, "dest_port": 8443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727333284940709, "etime": 1727333284940709, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52197, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333188339916, "etime": 1727333188339916, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52157, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333302300427, "etime": 1727333302300427, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52215, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333276674272, "etime": 1727333276674272, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52187, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333255471904, "etime": 1727333255471904, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52166, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333300268124, "etime": 1727333300268124, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52213, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333250393607, "etime": 1727333250393607, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52161, "dest_port": 8443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727333266892992, "etime": 1727333266892992, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52179, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333249378266, "etime": 1727333249378266, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52160, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333260612436, "etime": 1727333260612436, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52172, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333297221503, "etime": 1727333297221503, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52210, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333304331111, "etime": 1727333304331111, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52217, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333251408832, "etime": 1727333251408832, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52162, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333307377585, "etime": 1727333307377585, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52220, "dest_port": 8443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727333289018060, "etime": 1727333289018060, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52201, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333280815856, "etime": 1727333280815856, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52192, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333277689762, "etime": 1727333277689762, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52188, "dest_port": 8443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727333283861819, "etime": 1727333283861819, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52195, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333274643242, "etime": 1727333274643242, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52185, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333295174680, "etime": 1727333295174680, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52208, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333279799400, "etime": 1727333279799400, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52191, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333288003860, "etime": 1727333288003860, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52200, "dest_port": 8443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727333188283432, "etime": 1727333188283432, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52156, "dest_port": 8443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727333290034250, "etime": 1727333290034250, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52202, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333262836001, "etime": 1727333262836001, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52175, "dest_port": 8443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727333265878090, "etime": 1727333265878090, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52178, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333263847217, "etime": 1727333263847217, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52176, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333256486957, "etime": 1727333256486957, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52167, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333259596471, "etime": 1727333259596471, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52171, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333267908893, "etime": 1727333267908893, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52180, "dest_port": 8443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727333253440561, "etime": 1727333253440561, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52164, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333268924756, "etime": 1727333268924756, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52181, "dest_port": 8443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727333281830955, "etime": 1727333281830955, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52193, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333293143367, "etime": 1727333293143367, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52206, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333303315361, "etime": 1727333303315361, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52216, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727333283923695, "etime": 1727333283923695, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52196, "dest_port": 8443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:44:03.260] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 17|max_alert: 1000
[2025-12-09 20:44:03.260] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:44:03.260] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:44:03.260] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24279 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID11-httpCS4.8_win8.1_ubuntu_jdk_domain.1726068805.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID11-httpCS4.8_win8.1_ubuntu_jdk_domain.1726068805.jsonl?X-Amz-Signature=27b2996c278d46edefc25df3d8d2a37ec2986295e6935debdf4f26fba42c1457&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T124357Z&X-Amz-SignedHeaders=host"}
[2025-12-09 20:44:03.260] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:44:03.260] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:44:03.260] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:44:03.260] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:44:03.260] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:44:03.260] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:44:04.308] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID11-httpCS4.8_win8.1_ubuntu_jdk_domain.1726068805.jsonl|result:{"code": 0, "total_count": 25, "abnormal_count": 0, "normal_count": 25, "alert_count": 0, "timestamp": 1765313044308, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726068990730517, "etime": 1726068990730517, "src_ip": "192.168.32.43", "dest_ip": "138.113.153.218", "src_port": 49378, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1726069051040302, "etime": 1726069051040302, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49384, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726068988745056, "etime": 1726068988745056, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49374, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726069056118382, "etime": 1726069056118382, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49389, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726069052055780, "etime": 1726069052055780, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49385, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726068990729116, "etime": 1726068990729116, "src_ip": "192.168.32.43", "dest_ip": "138.113.153.218", "src_port": 49375, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1726069055102902, "etime": 1726069055102902, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49388, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726069054087286, "etime": 1726069054087286, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49387, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726068990729834, "etime": 1726068990729834, "src_ip": "192.168.32.43", "dest_ip": "23.63.243.99", "src_port": 49376, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1726069060180943, "etime": 1726069060180943, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49393, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726069059165864, "etime": 1726069059165864, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49392, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726069016556267, "etime": 1726069016556267, "src_ip": "192.168.32.43", "dest_ip": "149.100.155.122", "src_port": 49380, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726068914530781, "etime": 1726068914530781, "src_ip": "192.168.32.43", "dest_ip": "149.100.155.122", "src_port": 49371, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726068990730163, "etime": 1726068990730163, "src_ip": "192.168.32.43", "dest_ip": "23.222.166.237", "src_port": 49377, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1726069050030675, "etime": 1726069050030675, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49383, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726069058149907, "etime": 1726069058149907, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49391, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726068812466269, "etime": 1726068812466269, "src_ip": "192.168.32.43", "dest_ip": "149.100.155.122", "src_port": 49369, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726068812185487, "etime": 1726068812185487, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49368, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726068991038542, "etime": 1726068991038542, "src_ip": "192.168.32.43", "dest_ip": "138.113.153.218", "src_port": 49379, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1726069057134115, "etime": 1726069057134115, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49390, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726069061200488, "etime": 1726069061200488, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49395, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726068988724705, "etime": 1726068988724705, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49373, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726069048759324, "etime": 1726069048759324, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49382, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726069053071697, "etime": 1726069053071697, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49386, "dest_port": 8889, "protocol": "tls", "result": "Normal"}, {"stime": 1726069061196890, "etime": 1726069061196890, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49394, "dest_port": 8889, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:44:04.308] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:44:04.308] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25958 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID2-4-tls1.3CS4.8_win11_kali_openjdk_IP.1730305580.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID2-4-tls1.3CS4.8_win11_kali_openjdk_IP.1730305580.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=65d2450c61301439217417f6b2096eeef819979866ec6f78055731932c07f02c&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T124401Z"}
[2025-12-09 20:44:04.308] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:44:04.308] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:44:04.308] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:44:04.308] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:44:04.308] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:44:04.309] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:44:05.934] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID2-4-tls1.3CS4.8_win11_kali_openjdk_IP.1730305580.jsonl|result:{"code": 1, "total_count": 39, "abnormal_count": 5, "normal_count": 34, "alert_count": 5, "timestamp": 1765313045933, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1730305691116683, "etime": 1730305691116683, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51247, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305733999703, "etime": 1730305733999703, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51259, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305711393762, "etime": 1730305711393762, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51253, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305814431405, "etime": 1730305814431405, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51278, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305784174592, "etime": 1730305784174592, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51271, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305580859984, "etime": 1730305580859984, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51223, "dest_port": 7777, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1730305794404464, "etime": 1730305794404464, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51273, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305764096970, "etime": 1730305764096970, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51266, "dest_port": 7777, "protocol": "tls", "result": "Antsword"}, {"stime": 1730305804414635, "etime": 1730305804414635, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51276, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305854674372, "etime": 1730305854674372, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51287, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305671041753, "etime": 1730305671041753, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51238, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305774117685, "etime": 1730305774117685, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51268, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305844662367, "etime": 1730305844662367, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51285, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305640910255, "etime": 1730305640910255, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51231, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305824442692, "etime": 1730305824442692, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51280, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305844467217, "etime": 1730305844467217, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51284, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305723980676, "etime": 1730305723980676, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51257, "dest_port": 7777, "protocol": "tls", "result": "Antsword"}, {"stime": 1730305580894265, "etime": 1730305580894265, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51224, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305885062486, "etime": 1730305885062486, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51294, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305877999421, "etime": 1730305877999421, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51292, "dest_port": 7777, "protocol": "tls", "result": "Antsword"}, {"stime": 1730305681050817, "etime": 1730305681050817, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51240, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305774168954, "etime": 1730305774168954, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51269, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305905078756, "etime": 1730305905078756, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51298, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305721406799, "etime": 1730305721406799, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51255, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305650931716, "etime": 1730305650931716, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51234, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305794194849, "etime": 1730305794194849, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51272, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305908330822, "etime": 1730305908330822, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51299, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305661023421, "etime": 1730305661023421, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51236, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305754088566, "etime": 1730305754088566, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51263, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305864683170, "etime": 1730305864683170, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51289, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305895069221, "etime": 1730305895069221, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51296, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305681111167, "etime": 1730305681111167, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51241, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305834460089, "etime": 1730305834460089, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51281, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305701132761, "etime": 1730305701132761, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51248, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305867977949, "etime": 1730305867977949, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51290, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305744007478, "etime": 1730305744007478, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51261, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305744074688, "etime": 1730305744074688, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51262, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305701373933, "etime": 1730305701373933, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51251, "dest_port": 7777, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1730305660938087, "etime": 1730305660938087, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51235, "dest_port": 7777, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:44:05.934] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 5|max_alert: 1000
[2025-12-09 20:44:05.934] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:44:05.934] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:44:05.934] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24711 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID15-tls1.2CS4.8_win8_ubuntu_jdk_IP.1727154295.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID15-tls1.2CS4.8_win8_ubuntu_jdk_IP.1727154295.jsonl?X-Amz-Signature=6fa1e7b94bf3bb57b4aae9d3a8e41603fe08d6044bc63095ebf364362e7afa6b&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T124404Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:44:05.934] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:44:05.934] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:44:05.934] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:44:05.934] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:44:05.934] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:44:05.935] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:44:08.777] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID15-tls1.2CS4.8_win8_ubuntu_jdk_IP.1727154295.jsonl|result:{"code": 1, "total_count": 68, "abnormal_count": 4, "normal_count": 64, "alert_count": 4, "timestamp": 1765313048775, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727154400992329, "etime": 1727154400992329, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50078, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154429107502, "etime": 1727154429107502, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50104, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154393020421, "etime": 1727154393020421, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50071, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154405567524, "etime": 1727154405567524, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50082, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154418277072, "etime": 1727154418277072, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50094, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154402130504, "etime": 1727154402130504, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50079, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154382755488, "etime": 1727154382755488, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50062, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154398714457, "etime": 1727154398714457, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50076, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154415999679, "etime": 1727154415999679, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50092, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154426701626, "etime": 1727154426701626, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50101, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154295827116, "etime": 1727154295827116, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50037, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727154388450397, "etime": 1727154388450397, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50067, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154421662129, "etime": 1727154421662129, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50097, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154359744686, "etime": 1727154359744686, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50041, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154365487319, "etime": 1727154365487319, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50046, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154374613821, "etime": 1727154374613821, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50054, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154404408614, "etime": 1727154404408614, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50081, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154406708021, "etime": 1727154406708021, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50083, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154403269135, "etime": 1727154403269135, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50080, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154420538879, "etime": 1727154420538879, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50096, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154411257465, "etime": 1727154411257465, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50087, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154378200162, "etime": 1727154378200162, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50058, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154419400967, "etime": 1727154419400967, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50095, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154381616195, "etime": 1727154381616195, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50061, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154362037970, "etime": 1727154362037970, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50043, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154368902069, "etime": 1727154368902069, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50049, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154394160030, "etime": 1727154394160030, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50072, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154425546450, "etime": 1727154425546450, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50100, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154385032923, "etime": 1727154385032923, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50064, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154423257403, "etime": 1727154423257403, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50098, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727154297996641, "etime": 1727154297996641, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50038, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727154391883362, "etime": 1727154391883362, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50070, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154428979866, "etime": 1727154428979866, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50103, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154379339524, "etime": 1727154379339524, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50059, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154399852888, "etime": 1727154399852888, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50077, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154414689533, "etime": 1727154414689533, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50090, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154371180467, "etime": 1727154371180467, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50051, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154396437085, "etime": 1727154396437085, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50074, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154417138707, "etime": 1727154417138707, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50093, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154387310014, "etime": 1727154387310014, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50066, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154372334155, "etime": 1727154372334155, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50052, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154367763733, "etime": 1727154367763733, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50048, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154389588152, "etime": 1727154389588152, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50068, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154397575525, "etime": 1727154397575525, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50075, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154373474233, "etime": 1727154373474233, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50053, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154386172021, "etime": 1727154386172021, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50065, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154366624558, "etime": 1727154366624558, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50047, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154364316203, "etime": 1727154364316203, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50045, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154424392228, "etime": 1727154424392228, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50099, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154390726970, "etime": 1727154390726970, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50069, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154374788063, "etime": 1727154374788063, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50055, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727154395314222, "etime": 1727154395314222, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50073, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154360883936, "etime": 1727154360883936, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50042, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154380477770, "etime": 1727154380477770, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50060, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154370041168, "etime": 1727154370041168, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50050, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154358606114, "etime": 1727154358606114, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50040, "dest_port": 443, "protocol": "tls", "result": "Behinder"}, {"stime": 1727154375925218, "etime": 1727154375925218, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50056, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154377060993, "etime": 1727154377060993, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50057, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154414837641, "etime": 1727154414837641, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50091, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154408994815, "etime": 1727154408994815, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50085, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154410135036, "etime": 1727154410135036, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50086, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154407855860, "etime": 1727154407855860, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50084, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154383893578, "etime": 1727154383893578, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50063, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154412395693, "etime": 1727154412395693, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50088, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154427839339, "etime": 1727154427839339, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50102, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154363177456, "etime": 1727154363177456, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50044, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154358235604, "etime": 1727154358235604, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50039, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154413534349, "etime": 1727154413534349, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50089, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:44:08.777] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 4|max_alert: 1000
[2025-12-09 20:44:08.777] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:44:08.777] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:44:08.777] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24280 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID13-tls1.2CS4.8_win8_kali_jdk_IP.1727155835.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID13-tls1.2CS4.8_win8_kali_jdk_IP.1727155835.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=fe4c503dd349abd637c54bb48c2e2838d659e4cee3a761fb3c278b2b3bbdc6b4&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T124407Z"}
[2025-12-09 20:44:08.777] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:44:08.777] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:44:08.777] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:44:08.777] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:44:08.777] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:44:08.777] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:44:11.488] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID13-tls1.2CS4.8_win8_kali_jdk_IP.1727155835.jsonl|result:{"code": 1, "total_count": 65, "abnormal_count": 4, "normal_count": 61, "alert_count": 4, "timestamp": 1765313051487, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727155936778766, "etime": 1727155936778766, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50212, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155957247798, "etime": 1727155957247798, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50231, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155909077365, "etime": 1727155909077365, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50188, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155964081479, "etime": 1727155964081479, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50238, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155965204477, "etime": 1727155965204477, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50239, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155941351369, "etime": 1727155941351369, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50217, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155927620742, "etime": 1727155927620742, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50204, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155925340576, "etime": 1727155925340576, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50202, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155950429450, "etime": 1727155950429450, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50225, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155956108794, "etime": 1727155956108794, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50230, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155900926059, "etime": 1727155900926059, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50180, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155933361099, "etime": 1727155933361099, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50209, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155962943523, "etime": 1727155962943523, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50237, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155952692031, "etime": 1727155952692031, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50227, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155949292616, "etime": 1727155949292616, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50224, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155913970058, "etime": 1727155913970058, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50192, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155958387729, "etime": 1727155958387729, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50232, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155898569655, "etime": 1727155898569655, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50178, "dest_port": 6443, "protocol": "tls", "result": "Behinder"}, {"stime": 1727155939071382, "etime": 1727155939071382, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50215, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155959526905, "etime": 1727155959526905, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50234, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155943627711, "etime": 1727155943627711, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50219, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155935639206, "etime": 1727155935639206, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50211, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155902065002, "etime": 1727155902065002, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50181, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155937917212, "etime": 1727155937917212, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50213, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155940219994, "etime": 1727155940219994, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50216, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155921925704, "etime": 1727155921925704, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50199, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155835716608, "etime": 1727155835716608, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50173, "dest_port": 8001, "protocol": "tls", "result": "Normal"}, {"stime": 1727155920784378, "etime": 1727155920784378, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50198, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155915105607, "etime": 1727155915105607, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50193, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155926481395, "etime": 1727155926481395, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50203, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155945905759, "etime": 1727155945905759, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50221, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155899785684, "etime": 1727155899785684, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50179, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155916244269, "etime": 1727155916244269, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50194, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155898336009, "etime": 1727155898336009, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50177, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155919645066, "etime": 1727155919645066, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50197, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155931036615, "etime": 1727155931036615, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50207, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155903358962, "etime": 1727155903358962, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50183, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155934500451, "etime": 1727155934500451, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50210, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155838135222, "etime": 1727155838135222, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50175, "dest_port": 6443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727155924204120, "etime": 1727155924204120, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50201, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155911377286, "etime": 1727155911377286, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50190, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155947028896, "etime": 1727155947028896, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50222, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155905635876, "etime": 1727155905635876, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50185, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155953831197, "etime": 1727155953831197, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50228, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155910238113, "etime": 1727155910238113, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50189, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155932223276, "etime": 1727155932223276, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50208, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155917367849, "etime": 1727155917367849, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50195, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155923063713, "etime": 1727155923063713, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50200, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155928759806, "etime": 1727155928759806, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50205, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155961803938, "etime": 1727155961803938, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50236, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155948152816, "etime": 1727155948152816, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50223, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155918508007, "etime": 1727155918508007, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50196, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155929897658, "etime": 1727155929897658, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50206, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155944766933, "etime": 1727155944766933, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50220, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155951553583, "etime": 1727155951553583, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50226, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155907929783, "etime": 1727155907929783, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50187, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155960665118, "etime": 1727155960665118, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50235, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155966344497, "etime": 1727155966344497, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50240, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155966471830, "etime": 1727155966471830, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50241, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155954969934, "etime": 1727155954969934, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50229, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155902218820, "etime": 1727155902218820, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50182, "dest_port": 6443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727155906775285, "etime": 1727155906775285, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50186, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155942489252, "etime": 1727155942489252, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50218, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155912827536, "etime": 1727155912827536, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50191, "dest_port": 6443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727155904496837, "etime": 1727155904496837, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50184, "dest_port": 6443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:44:11.488] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 4|max_alert: 1000
[2025-12-09 20:44:11.488] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:44:11.488] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:44:11.488] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25959 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID42-tls1.2CS4.8_windowsserver2016_kali_openjdk_domain.1727340269.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID42-tls1.2CS4.8_windowsserver2016_kali_openjdk_domain.1727340269.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T124410Z&X-Amz-SignedHeaders=host&X-Amz-Signature=456d5d7305557d8cfbddf2560ea4f7d39ad4958f839398559bbf1557a14ac486&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 20:44:11.488] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:44:11.488] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:44:11.488] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:44:11.488] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:44:11.488] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:44:11.489] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:44:14.112] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID42-tls1.2CS4.8_windowsserver2016_kali_openjdk_domain.1727340269.jsonl|result:{"code": 1, "total_count": 63, "abnormal_count": 9, "normal_count": 54, "alert_count": 9, "timestamp": 1765313054111, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727340340601070, "etime": 1727340340601070, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54275, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340349812801, "etime": 1727340349812801, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54286, "dest_port": 8070, "protocol": "tls", "result": "Antsword"}, {"stime": 1727340338445013, "etime": 1727340338445013, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54272, "dest_port": 8070, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727340388868479, "etime": 1727340388868479, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54324, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340374977836, "etime": 1727340374977836, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54311, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340352850874, "etime": 1727340352850874, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54289, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340387834858, "etime": 1727340387834858, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54323, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340354929228, "etime": 1727340354929228, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54292, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340385804172, "etime": 1727340385804172, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54321, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340362147957, "etime": 1727340362147957, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54300, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340347741346, "etime": 1727340347741346, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54283, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340338573019, "etime": 1727340338573019, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54273, "dest_port": 8070, "protocol": "tls", "result": "Antsword"}, {"stime": 1727340360116968, "etime": 1727340360116968, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54298, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340329491921, "etime": 1727340329491921, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54265, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340356960196, "etime": 1727340356960196, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54294, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340337429315, "etime": 1727340337429315, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54271, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340381693638, "etime": 1727340381693638, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54316, "dest_port": 8070, "protocol": "tls", "result": "Behinder"}, {"stime": 1727340384741699, "etime": 1727340384741699, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54319, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340372929150, "etime": 1727340372929150, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54309, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340382710355, "etime": 1727340382710355, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54317, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340269433531, "etime": 1727340269433531, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54263, "dest_port": 8070, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727340386820979, "etime": 1727340386820979, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54322, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340348757365, "etime": 1727340348757365, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54284, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340350819473, "etime": 1727340350819473, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54287, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340370882205, "etime": 1727340370882205, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54307, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340353913368, "etime": 1727340353913368, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54291, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340339585273, "etime": 1727340339585273, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54274, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340345710143, "etime": 1727340345710143, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54281, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340367840125, "etime": 1727340367840125, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54304, "dest_port": 8070, "protocol": "tls", "result": "Behinder"}, {"stime": 1727340330506770, "etime": 1727340330506770, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54266, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340379071249, "etime": 1727340379071249, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54315, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340384787874, "etime": 1727340384787874, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54320, "dest_port": 8070, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727340371914863, "etime": 1727340371914863, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54308, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340346725721, "etime": 1727340346725721, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54282, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340359100955, "etime": 1727340359100955, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54297, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340334382606, "etime": 1727340334382606, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54268, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340352896367, "etime": 1727340352896367, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54290, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340363164625, "etime": 1727340363164625, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54301, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340373961692, "etime": 1727340373961692, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54310, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340336413723, "etime": 1727340336413723, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54270, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340335397669, "etime": 1727340335397669, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54269, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340341616723, "etime": 1727340341616723, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54276, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340368850895, "etime": 1727340368850895, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54305, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340342663417, "etime": 1727340342663417, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54278, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340351835083, "etime": 1727340351835083, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54288, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340269472353, "etime": 1727340269472353, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54264, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340341645916, "etime": 1727340341645916, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54277, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340349772566, "etime": 1727340349772566, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54285, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340344694414, "etime": 1727340344694414, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54280, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340357976370, "etime": 1727340357976370, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54295, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340364179363, "etime": 1727340364179363, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54302, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340333367249, "etime": 1727340333367249, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54267, "dest_port": 8070, "protocol": "tls", "result": "Antsword"}, {"stime": 1727340355944282, "etime": 1727340355944282, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54293, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340343679058, "etime": 1727340343679058, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54279, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340365195175, "etime": 1727340365195175, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54303, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340388875179, "etime": 1727340388875179, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54325, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340361132115, "etime": 1727340361132115, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54299, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340369868313, "etime": 1727340369868313, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54306, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340375991377, "etime": 1727340375991377, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54312, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340377024170, "etime": 1727340377024170, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54313, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340358093985, "etime": 1727340358093985, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54296, "dest_port": 8070, "protocol": "tls", "result": "Antsword"}, {"stime": 1727340378038244, "etime": 1727340378038244, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54314, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727340383726134, "etime": 1727340383726134, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54318, "dest_port": 8070, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:44:14.112] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 9|max_alert: 1000
[2025-12-09 20:44:14.112] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:44:14.112] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:44:14.522] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24281 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_IP.1727159432.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_IP.1727159432.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=717bf42b2367aa759583ec658bd4645c2dbf1c1676a052d538c29b2dd2aa5ff7&X-Amz-Date=20251209T124414Z"}
[2025-12-09 20:44:14.522] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:44:14.522] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:44:14.522] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:44:14.522] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:44:14.522] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:44:14.522] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:44:17.239] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID16-tls1.2CS4.8_win8_ubuntu_openjdk_IP.1727159432.jsonl|result:{"code": 1, "total_count": 65, "abnormal_count": 4, "normal_count": 61, "alert_count": 4, "timestamp": 1765313057237, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727159499211645, "etime": 1727159499211645, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50384, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159511057106, "etime": 1727159511057106, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50396, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159530475199, "etime": 1727159530475199, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50413, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159552144306, "etime": 1727159552144306, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50432, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159516796083, "etime": 1727159516796083, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50401, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159532767578, "etime": 1727159532767578, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50415, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159550988744, "etime": 1727159550988744, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50431, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159559163829, "etime": 1727159559163829, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50439, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159506294959, "etime": 1727159506294959, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50391, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159524765122, "etime": 1727159524765122, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50408, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159539585556, "etime": 1727159539585556, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50421, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159541862347, "etime": 1727159541862347, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50423, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159502889701, "etime": 1727159502889701, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50388, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727159537323377, "etime": 1727159537323377, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50419, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159434902447, "etime": 1727159434902447, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50380, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727159505154952, "etime": 1727159505154952, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50390, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159519086013, "etime": 1727159519086013, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50403, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159528165450, "etime": 1727159528165450, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50411, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159560302284, "etime": 1727159560302284, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50440, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159557838524, "etime": 1727159557838524, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50437, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159512238677, "etime": 1727159512238677, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50397, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159531618000, "etime": 1727159531618000, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50414, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159509726569, "etime": 1727159509726569, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50394, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159554421115, "etime": 1727159554421115, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50434, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159504017260, "etime": 1727159504017260, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50389, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159546417997, "etime": 1727159546417997, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50427, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159496923026, "etime": 1727159496923026, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50382, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727159547564488, "etime": 1727159547564488, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50428, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159540724124, "etime": 1727159540724124, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50422, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159508587004, "etime": 1727159508587004, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50393, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159515654099, "etime": 1727159515654099, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50400, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159542986148, "etime": 1727159542986148, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50424, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159495108966, "etime": 1727159495108966, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50381, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727159507433660, "etime": 1727159507433660, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50392, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159432525606, "etime": 1727159432525606, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50379, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727159529320927, "etime": 1727159529320927, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50412, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159509917010, "etime": 1727159509917010, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50395, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159545279057, "etime": 1727159545279057, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50426, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159544127121, "etime": 1727159544127121, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50425, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159533906802, "etime": 1727159533906802, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50416, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159522502758, "etime": 1727159522502758, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50406, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159535045640, "etime": 1727159535045640, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50417, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159553282765, "etime": 1727159553282765, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50433, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159555560634, "etime": 1727159555560634, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50435, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159549834402, "etime": 1727159549834402, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50430, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159562596110, "etime": 1727159562596110, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50442, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159500350235, "etime": 1727159500350235, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50385, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159514516231, "etime": 1727159514516231, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50399, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159525903583, "etime": 1727159525903583, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50409, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159523625637, "etime": 1727159523625637, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50407, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159556699208, "etime": 1727159556699208, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50436, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159517947177, "etime": 1727159517947177, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50402, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159502674420, "etime": 1727159502674420, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50387, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159527042207, "etime": 1727159527042207, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50410, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159561456427, "etime": 1727159561456427, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50441, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159536184210, "etime": 1727159536184210, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50418, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159501506027, "etime": 1727159501506027, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50386, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159562726364, "etime": 1727159562726364, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50443, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159498073704, "etime": 1727159498073704, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50383, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159548695341, "etime": 1727159548695341, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50429, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159558009976, "etime": 1727159558009976, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50438, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159513376489, "etime": 1727159513376489, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50398, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159538446405, "etime": 1727159538446405, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50420, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159520224990, "etime": 1727159520224990, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50404, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727159521364285, "etime": 1727159521364285, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50405, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:44:17.239] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 4|max_alert: 1000
[2025-12-09 20:44:17.239] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:44:17.239] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:44:17.729] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24282 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID41-tls1.2CS4.8_windowsserver2016_kali_jdk_IP.1727336842.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID41-tls1.2CS4.8_windowsserver2016_kali_jdk_IP.1727336842.jsonl?X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=4b36e418e939f05c7939edaa056cda55da79a12573ae933d6c9ec341c8f09e81&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T124417Z"}
[2025-12-09 20:44:17.729] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:44:17.729] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:44:17.729] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:44:17.729] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:44:17.729] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:44:17.730] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:44:20.268] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID41-tls1.2CS4.8_windowsserver2016_kali_jdk_IP.1727336842.jsonl|result:{"code": 1, "total_count": 61, "abnormal_count": 6, "normal_count": 55, "alert_count": 6, "timestamp": 1765313060266, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727336842129615, "etime": 1727336842129615, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 50792, "dest_port": 8000, "protocol": "tls", "result": "Normal"}, {"stime": 1727336944297578, "etime": 1727336944297578, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51166, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336954517877, "etime": 1727336954517877, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51177, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336935046884, "etime": 1727336935046884, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51156, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336940203484, "etime": 1727336940203484, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51162, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336929924905, "etime": 1727336929924905, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51151, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336962451065, "etime": 1727336962451065, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51184, "dest_port": 443, "protocol": "tls", "result": "Behinder"}, {"stime": 1727336965500565, "etime": 1727336965500565, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51187, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336936109527, "etime": 1727336936109527, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51158, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336937126856, "etime": 1727336937126856, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51159, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336931970115, "etime": 1727336931970115, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51153, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336951438671, "etime": 1727336951438671, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51174, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336959656887, "etime": 1727336959656887, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51183, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336924797040, "etime": 1727336924797040, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51146, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336917547516, "etime": 1727336917547516, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51138, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727336963469225, "etime": 1727336963469225, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51185, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336949407471, "etime": 1727336949407471, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51172, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336967531750, "etime": 1727336967531750, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51189, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336970625534, "etime": 1727336970625534, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51193, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336932984685, "etime": 1727336932984685, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51154, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336943275080, "etime": 1727336943275080, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51165, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336935093307, "etime": 1727336935093307, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51157, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727336969609909, "etime": 1727336969609909, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51192, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336957609794, "etime": 1727336957609794, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51181, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336958642264, "etime": 1727336958642264, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51182, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336857532903, "etime": 1727336857532903, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51002, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336926860311, "etime": 1727336926860311, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51148, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336938141652, "etime": 1727336938141652, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51160, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336964487477, "etime": 1727336964487477, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51186, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336922766347, "etime": 1727336922766347, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51144, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336947344104, "etime": 1727336947344104, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51169, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336921610861, "etime": 1727336921610861, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51142, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727336948388718, "etime": 1727336948388718, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51171, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336950423734, "etime": 1727336950423734, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51173, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336945313139, "etime": 1727336945313139, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51167, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336971641377, "etime": 1727336971641377, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51194, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336968578530, "etime": 1727336968578530, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51191, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336967571755, "etime": 1727336967571755, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51190, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336920594342, "etime": 1727336920594342, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51141, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336971656483, "etime": 1727336971656483, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51195, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336923784253, "etime": 1727336923784253, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51145, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336918562729, "etime": 1727336918562729, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51139, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336939173937, "etime": 1727336939173937, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51161, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336948359735, "etime": 1727336948359735, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51170, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336946328852, "etime": 1727336946328852, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51168, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336954560539, "etime": 1727336954560539, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51178, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336930937892, "etime": 1727336930937892, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51152, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336921759098, "etime": 1727336921759098, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51143, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727336941221155, "etime": 1727336941221155, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51163, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336966515991, "etime": 1727336966515991, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51188, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336919578833, "etime": 1727336919578833, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51140, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336953484455, "etime": 1727336953484455, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51176, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336857486240, "etime": 1727336857486240, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51001, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727336955578569, "etime": 1727336955578569, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51179, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336956595948, "etime": 1727336956595948, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51180, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336952470156, "etime": 1727336952470156, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51175, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336925829403, "etime": 1727336925829403, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51147, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336927876387, "etime": 1727336927876387, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51149, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336934016515, "etime": 1727336934016515, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51155, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336942234653, "etime": 1727336942234653, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51164, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727336928891070, "etime": 1727336928891070, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51150, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:44:20.268] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 6|max_alert: 1000
[2025-12-09 20:44:20.268] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:44:20.268] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:44:20.920] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24283 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51802.1726814707.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51802.1726814707.jsonl?X-Amz-Signature=cd105e69bb2e364827dde83c2aaa8b3da30cf44086157d26229aa65122835a98&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T124420Z&X-Amz-Expires=604800"}
[2025-12-09 20:44:20.920] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:44:20.920] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:44:20.920] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:44:20.920] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:44:20.920] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:44:20.921] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:44:20.973] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51802.1726814707.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765313060972, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726814707450913, "etime": 1726814707450913, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51802, "dest_port": 446, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:44:20.973] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:44:20.973] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:44:20.973] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:44:24.112] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24284 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51144.1726796447.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51144.1726796447.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=92b98a7f266551bb964bf9fed185fcf6339c5bbdb6a71fb757c7017891b93e7e&X-Amz-Date=20251209T124423Z"}
[2025-12-09 20:44:24.112] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:44:24.112] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:44:24.113] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:44:24.113] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:44:24.113] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:44:24.113] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:44:24.209] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51144.1726796447.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765313064208, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726796447607414, "etime": 1726796447607414, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51144, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:44:24.209] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:44:24.209] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:44:24.209] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:44:27.327] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25960 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51262.1726800644.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51262.1726800644.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T124426Z&X-Amz-SignedHeaders=host&X-Amz-Signature=64a82a7840b6c5a7063a240f06bba59a5f253e27e89c43392e45db52bce78074&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:44:27.327] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:44:27.327] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:44:27.327] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:44:27.327] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:44:27.327] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:44:27.328] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:44:27.439] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID30-tls1.2CS4.8_ubuntu_kali_openjdk_domain.pcap.TCP_192-168-126-132_446_192-168-126-139_51262.1726800644.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765313067439, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726800644346585, "etime": 1726800644346585, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51262, "dest_port": 446, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:44:27.439] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:44:27.439] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:44:27.439] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:44:30.497] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25961 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51900.1726817532.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51900.1726817532.jsonl?X-Amz-Date=20251209T124429Z&X-Amz-Signature=6446b7c8c65aadd2543a6dc6567be83d15dc9cae1307ad0c19051fa9e63794bd&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:44:30.497] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:44:30.497] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:44:30.497] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:44:30.497] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:44:30.497] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:44:30.498] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:44:30.609] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID29-tls1.2CS4.8_ubuntu_kali_jdk_IP.pcap.TCP_192-168-126-132_443_192-168-126-139_51900.1726817532.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765313070609, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726817532765719, "etime": 1726817532765719, "src_ip": "192.168.126.139", "dest_ip": "192.168.126.132", "src_port": 51900, "dest_port": 443, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:44:30.609] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:44:30.609] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:44:30.609] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:44:33.704] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24285 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID44-tls.12CS4.8_windowsserver2016_ubuntu_openjdk_IP.1727401942.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID44-tls.12CS4.8_windowsserver2016_ubuntu_openjdk_IP.1727401942.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T124433Z&X-Amz-Expires=604800&X-Amz-Signature=c9929de90bffcb0d294127973baadcbc3d596685c478ae64f5b01207007de42e"}
[2025-12-09 20:44:33.704] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:44:33.704] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:44:33.705] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:44:33.705] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:44:33.705] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:44:33.706] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:44:36.692] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID44-tls.12CS4.8_windowsserver2016_ubuntu_openjdk_IP.1727401942.jsonl|result:{"code": 1, "total_count": 58, "abnormal_count": 18, "normal_count": 40, "alert_count": 18, "timestamp": 1765313076691, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727402032135319, "etime": 1727402032135319, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50592, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402019167801, "etime": 1727402019167801, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50578, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727402017103520, "etime": 1727402017103520, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50575, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402027433497, "etime": 1727402027433497, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50589, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402023355059, "etime": 1727402023355059, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50585, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402044496316, "etime": 1727402044496316, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50607, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402011947782, "etime": 1727402011947782, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50569, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402015057130, "etime": 1727402015057130, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50573, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402040416698, "etime": 1727402040416698, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50603, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402009915425, "etime": 1727402009915425, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50567, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402045634445, "etime": 1727402045634445, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50609, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402046707877, "etime": 1727402046707877, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50611, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727402016088444, "etime": 1727402016088444, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50574, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402007884423, "etime": 1727402007884423, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50565, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402049743518, "etime": 1727402049743518, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50614, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402023307021, "etime": 1727402023307021, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50584, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402038306759, "etime": 1727402038306759, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50599, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727402041431345, "etime": 1727402041431345, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50604, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402048728396, "etime": 1727402048728396, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50613, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402037275783, "etime": 1727402037275783, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50598, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402042463587, "etime": 1727402042463587, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50605, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402019196869, "etime": 1727402019196869, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50579, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402006874940, "etime": 1727402006874940, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50564, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727402017139582, "etime": 1727402017139582, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50576, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402013009223, "etime": 1727402013009223, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50571, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402022243621, "etime": 1727402022243621, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50582, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727402034167250, "etime": 1727402034167250, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50594, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402005745301, "etime": 1727402005745301, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50562, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727402020212684, "etime": 1727402020212684, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50580, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402022293250, "etime": 1727402022293250, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50583, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402036197160, "etime": 1727402036197160, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50596, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727402036258352, "etime": 1727402036258352, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50597, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727402038333213, "etime": 1727402038333213, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50600, "dest_port": 443, "protocol": "tls", "result": "Behinder"}, {"stime": 1727402046650436, "etime": 1727402046650436, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50610, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402025400061, "etime": 1727402025400061, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50587, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402014041038, "etime": 1727402014041038, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50572, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402028447674, "etime": 1727402028447674, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50590, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402050768824, "etime": 1727402050768824, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50616, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727402050760430, "etime": 1727402050760430, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50615, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727402044622802, "etime": 1727402044622802, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50608, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727401942876603, "etime": 1727401942876603, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50556, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727402033150653, "etime": 1727402033150653, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50593, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402008901576, "etime": 1727402008901576, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50566, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402043478402, "etime": 1727402043478402, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50606, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402026415876, "etime": 1727402026415876, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50588, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402024369140, "etime": 1727402024369140, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50586, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402031121565, "etime": 1727402031121565, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50591, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727402039353390, "etime": 1727402039353390, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50601, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727401942918757, "etime": 1727401942918757, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50557, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402006760865, "etime": 1727402006760865, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50563, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727402040368983, "etime": 1727402040368983, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50602, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727402010931366, "etime": 1727402010931366, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50568, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402018150025, "etime": 1727402018150025, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50577, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402047713133, "etime": 1727402047713133, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50612, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402012000385, "etime": 1727402012000385, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50570, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727402035181897, "etime": 1727402035181897, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50595, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727402002931944, "etime": 1727402002931944, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50561, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727402021228246, "etime": 1727402021228246, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50581, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:44:36.692] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 18|max_alert: 1000
[2025-12-09 20:44:36.692] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:44:36.692] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:44:36.927] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25962 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID45-tls1.2CS4.8_windowsserver2022_kali_jdk_IP.1727332428.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID45-tls1.2CS4.8_windowsserver2022_kali_jdk_IP.1727332428.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T124436Z&X-Amz-SignedHeaders=host&X-Amz-Signature=357afeb5150248f305c7b4282d3b051bc0383f654591b2cd2ff2058c2fff2742&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 20:44:36.927] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:44:36.927] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:44:36.927] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:44:36.927] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:44:36.927] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:44:36.928] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:44:39.459] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID45-tls1.2CS4.8_windowsserver2022_kali_jdk_IP.1727332428.jsonl|result:{"code": 1, "total_count": 54, "abnormal_count": 20, "normal_count": 34, "alert_count": 20, "timestamp": 1765313079458, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727332525566501, "etime": 1727332525566501, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51910, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727332533690902, "etime": 1727332533690902, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51918, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727332511159867, "etime": 1727332511159867, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51894, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727332516347269, "etime": 1727332516347269, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51900, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727332495550538, "etime": 1727332495550538, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51876, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727332507019414, "etime": 1727332507019414, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51889, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727332510144870, "etime": 1727332510144870, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51893, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727332513279374, "etime": 1727332513279374, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51897, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727332508106468, "etime": 1727332508106468, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51891, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727332521488786, "etime": 1727332521488786, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51906, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727332490909850, "etime": 1727332490909850, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51873, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727332493525581, "etime": 1727332493525581, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51874, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727332512200711, "etime": 1727332512200711, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51895, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727332504987867, "etime": 1727332504987867, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51887, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727332501926213, "etime": 1727332501926213, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51884, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727332524550508, "etime": 1727332524550508, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51909, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727332497768888, "etime": 1727332497768888, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51879, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727332520410468, "etime": 1727332520410468, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51904, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727332535722154, "etime": 1727332535722154, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51920, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727332518379458, "etime": 1727332518379458, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51902, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727332530644178, "etime": 1727332530644178, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51915, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727332499800219, "etime": 1727332499800219, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51881, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727332532674961, "etime": 1727332532674961, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51917, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727332536747043, "etime": 1727332536747043, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51922, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727332508035127, "etime": 1727332508035127, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51890, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727332502941020, "etime": 1727332502941020, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51885, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727332529628629, "etime": 1727332529628629, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51914, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727332494535181, "etime": 1727332494535181, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51875, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727332514301342, "etime": 1727332514301342, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51898, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727332500894355, "etime": 1727332500894355, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51883, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727332499868446, "etime": 1727332499868446, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51882, "dest_port": 443, "protocol": "tls", "result": "Behinder"}, {"stime": 1727332520482137, "etime": 1727332520482137, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51905, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727332534707942, "etime": 1727332534707942, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51919, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727332488878753, "etime": 1727332488878753, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51871, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727332496753463, "etime": 1727332496753463, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51878, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727332515332067, "etime": 1727332515332067, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51899, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727332519394376, "etime": 1727332519394376, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51903, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727332536738110, "etime": 1727332536738110, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51921, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727332528612888, "etime": 1727332528612888, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51913, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727332509128374, "etime": 1727332509128374, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51892, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727332498785610, "etime": 1727332498785610, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51880, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727332506004446, "etime": 1727332506004446, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51888, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727332522503470, "etime": 1727332522503470, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51907, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727332489895231, "etime": 1727332489895231, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51872, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727332513222123, "etime": 1727332513222123, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51896, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727332523519806, "etime": 1727332523519806, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51908, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727332526581421, "etime": 1727332526581421, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51911, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727332531659740, "etime": 1727332531659740, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51916, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727332503973067, "etime": 1727332503973067, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51886, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727332495738596, "etime": 1727332495738596, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51877, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727332527598641, "etime": 1727332527598641, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51912, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727332428796803, "etime": 1727332428796803, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51868, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727332428855158, "etime": 1727332428855158, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51869, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727332517362914, "etime": 1727332517362914, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51901, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}]}
[2025-12-09 20:44:39.459] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 20|max_alert: 1000
[2025-12-09 20:44:39.459] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:44:39.459] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:44:40.179] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25963 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID46-tls.12CS4.8_windowsserver2022_kali_openjdk_domain.1727331505.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID46-tls.12CS4.8_windowsserver2022_kali_openjdk_domain.1727331505.jsonl?X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T124439Z&X-Amz-Signature=507c9a5e66792dab416d5e58c01f1f3aed368213afc11d92257500bdcafb3f37&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:44:40.179] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:44:40.179] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:44:40.180] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:44:40.180] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:44:40.180] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:44:40.181] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:44:42.594] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID46-tls.12CS4.8_windowsserver2022_kali_openjdk_domain.1727331505.jsonl|result:{"code": 1, "total_count": 54, "abnormal_count": 17, "normal_count": 37, "alert_count": 17, "timestamp": 1765313082593, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727331586252591, "etime": 1727331586252591, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51580, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331566018636, "etime": 1727331566018636, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51561, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331599580680, "etime": 1727331599580680, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51594, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331574392786, "etime": 1727331574392786, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51570, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331589396958, "etime": 1727331589396958, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51584, "dest_port": 8443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727331603791849, "etime": 1727331603791849, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51600, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331593488345, "etime": 1727331593488345, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51588, "dest_port": 8443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727331601689983, "etime": 1727331601689983, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51597, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331607862265, "etime": 1727331607862265, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51604, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331567034233, "etime": 1727331567034233, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51562, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331577440199, "etime": 1727331577440199, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51573, "dest_port": 8443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727331608877397, "etime": 1727331608877397, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51605, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331613018948, "etime": 1727331613018948, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51610, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331578456506, "etime": 1727331578456506, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51574, "dest_port": 8443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727331592465242, "etime": 1727331592465242, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51587, "dest_port": 8443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727331598565277, "etime": 1727331598565277, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51593, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331600659343, "etime": 1727331600659343, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51596, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331584189839, "etime": 1727331584189839, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51578, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331585220916, "etime": 1727331585220916, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51579, "dest_port": 8443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727331589299198, "etime": 1727331589299198, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51583, "dest_port": 8443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727331575409297, "etime": 1727331575409297, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51571, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331579473070, "etime": 1727331579473070, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51575, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331590409190, "etime": 1727331590409190, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51585, "dest_port": 8443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727331602705897, "etime": 1727331602705897, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51598, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331603722637, "etime": 1727331603722637, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51599, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331604799871, "etime": 1727331604799871, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51601, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331583159854, "etime": 1727331583159854, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51577, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331587268215, "etime": 1727331587268215, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51581, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331609956063, "etime": 1727331609956063, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51607, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331605831075, "etime": 1727331605831075, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51602, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331571331217, "etime": 1727331571331217, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51567, "dest_port": 8443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727331588284112, "etime": 1727331588284112, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51582, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331594502818, "etime": 1727331594502818, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51589, "dest_port": 8443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727331599640879, "etime": 1727331599640879, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51595, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331572361678, "etime": 1727331572361678, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51568, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331576424592, "etime": 1727331576424592, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51572, "dest_port": 8443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727331568281259, "etime": 1727331568281259, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51564, "dest_port": 8443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727331591439868, "etime": 1727331591439868, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51586, "dest_port": 8443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727331568050112, "etime": 1727331568050112, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51563, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331573377657, "etime": 1727331573377657, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51569, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331614043761, "etime": 1727331614043761, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51612, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331596533891, "etime": 1727331596533891, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51591, "dest_port": 8443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727331595517828, "etime": 1727331595517828, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51590, "dest_port": 8443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727331606847249, "etime": 1727331606847249, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51603, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331506007858, "etime": 1727331506007858, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51557, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331570316344, "etime": 1727331570316344, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51566, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331610994907, "etime": 1727331610994907, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51608, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331612002665, "etime": 1727331612002665, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51609, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331597549423, "etime": 1727331597549423, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51592, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331614033752, "etime": 1727331614033752, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51611, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331505953815, "etime": 1727331505953815, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51556, "dest_port": 8443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727331608946481, "etime": 1727331608946481, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51606, "dest_port": 8443, "protocol": "tls", "result": "Normal"}, {"stime": 1727331582136529, "etime": 1727331582136529, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51576, "dest_port": 8443, "protocol": "tls", "result": "Behinder"}, {"stime": 1727331569299655, "etime": 1727331569299655, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51565, "dest_port": 8443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:44:42.595] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 17|max_alert: 1000
[2025-12-09 20:44:42.595] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:44:42.595] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:44:43.383] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25964 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID44-tls.12CS4.8_windowsserver2016_ubuntu_openjdk_domain.1727402811.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID44-tls.12CS4.8_windowsserver2016_ubuntu_openjdk_domain.1727402811.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T124442Z&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=5e3780de94d67c4bacb78174623a1381a06a381099fa3f1539d9cbd2f1916317&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:44:43.383] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:44:43.383] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:44:43.383] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:44:43.383] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:44:43.383] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:44:43.383] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:44:45.664] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID44-tls.12CS4.8_windowsserver2016_ubuntu_openjdk_domain.1727402811.jsonl|result:{"code": 1, "total_count": 53, "abnormal_count": 12, "normal_count": 41, "alert_count": 12, "timestamp": 1765313085663, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727402871527189, "etime": 1727402871527189, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50832, "dest_port": 8843, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727402909620957, "etime": 1727402909620957, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50878, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402881605473, "etime": 1727402881605473, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50842, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402891975026, "etime": 1727402891975026, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50856, "dest_port": 8843, "protocol": "tls", "result": "Antsword"}, {"stime": 1727402892995506, "etime": 1727402892995506, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50857, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402900293000, "etime": 1727402900293000, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50866, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402906464718, "etime": 1727402906464718, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50873, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402878483101, "etime": 1727402878483101, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50838, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402907527271, "etime": 1727402907527271, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50875, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402905449726, "etime": 1727402905449726, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50872, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402882652170, "etime": 1727402882652170, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50844, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402888855528, "etime": 1727402888855528, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50852, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402902323981, "etime": 1727402902323981, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50868, "dest_port": 8843, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727402903404031, "etime": 1727402903404031, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50870, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402906506033, "etime": 1727402906506033, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50874, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402879551062, "etime": 1727402879551062, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50840, "dest_port": 8843, "protocol": "tls", "result": "Antsword"}, {"stime": 1727402885762085, "etime": 1727402885762085, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50848, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402894012074, "etime": 1727402894012074, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50858, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402910636790, "etime": 1727402910636790, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50879, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402872684306, "etime": 1727402872684306, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50834, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402891918934, "etime": 1727402891918934, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50855, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402880574286, "etime": 1727402880574286, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50841, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402895027025, "etime": 1727402895027025, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50859, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402898214157, "etime": 1727402898214157, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50863, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402897201261, "etime": 1727402897201261, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50862, "dest_port": 8843, "protocol": "tls", "result": "Antsword"}, {"stime": 1727402887842746, "etime": 1727402887842746, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50851, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402811470381, "etime": 1727402811470381, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50830, "dest_port": 8843, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727402883714526, "etime": 1727402883714526, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50846, "dest_port": 8843, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727402886776738, "etime": 1727402886776738, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50849, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402896058834, "etime": 1727402896058834, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50860, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402876450973, "etime": 1727402876450973, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50836, "dest_port": 8843, "protocol": "tls", "result": "Antsword"}, {"stime": 1727402901308001, "etime": 1727402901308001, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50867, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402912679438, "etime": 1727402912679438, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50882, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402879496212, "etime": 1727402879496212, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50839, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402877464921, "etime": 1727402877464921, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50837, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402811510590, "etime": 1727402811510590, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50831, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402881644205, "etime": 1727402881644205, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50843, "dest_port": 8843, "protocol": "tls", "result": "Behinder"}, {"stime": 1727402911652228, "etime": 1727402911652228, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50880, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402889873111, "etime": 1727402889873111, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50853, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402902375930, "etime": 1727402902375930, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50869, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402908542364, "etime": 1727402908542364, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50876, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402884731184, "etime": 1727402884731184, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50847, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402883683705, "etime": 1727402883683705, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50845, "dest_port": 8843, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727402871677159, "etime": 1727402871677159, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50833, "dest_port": 8843, "protocol": "tls", "result": "Antsword"}, {"stime": 1727402904417731, "etime": 1727402904417731, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50871, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402899231497, "etime": 1727402899231497, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50864, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402887793807, "etime": 1727402887793807, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50850, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402897073980, "etime": 1727402897073980, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50861, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402899281630, "etime": 1727402899281630, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50865, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402912669648, "etime": 1727402912669648, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50881, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402890886024, "etime": 1727402890886024, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50854, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402873701808, "etime": 1727402873701808, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50835, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727402908600832, "etime": 1727402908600832, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50877, "dest_port": 8843, "protocol": "tls", "result": "Godzilla"}]}
[2025-12-09 20:44:45.664] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 12|max_alert: 1000
[2025-12-09 20:44:45.664] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:44:45.664] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:44:46.592] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24712 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID47-tls1.2CS4.8_windowsserver2022_ubuntu_jdk_IP.1727320000.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID47-tls1.2CS4.8_windowsserver2022_ubuntu_jdk_IP.1727320000.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=dfce94f5b4a83c74040a0c60e517d804a778fbc1810955b22935f0c6fde6a2b4&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T124446Z&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:44:46.592] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:44:46.592] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:44:46.592] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:44:46.592] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:44:46.592] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:44:46.593] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:44:48.907] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID47-tls1.2CS4.8_windowsserver2022_ubuntu_jdk_IP.1727320000.jsonl|result:{"code": 1, "total_count": 53, "abnormal_count": 11, "normal_count": 42, "alert_count": 11, "timestamp": 1765313088905, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727320071432984, "etime": 1727320071432984, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50646, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320096792257, "etime": 1727320096792257, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50672, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727320074479321, "etime": 1727320074479321, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50649, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320089104525, "etime": 1727320089104525, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50666, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320096875964, "etime": 1727320096875964, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50673, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727320078824431, "etime": 1727320078824431, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50655, "dest_port": 443, "protocol": "tls", "result": "Behinder"}, {"stime": 1727320105106429, "etime": 1727320105106429, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50682, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320080870461, "etime": 1727320080870461, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50657, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320099917547, "etime": 1727320099917547, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50676, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320106136019, "etime": 1727320106136019, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50683, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320107170677, "etime": 1727320107170677, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50685, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727320103070041, "etime": 1727320103070041, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50680, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320069385756, "etime": 1727320069385756, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50644, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320060182890, "etime": 1727320060182890, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50635, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320067323600, "etime": 1727320067323600, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50642, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320062230506, "etime": 1727320062230506, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50637, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320082974313, "etime": 1727320082974313, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50660, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727320092729776, "etime": 1727320092729776, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50668, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320086043943, "etime": 1727320086043943, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50663, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320000076551, "etime": 1727320000076551, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50633, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727320061199499, "etime": 1727320061199499, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50636, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320095776821, "etime": 1727320095776821, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50671, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320098904146, "etime": 1727320098904146, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50675, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320075496007, "etime": 1727320075496007, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50650, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320104089602, "etime": 1727320104089602, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50681, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320087073377, "etime": 1727320087073377, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50664, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320065291809, "etime": 1727320065291809, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50640, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320070401241, "etime": 1727320070401241, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50645, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320082901384, "etime": 1727320082901384, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50659, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320066308364, "etime": 1727320066308364, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50641, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320072448963, "etime": 1727320072448963, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50647, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320064276957, "etime": 1727320064276957, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50639, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320093745713, "etime": 1727320093745713, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50669, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320097886882, "etime": 1727320097886882, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50674, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320101965201, "etime": 1727320101965201, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50678, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320076527653, "etime": 1727320076527653, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50651, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727320068354703, "etime": 1727320068354703, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50643, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320079839495, "etime": 1727320079839495, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50656, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320063247184, "etime": 1727320063247184, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50638, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320083995521, "etime": 1727320083995521, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50661, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320088088967, "etime": 1727320088088967, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50665, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320091717432, "etime": 1727320091717432, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50667, "dest_port": 443, "protocol": "tls", "result": "Behinder"}, {"stime": 1727320102995249, "etime": 1727320102995249, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50679, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320107151682, "etime": 1727320107151682, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50684, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727320100933504, "etime": 1727320100933504, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50677, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320077746064, "etime": 1727320077746064, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50653, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320081886189, "etime": 1727320081886189, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50658, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320000152447, "etime": 1727320000152447, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50634, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320078760806, "etime": 1727320078760806, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50654, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727320085011306, "etime": 1727320085011306, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50662, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320094761314, "etime": 1727320094761314, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50670, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727320076734786, "etime": 1727320076734786, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50652, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727320073464342, "etime": 1727320073464342, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50648, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:44:48.907] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 11|max_alert: 1000
[2025-12-09 20:44:48.907] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:44:48.907] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:44:49.764] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24713 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID9-tls1.2CS4.8_win8.1_kali_jdk_domain.1727074763.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID9-tls1.2CS4.8_win8.1_kali_jdk_domain.1727074763.jsonl?X-Amz-Signature=fc4f4ffa1366ea5f6744d42f66496ed99cfd96e41f8913273c69e65357db1390&X-Amz-Expires=604800&X-Amz-Date=20251209T124449Z&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:44:49.764] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:44:49.764] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:44:49.764] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:44:49.764] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:44:49.764] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:44:49.764] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:44:51.872] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID9-tls1.2CS4.8_win8.1_kali_jdk_domain.1727074763.jsonl|result:{"code": 1, "total_count": 48, "abnormal_count": 1, "normal_count": 47, "alert_count": 1, "timestamp": 1765313091871, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727074827975951, "etime": 1727074827975951, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50180, "dest_port": 4431, "protocol": "tls", "result": "Behinder"}, {"stime": 1727074845682246, "etime": 1727074845682246, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50197, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074848792834, "etime": 1727074848792834, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50200, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074856074677, "etime": 1727074856074677, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50207, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074866527466, "etime": 1727074866527466, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50217, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074835291750, "etime": 1727074835291750, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50187, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074833215283, "etime": 1727074833215283, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50185, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074849854765, "etime": 1727074849854765, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50201, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074867558797, "etime": 1727074867558797, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50218, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074832167133, "etime": 1727074832167133, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50184, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074864434769, "etime": 1727074864434769, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50215, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074868590284, "etime": 1727074868590284, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50219, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074834260427, "etime": 1727074834260427, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50186, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074842559329, "etime": 1727074842559329, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50194, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074852964994, "etime": 1727074852964994, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50204, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074862340259, "etime": 1727074862340259, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50213, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074765874796, "etime": 1727074765874796, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50177, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074829025950, "etime": 1727074829025950, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50181, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074857124243, "etime": 1727074857124243, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50208, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074763540506, "etime": 1727074763540506, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50176, "dest_port": 801, "protocol": "tls", "result": "Normal"}, {"stime": 1727074840480206, "etime": 1727074840480206, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50192, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074871715837, "etime": 1727074871715837, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50222, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074872790186, "etime": 1727074872790186, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50224, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074859213980, "etime": 1727074859213980, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50210, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074855042830, "etime": 1727074855042830, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50206, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074826122240, "etime": 1727074826122240, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50179, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074841511448, "etime": 1727074841511448, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50193, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074844651310, "etime": 1727074844651310, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50196, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074863387495, "etime": 1727074863387495, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50214, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074837370239, "etime": 1727074837370239, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50189, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074838401003, "etime": 1727074838401003, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50190, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074831120204, "etime": 1727074831120204, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50183, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074836339463, "etime": 1727074836339463, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50188, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074847746500, "etime": 1727074847746500, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50199, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074846713405, "etime": 1727074846713405, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50198, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074851934564, "etime": 1727074851934564, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50203, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074854011256, "etime": 1727074854011256, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50205, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074858167627, "etime": 1727074858167627, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50209, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074860246711, "etime": 1727074860246711, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50211, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074861292394, "etime": 1727074861292394, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50212, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074865495529, "etime": 1727074865495529, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50216, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074850901735, "etime": 1727074850901735, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50202, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074869636512, "etime": 1727074869636512, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50220, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074870683128, "etime": 1727074870683128, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50221, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074843604831, "etime": 1727074843604831, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50195, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074839448954, "etime": 1727074839448954, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50191, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074830075953, "etime": 1727074830075953, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50182, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727074872761517, "etime": 1727074872761517, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50223, "dest_port": 4431, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:44:51.872] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:44:51.872] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:44:51.872] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:44:52.939] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24286 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID2-4-tls1.2CS4.8_win11_kali_openjdk_IP.1730304759.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID2-4-tls1.2CS4.8_win11_kali_openjdk_IP.1730304759.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T124452Z&X-Amz-Signature=df0374eb57f1d5945a4a4b3b1f456692fa9d927123022ee88a2bf644cda86b28&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:44:52.939] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:44:52.939] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:44:52.939] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:44:52.939] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:44:52.939] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:44:52.940] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:44:54.255] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID2-4-tls1.2CS4.8_win11_kali_openjdk_IP.1730304759.jsonl|result:{"code": 1, "total_count": 30, "abnormal_count": 9, "normal_count": 21, "alert_count": 9, "timestamp": 1765313094254, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1730305063939780, "etime": 1730305063939780, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51061, "dest_port": 7777, "protocol": "tls", "result": "Antsword"}, {"stime": 1730304939875146, "etime": 1730304939875146, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51026, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305020396361, "etime": 1730305020396361, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51047, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305033539227, "etime": 1730305033539227, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51051, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730304959898373, "etime": 1730304959898373, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51030, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305043646197, "etime": 1730305043646197, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51055, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305087213229, "etime": 1730305087213229, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51065, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305043695832, "etime": 1730305043695832, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51056, "dest_port": 7777, "protocol": "tls", "result": "Antsword"}, {"stime": 1730304819850365, "etime": 1730304819850365, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51013, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305073953196, "etime": 1730305073953196, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51062, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730304969907455, "etime": 1730304969907455, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51031, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305063719298, "etime": 1730305063719298, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51060, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305023522040, "etime": 1730305023522040, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51049, "dest_port": 7777, "protocol": "tls", "result": "Antsword"}, {"stime": 1730305094058057, "etime": 1730305094058057, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51067, "dest_port": 7777, "protocol": "tls", "result": "Antsword"}, {"stime": 1730305104071857, "etime": 1730305104071857, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51070, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730304879860497, "etime": 1730304879860497, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51021, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305033631741, "etime": 1730305033631741, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51052, "dest_port": 7777, "protocol": "tls", "result": "Antsword"}, {"stime": 1730305053707761, "etime": 1730305053707761, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51058, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305104067735, "etime": 1730305104067735, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51069, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730304759782505, "etime": 1730304759782505, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51007, "dest_port": 7777, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1730304949888359, "etime": 1730304949888359, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51028, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730304759835225, "etime": 1730304759835225, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51008, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730304969980612, "etime": 1730304969980612, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51033, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305010384296, "etime": 1730305010384296, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51045, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305000094694, "etime": 1730305000094694, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51041, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730304990075614, "etime": 1730304990075614, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51039, "dest_port": 7777, "protocol": "tls", "result": "Antsword"}, {"stime": 1730305000361869, "etime": 1730305000361869, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51042, "dest_port": 7777, "protocol": "tls", "result": "Godzilla"}, {"stime": 1730304979995228, "etime": 1730304979995228, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51034, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730304990008499, "etime": 1730304990008499, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51038, "dest_port": 7777, "protocol": "tls", "result": "Normal"}, {"stime": 1730305077205235, "etime": 1730305077205235, "src_ip": "172.20.15.142", "dest_ip": "172.20.3.233", "src_port": 51063, "dest_port": 7777, "protocol": "tls", "result": "Antsword"}]}
[2025-12-09 20:44:54.255] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 9|max_alert: 1000
[2025-12-09 20:44:54.255] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:44:54.255] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:44:56.067] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24714 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-https.pcap.TCP_10-0-4-15_3389_111-53-218-171_6945.1726283902.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-https.pcap.TCP_10-0-4-15_3389_111-53-218-171_6945.1726283902.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T124455Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=f5a46f4b7ea6b12e3a9b7ac2b059b779b8ed02a3d01cb73936f8fba964352620"}
[2025-12-09 20:44:56.067] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:44:56.067] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:44:56.067] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:44:56.067] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:44:56.067] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:44:56.067] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:44:56.119] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID57_behinderv2.0.1_aspx_winserver2012r2-https.pcap.TCP_10-0-4-15_3389_111-53-218-171_6945.1726283902.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765313096119, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726283902711032, "etime": 1726283902711032, "src_ip": "10.0.4.15", "dest_ip": "111.53.218.171", "src_port": 3389, "dest_port": 6945, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:44:56.119] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:44:59.259] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24287 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID47-tls1.2CS4.8_windowsserver2022_ubuntu_jdk_domain.1727321134.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID47-tls1.2CS4.8_windowsserver2022_ubuntu_jdk_domain.1727321134.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T124458Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=287a31d3a58f09bdf367985db9ab17ced4e7cefb74f2232ed11a0ac9f89ebd9c&X-Amz-SignedHeaders=host"}
[2025-12-09 20:44:59.259] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:44:59.259] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:44:59.260] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:44:59.260] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:44:59.260] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:44:59.260] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:45:01.226] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID47-tls1.2CS4.8_windowsserver2022_ubuntu_jdk_domain.1727321134.jsonl|result:{"code": 1, "total_count": 39, "abnormal_count": 22, "normal_count": 17, "alert_count": 22, "timestamp": 1765313101225, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727321211714685, "etime": 1727321211714685, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50870, "dest_port": 8989, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727321213855350, "etime": 1727321213855350, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50873, "dest_port": 8989, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727321207541838, "etime": 1727321207541838, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50865, "dest_port": 8989, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727321221214347, "etime": 1727321221214347, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50881, "dest_port": 8989, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727321206530834, "etime": 1727321206530834, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50864, "dest_port": 8989, "protocol": "tls", "result": "Antsword"}, {"stime": 1727321227449806, "etime": 1727321227449806, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50889, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727321209667716, "etime": 1727321209667716, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50868, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727321218135896, "etime": 1727321218135896, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50878, "dest_port": 8989, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727321225385898, "etime": 1727321225385898, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50886, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727321215901821, "etime": 1727321215901821, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50875, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727321194636091, "etime": 1727321194636091, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50853, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727321208636630, "etime": 1727321208636630, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50867, "dest_port": 8989, "protocol": "tls", "result": "Behinder"}, {"stime": 1727321211803143, "etime": 1727321211803143, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50871, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727321195667038, "etime": 1727321195667038, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50854, "dest_port": 8989, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727321202341643, "etime": 1727321202341643, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50859, "dest_port": 8989, "protocol": "tls", "result": "Antsword"}, {"stime": 1727321226401235, "etime": 1727321226401235, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50887, "dest_port": 8989, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727321208558795, "etime": 1727321208558795, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50866, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727321134607807, "etime": 1727321134607807, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50852, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727321227423703, "etime": 1727321227423703, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50888, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727321204370167, "etime": 1727321204370167, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50861, "dest_port": 8989, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727321210697970, "etime": 1727321210697970, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50869, "dest_port": 8989, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727321196683150, "etime": 1727321196683150, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50855, "dest_port": 8989, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727321219168567, "etime": 1727321219168567, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50879, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727321223260831, "etime": 1727321223260831, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50883, "dest_port": 8989, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727321199745976, "etime": 1727321199745976, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50858, "dest_port": 8989, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727321134544413, "etime": 1727321134544413, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50851, "dest_port": 8989, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727321205393543, "etime": 1727321205393543, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50862, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727321206448266, "etime": 1727321206448266, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50863, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727321197714502, "etime": 1727321197714502, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50856, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727321217125953, "etime": 1727321217125953, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50877, "dest_port": 8989, "protocol": "tls", "result": "Antsword"}, {"stime": 1727321220198531, "etime": 1727321220198531, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50880, "dest_port": 8989, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727321224370815, "etime": 1727321224370815, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50885, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727321198729318, "etime": 1727321198729318, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50857, "dest_port": 8989, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727321203354668, "etime": 1727321203354668, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50860, "dest_port": 8989, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727321212824228, "etime": 1727321212824228, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50872, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727321214870746, "etime": 1727321214870746, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50874, "dest_port": 8989, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727321216917608, "etime": 1727321216917608, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50876, "dest_port": 8989, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727321223349040, "etime": 1727321223349040, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50884, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727321222244683, "etime": 1727321222244683, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50882, "dest_port": 8989, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:45:01.226] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 22|max_alert: 1000
[2025-12-09 20:45:01.226] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:45:01.226] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:45:02.505] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25965 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID48-tls1.2CS4.8_windowsserver2022_ubuntu_openjdk_domain.1727318066.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID48-tls1.2CS4.8_windowsserver2022_ubuntu_openjdk_domain.1727318066.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=31e41530d833c648af1a4473544b28f53f8606449f02098c3d19625dbfeb143d&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T124502Z&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:45:02.505] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:45:02.505] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:45:02.505] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:45:02.505] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:45:02.505] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:45:02.506] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:45:04.381] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID48-tls1.2CS4.8_windowsserver2022_ubuntu_openjdk_domain.1727318066.jsonl|result:{"code": 1, "total_count": 37, "abnormal_count": 17, "normal_count": 20, "alert_count": 17, "timestamp": 1765313104380, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727318153669587, "etime": 1727318153669587, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50129, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727318145167923, "etime": 1727318145167923, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50118, "dest_port": 8989, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727318127137208, "etime": 1727318127137208, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50098, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727318148293210, "etime": 1727318148293210, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50122, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727318133870740, "etime": 1727318133870740, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50104, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727318066104711, "etime": 1727318066104711, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50085, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727318157746651, "etime": 1727318157746651, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50134, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727318126122123, "etime": 1727318126122123, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50096, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727318157756917, "etime": 1727318157756917, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50135, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727318066046688, "etime": 1727318066046688, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50084, "dest_port": 8989, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727318155715421, "etime": 1727318155715421, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50132, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727318141058883, "etime": 1727318141058883, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50114, "dest_port": 8989, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727318134886706, "etime": 1727318134886706, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50105, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727318153589766, "etime": 1727318153589766, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50128, "dest_port": 8989, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727318139965644, "etime": 1727318139965644, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50112, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727318135903364, "etime": 1727318135903364, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50106, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727318154699248, "etime": 1727318154699248, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50131, "dest_port": 8989, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727318138950114, "etime": 1727318138950114, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50110, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727318137934198, "etime": 1727318137934198, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50108, "dest_port": 8989, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727318131827185, "etime": 1727318131827185, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50102, "dest_port": 8989, "protocol": "tls", "result": "Behinder"}, {"stime": 1727318129195465, "etime": 1727318129195465, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50100, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727318146184023, "etime": 1727318146184023, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50119, "dest_port": 8989, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727318150534950, "etime": 1727318150534950, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50125, "dest_port": 8989, "protocol": "tls", "result": "Antsword"}, {"stime": 1727318156730606, "etime": 1727318156730606, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50133, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727318140980953, "etime": 1727318140980953, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50113, "dest_port": 8989, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727318143122542, "etime": 1727318143122542, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50116, "dest_port": 8989, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727318146250199, "etime": 1727318146250199, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50120, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727318142075036, "etime": 1727318142075036, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50115, "dest_port": 8989, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727318128155714, "etime": 1727318128155714, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50099, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727318149308949, "etime": 1727318149308949, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50123, "dest_port": 8989, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727318150340728, "etime": 1727318150340728, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50124, "dest_port": 8989, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727318152559199, "etime": 1727318152559199, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50127, "dest_port": 8989, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727318132856173, "etime": 1727318132856173, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50103, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727318136917770, "etime": 1727318136917770, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50107, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727318147261972, "etime": 1727318147261972, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50121, "dest_port": 8989, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727318151543583, "etime": 1727318151543583, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50126, "dest_port": 8989, "protocol": "tls", "result": "Normal"}, {"stime": 1727318144136799, "etime": 1727318144136799, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 50117, "dest_port": 8989, "protocol": "tls", "result": "Godzilla"}]}
[2025-12-09 20:45:04.381] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 17|max_alert: 1000
[2025-12-09 20:45:04.381] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:45:04.381] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:45:05.748] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24288 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID46-tls.12CS4.8_windowsserver2022_kali_openjdk_IP.1727322514.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID46-tls.12CS4.8_windowsserver2022_kali_openjdk_IP.1727322514.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T124505Z&X-Amz-SignedHeaders=host&X-Amz-Signature=81080baf7b2bb9070991523a2d6c4b3fb60210ca21b8402f134fb4e294dfe1be&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:45:05.748] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:45:05.748] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:45:05.748] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:45:05.748] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:45:05.748] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:45:05.749] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:45:07.640] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID46-tls.12CS4.8_windowsserver2022_kali_openjdk_IP.1727322514.jsonl|result:{"code": 1, "total_count": 36, "abnormal_count": 8, "normal_count": 28, "alert_count": 8, "timestamp": 1765313107639, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727322582588650, "etime": 1727322582588650, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51279, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727322599291691, "etime": 1727322599291691, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51299, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727322594042027, "etime": 1727322594042027, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51292, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727322578511116, "etime": 1727322578511116, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51275, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727322587948889, "etime": 1727322587948889, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51286, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727322598198511, "etime": 1727322598198511, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51297, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727322595058060, "etime": 1727322595058060, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51293, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727322584840497, "etime": 1727322584840497, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51282, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727322595137737, "etime": 1727322595137737, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51294, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727322605387647, "etime": 1727322605387647, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51305, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727322605406952, "etime": 1727322605406952, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51306, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727322600309213, "etime": 1727322600309213, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51300, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727322603355013, "etime": 1727322603355013, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51303, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727322601323736, "etime": 1727322601323736, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51301, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727322602339502, "etime": 1727322602339502, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51302, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727322589979589, "etime": 1727322589979589, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51288, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727322580542891, "etime": 1727322580542891, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51277, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727322597183384, "etime": 1727322597183384, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51296, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727322581574128, "etime": 1727322581574128, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51278, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727322577501959, "etime": 1727322577501959, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51274, "dest_port": 443, "protocol": "tls", "result": "Behinder"}, {"stime": 1727322514816355, "etime": 1727322514816355, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51272, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727322514751810, "etime": 1727322514751810, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51271, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727322586936740, "etime": 1727322586936740, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51285, "dest_port": 443, "protocol": "tls", "result": "Behinder"}, {"stime": 1727322583827126, "etime": 1727322583827126, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51281, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727322598273032, "etime": 1727322598273032, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51298, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727322604370402, "etime": 1727322604370402, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51304, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727322593026691, "etime": 1727322593026691, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51291, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727322583604974, "etime": 1727322583604974, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51280, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727322579527444, "etime": 1727322579527444, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51276, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727322586870773, "etime": 1727322586870773, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51284, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727322588963769, "etime": 1727322588963769, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51287, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727322574839952, "etime": 1727322574839952, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51273, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727322596151668, "etime": 1727322596151668, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51295, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727322585854379, "etime": 1727322585854379, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51283, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727322592010826, "etime": 1727322592010826, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51290, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727322590995236, "etime": 1727322590995236, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51289, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:45:07.640] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 8|max_alert: 1000
[2025-12-09 20:45:07.640] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:45:07.640] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:45:08.935] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25966 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID36-tls1.2CS4.8_windowsserver2008_ubuntu_openjdk_domain.1727407534.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID36-tls1.2CS4.8_windowsserver2008_ubuntu_openjdk_domain.1727407534.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=6753bf01ebc65abb5fb1c9891f8d7a49be78ca94024b3338121cb942a3575d5a&X-Amz-Expires=604800&X-Amz-Date=20251209T124508Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:45:08.935] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:45:08.935] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:45:08.935] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:45:08.935] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:45:08.935] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:45:08.936] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:45:12.098] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID36-tls1.2CS4.8_windowsserver2008_ubuntu_openjdk_domain.1727407534.jsonl|result:{"code": 1, "total_count": 62, "abnormal_count": 24, "normal_count": 38, "alert_count": 24, "timestamp": 1765313112096, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727407596571162, "etime": 1727407596571162, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49785, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407612404800, "etime": 1727407612404800, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49801, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407609331268, "etime": 1727407609331268, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49796, "dest_port": 8843, "protocol": "tls", "result": "Behinder"}, {"stime": 1727407614450969, "etime": 1727407614450969, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49804, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407534463177, "etime": 1727407534463177, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49781, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407594480375, "etime": 1727407594480375, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49782, "dest_port": 8843, "protocol": "tls", "result": "Behinder"}, {"stime": 1727407604233339, "etime": 1727407604233339, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49790, "dest_port": 8843, "protocol": "tls", "result": "Antsword"}, {"stime": 1727407611374802, "etime": 1727407611374802, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49799, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407632247834, "etime": 1727407632247834, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49820, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407634276157, "etime": 1727407634276157, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49822, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407638378480, "etime": 1727407638378480, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49828, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407640421873, "etime": 1727407640421873, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49831, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407644493895, "etime": 1727407644493895, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49835, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407645530878, "etime": 1727407645530878, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49837, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407630204156, "etime": 1727407630204156, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49818, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407625135533, "etime": 1727407625135533, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49813, "dest_port": 8843, "protocol": "tls", "result": "Antsword"}, {"stime": 1727407626148174, "etime": 1727407626148174, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49814, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407628176002, "etime": 1727407628176002, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49816, "dest_port": 8843, "protocol": "tls", "result": "Behinder"}, {"stime": 1727407617505864, "etime": 1727407617505864, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49807, "dest_port": 8843, "protocol": "tls", "result": "Behinder"}, {"stime": 1727407642450297, "etime": 1727407642450297, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49833, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407609353567, "etime": 1727407609353567, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49797, "dest_port": 8843, "protocol": "tls", "result": "Behinder"}, {"stime": 1727407613418302, "etime": 1727407613418302, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49802, "dest_port": 8843, "protocol": "tls", "result": "Behinder"}, {"stime": 1727407618519725, "etime": 1727407618519725, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49808, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407648581152, "etime": 1727407648581152, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49840, "dest_port": 8843, "protocol": "tls", "result": "Behinder"}, {"stime": 1727407629190245, "etime": 1727407629190245, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49817, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407647568252, "etime": 1727407647568252, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49839, "dest_port": 8843, "protocol": "tls", "result": "Behinder"}, {"stime": 1727407610361104, "etime": 1727407610361104, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49798, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407598598966, "etime": 1727407598598966, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49787, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407623059084, "etime": 1727407623059084, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49810, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407636335162, "etime": 1727407636335162, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49825, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407595563335, "etime": 1727407595563335, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49784, "dest_port": 8843, "protocol": "tls", "result": "Antsword"}, {"stime": 1727407633262367, "etime": 1727407633262367, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49821, "dest_port": 8843, "protocol": "tls", "result": "Behinder"}, {"stime": 1727407595493899, "etime": 1727407595493899, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49783, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407641436214, "etime": 1727407641436214, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49832, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407634304712, "etime": 1727407634304712, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49823, "dest_port": 8843, "protocol": "tls", "result": "Antsword"}, {"stime": 1727407648592070, "etime": 1727407648592070, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49841, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407643479872, "etime": 1727407643479872, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49834, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407625087519, "etime": 1727407625087519, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49812, "dest_port": 8843, "protocol": "tls", "result": "Behinder"}, {"stime": 1727407605244566, "etime": 1727407605244566, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49791, "dest_port": 8843, "protocol": "tls", "result": "Behinder"}, {"stime": 1727407639408416, "etime": 1727407639408416, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49830, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407599612512, "etime": 1727407599612512, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49788, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407635320641, "etime": 1727407635320641, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49824, "dest_port": 8843, "protocol": "tls", "result": "Behinder"}, {"stime": 1727407636352279, "etime": 1727407636352279, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49826, "dest_port": 8843, "protocol": "tls", "result": "Behinder"}, {"stime": 1727407608317622, "etime": 1727407608317622, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49795, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407597584279, "etime": 1727407597584279, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49786, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407600626462, "etime": 1727407600626462, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49789, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407615462789, "etime": 1727407615462789, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49805, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407616476799, "etime": 1727407616476799, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49806, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407624073919, "etime": 1727407624073919, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49811, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407614433007, "etime": 1727407614433007, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49803, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407611391621, "etime": 1727407611391621, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49800, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407606259147, "etime": 1727407606259147, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49792, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407607303731, "etime": 1727407607303731, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49794, "dest_port": 8843, "protocol": "tls", "result": "Behinder"}, {"stime": 1727407637365476, "etime": 1727407637365476, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49827, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407638396115, "etime": 1727407638396115, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49829, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407646538028, "etime": 1727407646538028, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49838, "dest_port": 8843, "protocol": "tls", "result": "Behinder"}, {"stime": 1727407627161884, "etime": 1727407627161884, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49815, "dest_port": 8843, "protocol": "tls", "result": "Normal"}, {"stime": 1727407645508096, "etime": 1727407645508096, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49836, "dest_port": 8843, "protocol": "tls", "result": "Behinder"}, {"stime": 1727407606290041, "etime": 1727407606290041, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49793, "dest_port": 8843, "protocol": "tls", "result": "Behinder"}, {"stime": 1727407622049509, "etime": 1727407622049509, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49809, "dest_port": 8843, "protocol": "tls", "result": "Antsword"}, {"stime": 1727407631233788, "etime": 1727407631233788, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49819, "dest_port": 8843, "protocol": "tls", "result": "Behinder"}, {"stime": 1727407534410295, "etime": 1727407534410295, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49780, "dest_port": 8843, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:45:12.098] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 24|max_alert: 1000
[2025-12-09 20:45:12.098] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:45:12.098] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:45:12.137] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25967 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_domain_mogai6zwlkhflow1zwrkh.1726646047.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_domain_mogai6zwlkhflow1zwrkh.1726646047.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Signature=38c74626382d43636599d34b8a77d2572dde60b35218fde36336450170412a85&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T124511Z"}
[2025-12-09 20:45:12.137] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:45:12.137] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:45:12.137] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:45:12.137] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:45:12.137] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:45:12.137] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:45:12.195] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_domain_mogai6zwlkhflow1zwrkh.1726646047.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765313112194, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726646047170840, "etime": 1726646047170840, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49307, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:45:12.195] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:45:12.195] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:45:12.195] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:45:15.247] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24289 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID36-httpCS4.8_windowsserver2008_ubuntu_openjdk_domain1.1727406879.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID36-httpCS4.8_windowsserver2008_ubuntu_openjdk_domain1.1727406879.jsonl?X-Amz-Date=20251209T124514Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Signature=44159b9b5a6e0512db23000eea2625ca5f484078232bc32f92170f169129441a&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:45:15.248] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:45:15.248] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:45:15.248] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:45:15.248] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:45:15.248] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:45:15.248] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:45:20.963] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID36-httpCS4.8_windowsserver2008_ubuntu_openjdk_domain1.1727406879.jsonl|result:{"code": 0, "total_count": 109, "abnormal_count": 0, "normal_count": 109, "alert_count": 0, "timestamp": 1765313120961, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727406961680540, "etime": 1727406961680540, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49541, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407010040583, "etime": 1727407010040583, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49591, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406982023749, "etime": 1727406982023749, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49562, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406974862320, "etime": 1727406974862320, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49554, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406986094422, "etime": 1727406986094422, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49567, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406982043051, "etime": 1727406982043051, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49563, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406995783453, "etime": 1727406995783453, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49574, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407013082823, "etime": 1727407013082823, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49594, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407015110704, "etime": 1727407015110704, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49596, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407017138256, "etime": 1727407017138256, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49598, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406985080393, "etime": 1727406985080393, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49566, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406977967492, "etime": 1727406977967492, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49558, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407018152460, "etime": 1727407018152460, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49599, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407019182574, "etime": 1727407019182574, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49601, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406966750682, "etime": 1727406966750682, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49546, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407020196540, "etime": 1727407020196540, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49602, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407023239099, "etime": 1727407023239099, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49605, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406972834513, "etime": 1727406972834513, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49552, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407024282700, "etime": 1727407024282700, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49607, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407025297208, "etime": 1727407025297208, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49608, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406952554772, "etime": 1727406952554772, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49532, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406969792621, "etime": 1727406969792621, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49549, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406970806468, "etime": 1727406970806468, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49550, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406971821156, "etime": 1727406971821156, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49551, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407029368823, "etime": 1727407029368823, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49613, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407041139764, "etime": 1727407041139764, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49625, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406976955611, "etime": 1727406976955611, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49557, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406953568453, "etime": 1727406953568453, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49533, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406968779701, "etime": 1727406968779701, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49548, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406979995227, "etime": 1727406979995227, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49560, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407004972461, "etime": 1727407004972461, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49586, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407018171921, "etime": 1727407018171921, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49600, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406978981830, "etime": 1727406978981830, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49559, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406958638216, "etime": 1727406958638216, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49538, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406948498310, "etime": 1727406948498310, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49528, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407026328530, "etime": 1727407026328530, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49610, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407041131718, "etime": 1727407041131718, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49624, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406988122528, "etime": 1727406988122528, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49569, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406999838285, "etime": 1727406999838285, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49578, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406939341326, "etime": 1727406939341326, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49519, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407008012966, "etime": 1727407008012966, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49589, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406957624761, "etime": 1727406957624761, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49537, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407000883336, "etime": 1727407000883336, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49580, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407002911465, "etime": 1727407002911465, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49582, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407005984593, "etime": 1727407005984593, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49587, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407022224722, "etime": 1727407022224722, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49604, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407039105194, "etime": 1727407039105194, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49622, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406983052271, "etime": 1727406983052271, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49564, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407032442196, "etime": 1727407032442196, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49617, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406967764280, "etime": 1727406967764280, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49547, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406997810289, "etime": 1727406997810289, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49576, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406993762503, "etime": 1727406993762503, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49572, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407024252720, "etime": 1727407024252720, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49606, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407028356331, "etime": 1727407028356331, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49612, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407031428386, "etime": 1727407031428386, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49616, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407038080015, "etime": 1727407038080015, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49620, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406943412692, "etime": 1727406943412692, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49523, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406946469541, "etime": 1727406946469541, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49526, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406956610473, "etime": 1727406956610473, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49536, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406960667101, "etime": 1727406960667101, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49540, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406951540562, "etime": 1727406951540562, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49531, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406976890582, "etime": 1727406976890582, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49556, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407033456288, "etime": 1727407033456288, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49618, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407039087737, "etime": 1727407039087737, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49621, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407026311522, "etime": 1727407026311522, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49609, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406940371019, "etime": 1727406940371019, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49520, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407016124983, "etime": 1727407016124983, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49597, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407034470275, "etime": 1727407034470275, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49619, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406962694242, "etime": 1727406962694242, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49542, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406879336359, "etime": 1727406879336359, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49518, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406963708959, "etime": 1727406963708959, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49543, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407011054504, "etime": 1727407011054504, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49592, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407002926031, "etime": 1727407002926031, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49583, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407012068456, "etime": 1727407012068456, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49593, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406973848648, "etime": 1727406973848648, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49553, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407003940904, "etime": 1727407003940904, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49584, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407040117322, "etime": 1727407040117322, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49623, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407027341342, "etime": 1727407027341342, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49611, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406947484195, "etime": 1727406947484195, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49527, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406965736736, "etime": 1727406965736736, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49545, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407030414230, "etime": 1727407030414230, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49615, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407009026692, "etime": 1727407009026692, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49590, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406981008835, "etime": 1727406981008835, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49561, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406949512429, "etime": 1727406949512429, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49529, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406975876917, "etime": 1727406975876917, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49555, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406989136598, "etime": 1727406989136598, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49570, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407006998527, "etime": 1727407006998527, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49588, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406945440986, "etime": 1727406945440986, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49525, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406994771208, "etime": 1727406994771208, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49573, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407014096405, "etime": 1727407014096405, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49595, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406987108477, "etime": 1727406987108477, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49568, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407021210879, "etime": 1727407021210879, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49603, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406999869971, "etime": 1727406999869971, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49579, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406984066936, "etime": 1727406984066936, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49565, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407029411488, "etime": 1727407029411488, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49614, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406990150401, "etime": 1727406990150401, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49571, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406879324061, "etime": 1727406879324061, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49517, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406941384813, "etime": 1727406941384813, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49521, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406950526167, "etime": 1727406950526167, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49530, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406996796337, "etime": 1727406996796337, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49575, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406998824087, "etime": 1727406998824087, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49577, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406954582396, "etime": 1727406954582396, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49534, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406959653081, "etime": 1727406959653081, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49539, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406944426887, "etime": 1727406944426887, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49524, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406955596587, "etime": 1727406955596587, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49535, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406964722924, "etime": 1727406964722924, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49544, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407001897566, "etime": 1727407001897566, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49581, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407004955069, "etime": 1727407004955069, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49585, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727406942398829, "etime": 1727406942398829, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49522, "dest_port": 8070, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:45:20.963] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:45:20.963] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24290 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID3_CS4.8_win11_Ubuntu_jdk_Domain_tls1.2.1727153252.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID3_CS4.8_win11_Ubuntu_jdk_Domain_tls1.2.1727153252.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=0d961e1e635fbb43bce9e2dfdd2b90a6c938574707fcabc132982e41c89d6c7f&X-Amz-Date=20251209T124517Z"}
[2025-12-09 20:45:20.963] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:45:20.963] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:45:20.963] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:45:20.963] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:45:20.963] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:45:20.964] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:45:23.462] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID3_CS4.8_win11_Ubuntu_jdk_Domain_tls1.2.1727153252.jsonl|result:{"code": 1, "total_count": 50, "abnormal_count": 1, "normal_count": 49, "alert_count": 1, "timestamp": 1765313123461, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727153353174214, "etime": 1727153353174214, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55771, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153322359550, "etime": 1727153322359550, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55740, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153339797533, "etime": 1727153339797533, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55757, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153343899471, "etime": 1727153343899471, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55762, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153346985828, "etime": 1727153346985828, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55765, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153333656576, "etime": 1727153333656576, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55751, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153335698495, "etime": 1727153335698495, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55753, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153352147992, "etime": 1727153352147992, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55770, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153348012770, "etime": 1727153348012770, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55766, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153314929332, "etime": 1727153314929332, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55737, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153344914074, "etime": 1727153344914074, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55763, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153364469442, "etime": 1727153364469442, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55782, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153332645621, "etime": 1727153332645621, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55750, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153337732620, "etime": 1727153337732620, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55755, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153358317675, "etime": 1727153358317675, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55776, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153321309719, "etime": 1727153321309719, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55739, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153355240124, "etime": 1727153355240124, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55773, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153252243740, "etime": 1727153252243740, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55733, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727153342873856, "etime": 1727153342873856, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55761, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153345951943, "etime": 1727153345951943, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55764, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153330580201, "etime": 1727153330580201, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55748, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153361394648, "etime": 1727153361394648, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55779, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153325432656, "etime": 1727153325432656, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55743, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153360375131, "etime": 1727153360375131, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55778, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153323381759, "etime": 1727153323381759, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55741, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153363445721, "etime": 1727153363445721, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55781, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153365502443, "etime": 1727153365502443, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55783, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153357288042, "etime": 1727153357288042, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55775, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153359343115, "etime": 1727153359343115, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55777, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153324397735, "etime": 1727153324397735, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55742, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153329557003, "etime": 1727153329557003, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55747, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153354200890, "etime": 1727153354200890, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55772, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153366545028, "etime": 1727153366545028, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55784, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153338756442, "etime": 1727153338756442, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55756, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153366552220, "etime": 1727153366552220, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55785, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153328517493, "etime": 1727153328517493, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55746, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153351115206, "etime": 1727153351115206, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55769, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153254859530, "etime": 1727153254859530, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55734, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153327493111, "etime": 1727153327493111, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55745, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153326457400, "etime": 1727153326457400, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55744, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153340816684, "etime": 1727153340816684, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55758, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153336713426, "etime": 1727153336713426, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55754, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153349051461, "etime": 1727153349051461, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55767, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153331623225, "etime": 1727153331623225, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55749, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153362423359, "etime": 1727153362423359, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55780, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153320283205, "etime": 1727153320283205, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55738, "dest_port": 9443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727153341844273, "etime": 1727153341844273, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55760, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153350084956, "etime": 1727153350084956, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55768, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153334666239, "etime": 1727153334666239, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55752, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153356264385, "etime": 1727153356264385, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55774, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:45:23.462] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:45:23.462] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:45:23.462] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:45:23.462] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24715 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID36-tls1.2CS4.8_windowsserver2008_ubuntu_openjdk_IP.1727406669.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID36-tls1.2CS4.8_windowsserver2008_ubuntu_openjdk_IP.1727406669.jsonl?X-Amz-Date=20251209T124521Z&X-Amz-Signature=f4d76b76322a8982ee1ca0bdb7d25907970d9daffab72d050fbb7b1ff2ab5eb3&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 20:45:23.462] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:45:23.462] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:45:23.462] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:45:23.462] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:45:23.462] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:45:23.462] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:45:26.089] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID36-tls1.2CS4.8_windowsserver2008_ubuntu_openjdk_IP.1727406669.jsonl|result:{"code": 1, "total_count": 58, "abnormal_count": 18, "normal_count": 40, "alert_count": 18, "timestamp": 1765313126088, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727406763279335, "etime": 1727406763279335, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49498, "dest_port": 443, "protocol": "tls", "result": "Behinder"}, {"stime": 1727406742797903, "etime": 1727406742797903, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49473, "dest_port": 443, "protocol": "tls", "result": "Behinder"}, {"stime": 1727406745854869, "etime": 1727406745854869, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49476, "dest_port": 443, "protocol": "tls", "result": "Behinder"}, {"stime": 1727406756087515, "etime": 1727406756087515, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49489, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406736167053, "etime": 1727406736167053, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49468, "dest_port": 443, "protocol": "tls", "result": "Behinder"}, {"stime": 1727406777943566, "etime": 1727406777943566, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49510, "dest_port": 443, "protocol": "tls", "result": "Behinder"}, {"stime": 1727406781016537, "etime": 1727406781016537, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49514, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406759197833, "etime": 1727406759197833, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49493, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727406733125390, "etime": 1727406733125390, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49465, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406748912276, "etime": 1727406748912276, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49480, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406753016919, "etime": 1727406753016919, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49485, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727406782030390, "etime": 1727406782030390, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49515, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406778958045, "etime": 1727406778958045, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49511, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406754029099, "etime": 1727406754029099, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49486, "dest_port": 443, "protocol": "tls", "result": "Behinder"}, {"stime": 1727406751969633, "etime": 1727406751969633, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49483, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406774891672, "etime": 1727406774891672, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49507, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727406759146065, "etime": 1727406759146065, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49492, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406729989085, "etime": 1727406729989085, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49461, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406743810719, "etime": 1727406743810719, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49474, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406760206550, "etime": 1727406760206550, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49494, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406782046464, "etime": 1727406782046464, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49516, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406767335178, "etime": 1727406767335178, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49502, "dest_port": 443, "protocol": "tls", "result": "Behinder"}, {"stime": 1727406778980955, "etime": 1727406778980955, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49512, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406734139239, "etime": 1727406734139239, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49466, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406758116454, "etime": 1727406758116454, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49491, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406765307562, "etime": 1727406765307562, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49500, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406746885578, "etime": 1727406746885578, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49478, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406731018645, "etime": 1727406731018645, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49462, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406744824773, "etime": 1727406744824773, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49475, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406740746821, "etime": 1727406740746821, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49470, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727406735152900, "etime": 1727406735152900, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49467, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406766321747, "etime": 1727406766321747, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49501, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406741751826, "etime": 1727406741751826, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49471, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406771392038, "etime": 1727406771392038, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49506, "dest_port": 443, "protocol": "tls", "result": "Behinder"}, {"stime": 1727406750939574, "etime": 1727406750939574, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49482, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406669967219, "etime": 1727406669967219, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49460, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406768350195, "etime": 1727406768350195, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49503, "dest_port": 443, "protocol": "tls", "result": "Behinder"}, {"stime": 1727406746867970, "etime": 1727406746867970, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49477, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406749925797, "etime": 1727406749925797, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49481, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406770377473, "etime": 1727406770377473, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49505, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406755058768, "etime": 1727406755058768, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49488, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406779987621, "etime": 1727406779987621, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49513, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406747897995, "etime": 1727406747897995, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49479, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406776929131, "etime": 1727406776929131, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49509, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406762234859, "etime": 1727406762234859, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49496, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406732032803, "etime": 1727406732032803, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49463, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406669686923, "etime": 1727406669686923, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49458, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727406769363678, "etime": 1727406769363678, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49504, "dest_port": 443, "protocol": "tls", "result": "Behinder"}, {"stime": 1727406737180636, "etime": 1727406737180636, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49469, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406732102910, "etime": 1727406732102910, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49464, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727406741780759, "etime": 1727406741780759, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49472, "dest_port": 443, "protocol": "tls", "result": "Behinder"}, {"stime": 1727406757101921, "etime": 1727406757101921, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49490, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406752983134, "etime": 1727406752983134, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49484, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406761220761, "etime": 1727406761220761, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49495, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406764293641, "etime": 1727406764293641, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49499, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406775915694, "etime": 1727406775915694, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49508, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406762254659, "etime": 1727406762254659, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49497, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727406754046655, "etime": 1727406754046655, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49487, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:45:26.089] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 18|max_alert: 1000
[2025-12-09 20:45:26.089] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:45:26.089] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:45:26.089] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24291 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_domain_mogai5zwlkhflow1zwrkh.1726645925.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_domain_mogai5zwlkhflow1zwrkh.1726645925.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T124524Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=3a2441656b62f8f41a00247a1ac4ccea370a27bb089fd08a3944de10cd8b84ea"}
[2025-12-09 20:45:26.089] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:45:26.089] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:45:26.090] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:45:26.090] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:45:26.090] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:45:26.090] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:45:26.136] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_domain_mogai5zwlkhflow1zwrkh.1726645925.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765313126136, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726645925627936, "etime": 1726645925627936, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49306, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:45:26.136] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:45:26.136] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:45:26.136] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:45:27.959] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24716 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_domain_mogai5zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49306.1726645925.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_domain_mogai5zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49306.1726645925.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T124527Z&X-Amz-Signature=8d8470403d0b21b6b94aec677a5f68f1e6624f18946f60c00d0adac58c9a15bc"}
[2025-12-09 20:45:27.959] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:45:27.959] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:45:27.959] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:45:27.959] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:45:27.959] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:45:27.960] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:45:28.016] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_domain_mogai5zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49306.1726645925.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765313128016, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726645925627936, "etime": 1726645925627936, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49306, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:45:28.016] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:45:28.016] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:45:28.016] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:45:31.133] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24717 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_domain_mogai6zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49307.1726646047.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_domain_mogai6zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49307.1726646047.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=6fcdf46cc3063f9817e38e2747029b920e78c372788ada8c93fb5dca2fa68a6c&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T124530Z"}
[2025-12-09 20:45:31.134] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:45:31.134] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:45:31.134] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:45:31.134] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:45:31.134] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:45:31.135] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:45:31.230] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_domain_mogai6zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49307.1726646047.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765313131229, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726646047170840, "etime": 1726646047170840, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49307, "dest_port": 50050, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:45:31.230] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:45:31.230] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:45:31.230] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:45:34.265] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24718 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID4_CS4.8_win11_Ubuntu_openjdk_IP_http.1727056582.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID4_CS4.8_win11_Ubuntu_openjdk_IP_http.1727056582.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T124533Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=3a7f299aed282d1fd51310837654396169b1abcfdf2288e842612e347ea13c3c&X-Amz-SignedHeaders=host"}
[2025-12-09 20:45:34.265] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:45:34.265] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:45:34.265] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:45:34.265] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:45:34.265] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:45:34.266] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:45:40.320] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID4_CS4.8_win11_Ubuntu_openjdk_IP_http.1727056582.jsonl|result:{"code": 0, "total_count": 116, "abnormal_count": 0, "normal_count": 116, "alert_count": 0, "timestamp": 1765313140319, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727056753369612, "etime": 1727056753369612, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57847, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056683457144, "etime": 1727056683457144, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57777, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056704963098, "etime": 1727056704963098, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57795, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056676129859, "etime": 1727056676129859, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57770, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056707046026, "etime": 1727056707046026, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57797, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056734430440, "etime": 1727056734430440, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57826, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056721582003, "etime": 1727056721582003, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57813, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056666421046, "etime": 1727056666421046, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57760, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056744931987, "etime": 1727056744931987, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57837, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056681376763, "etime": 1727056681376763, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57775, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056679242188, "etime": 1727056679242188, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57773, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056700021099, "etime": 1727056700021099, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57793, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056582923821, "etime": 1727056582923821, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57733, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056662300648, "etime": 1727056662300648, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57756, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056714352028, "etime": 1727056714352028, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57805, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056711217952, "etime": 1727056711217952, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57801, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056733265481, "etime": 1727056733265481, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57825, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056749160268, "etime": 1727056749160268, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57843, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056694844937, "etime": 1727056694844937, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57788, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056757592660, "etime": 1727056757592660, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57851, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056673007648, "etime": 1727056673007648, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57767, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056684502363, "etime": 1727056684502363, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57778, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056651914079, "etime": 1727056651914079, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57746, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056754417973, "etime": 1727056754417973, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57848, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056697931980, "etime": 1727056697931980, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57791, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056685536131, "etime": 1727056685536131, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57779, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056709125142, "etime": 1727056709125142, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57799, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056661267265, "etime": 1727056661267265, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57755, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056705995723, "etime": 1727056705995723, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57796, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056646572575, "etime": 1727056646572575, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57741, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056650840091, "etime": 1727056650840091, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57745, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056671980344, "etime": 1727056671980344, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57766, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056655013728, "etime": 1727056655013728, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57749, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056724749214, "etime": 1727056724749214, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57816, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056670954848, "etime": 1727056670954848, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57765, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056726843499, "etime": 1727056726843499, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57818, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056732205720, "etime": 1727056732205720, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57824, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056703930527, "etime": 1727056703930527, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57794, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056744980908, "etime": 1727056744980908, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57838, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056741772446, "etime": 1727056741772446, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57833, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056643029452, "etime": 1727056643029452, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57737, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056689706805, "etime": 1727056689706805, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57783, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056692790171, "etime": 1727056692790171, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57786, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056748118286, "etime": 1727056748118286, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57842, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056716421435, "etime": 1727056716421435, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57807, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056737581004, "etime": 1727056737581004, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57829, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056696906008, "etime": 1727056696906008, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57790, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056713313779, "etime": 1727056713313779, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57804, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056582972957, "etime": 1727056582972957, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57734, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056708084335, "etime": 1727056708084335, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57798, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056727911677, "etime": 1727056727911677, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57819, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056739690030, "etime": 1727056739690030, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57831, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056751258441, "etime": 1727056751258441, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57845, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056742814133, "etime": 1727056742814133, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57834, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056688653859, "etime": 1727056688653859, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57782, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056680351291, "etime": 1727056680351291, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57774, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056653977586, "etime": 1727056653977586, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57748, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056719521023, "etime": 1727056719521023, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57811, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056747088587, "etime": 1727056747088587, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57841, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056755460630, "etime": 1727056755460630, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57849, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056746013639, "etime": 1727056746013639, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57839, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056668496516, "etime": 1727056668496516, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57762, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056664371351, "etime": 1727056664371351, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57758, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056659178774, "etime": 1727056659178774, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57753, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056718488241, "etime": 1727056718488241, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57810, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056667462438, "etime": 1727056667462438, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57761, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056715384726, "etime": 1727056715384726, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57806, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056645537502, "etime": 1727056645537502, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57740, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056728973369, "etime": 1727056728973369, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57820, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056738636558, "etime": 1727056738636558, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57830, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056758656511, "etime": 1727056758656511, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57853, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056663332577, "etime": 1727056663332577, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57757, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056660226728, "etime": 1727056660226728, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57754, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056720553484, "etime": 1727056720553484, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57812, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056742841755, "etime": 1727056742841755, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57835, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056750202630, "etime": 1727056750202630, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57844, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056752324989, "etime": 1727056752324989, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57846, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056669538796, "etime": 1727056669538796, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57763, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056649688246, "etime": 1727056649688246, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57744, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056665406586, "etime": 1727056665406586, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57759, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056690741674, "etime": 1727056690741674, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57784, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056695883299, "etime": 1727056695883299, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57789, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056643482821, "etime": 1727056643482821, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57738, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056735460837, "etime": 1727056735460837, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57827, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056658141878, "etime": 1727056658141878, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57752, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056677167966, "etime": 1727056677167966, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57771, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056743875247, "etime": 1727056743875247, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57836, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056686582593, "etime": 1727056686582593, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57780, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056675071404, "etime": 1727056675071404, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57769, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056682418301, "etime": 1727056682418301, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57776, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056723667846, "etime": 1727056723667846, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57815, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056756512672, "etime": 1727056756512672, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57850, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056656051911, "etime": 1727056656051911, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57750, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056652943478, "etime": 1727056652943478, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57747, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056698980098, "etime": 1727056698980098, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57792, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056644509074, "etime": 1727056644509074, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57739, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056722619749, "etime": 1727056722619749, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57814, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056669920496, "etime": 1727056669920496, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57764, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056678208190, "etime": 1727056678208190, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57772, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056687606743, "etime": 1727056687606743, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57781, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056712267148, "etime": 1727056712267148, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57803, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056717453412, "etime": 1727056717453412, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57809, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056730044729, "etime": 1727056730044729, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57821, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056740723798, "etime": 1727056740723798, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57832, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056657101006, "etime": 1727056657101006, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57751, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056725797678, "etime": 1727056725797678, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57817, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056710178620, "etime": 1727056710178620, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57800, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056736519309, "etime": 1727056736519309, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57828, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056731137056, "etime": 1727056731137056, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57822, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056693813780, "etime": 1727056693813780, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57787, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056674036400, "etime": 1727056674036400, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57768, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056648645783, "etime": 1727056648645783, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57743, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056758627353, "etime": 1727056758627353, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57852, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056746049247, "etime": 1727056746049247, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57840, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056647606635, "etime": 1727056647606635, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57742, "dest_port": 8888, "protocol": "tls", "result": "Normal"}, {"stime": 1727056691768464, "etime": 1727056691768464, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 57785, "dest_port": 8888, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:45:40.320] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:45:40.320] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24292 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID4_CS4.8_win11_Ubuntu_openjdk_IP_tls1.2.1727149393.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID4_CS4.8_win11_Ubuntu_openjdk_IP_tls1.2.1727149393.jsonl?X-Amz-Date=20251209T124536Z&X-Amz-Signature=5d1eb38101013a2e42a38d073e9077e9818d671ff3fdb7c0cb47d449c0843381&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:45:40.320] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:45:40.320] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:45:40.321] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:45:40.321] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:45:40.321] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:45:40.321] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:45:42.617] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID4_CS4.8_win11_Ubuntu_openjdk_IP_tls1.2.1727149393.jsonl|result:{"code": 1, "total_count": 53, "abnormal_count": 2, "normal_count": 51, "alert_count": 2, "timestamp": 1765313142615, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727149461260090, "etime": 1727149461260090, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55297, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149469417515, "etime": 1727149469417515, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55306, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149488985741, "etime": 1727149488985741, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55325, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149393725445, "etime": 1727149393725445, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55278, "dest_port": 801, "protocol": "tls", "result": "Normal"}, {"stime": 1727149470454453, "etime": 1727149470454453, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55307, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149487954670, "etime": 1727149487954670, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55324, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149504816209, "etime": 1727149504816209, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55354, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727149491070601, "etime": 1727149491070601, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55327, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149495153070, "etime": 1727149495153070, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55331, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149505843847, "etime": 1727149505843847, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55355, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149464326283, "etime": 1727149464326283, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55300, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149472494879, "etime": 1727149472494879, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55309, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149456367800, "etime": 1727149456367800, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55292, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149480752469, "etime": 1727149480752469, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55317, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149481781104, "etime": 1727149481781104, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55318, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149486925811, "etime": 1727149486925811, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55323, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149396312916, "etime": 1727149396312916, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55280, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149482806997, "etime": 1727149482806997, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55319, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149479704024, "etime": 1727149479704024, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55316, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149478675979, "etime": 1727149478675979, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55315, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149485896877, "etime": 1727149485896877, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55322, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149475584890, "etime": 1727149475584890, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55312, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149490037709, "etime": 1727149490037709, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55326, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149484865433, "etime": 1727149484865433, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55321, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149493103882, "etime": 1727149493103882, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55329, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149496179892, "etime": 1727149496179892, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55332, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149476614232, "etime": 1727149476614232, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55313, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149460230855, "etime": 1727149460230855, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55296, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149497204297, "etime": 1727149497204297, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55333, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149471475391, "etime": 1727149471475391, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55308, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149500299546, "etime": 1727149500299546, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55338, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149506873149, "etime": 1727149506873149, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55356, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149508924965, "etime": 1727149508924965, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55359, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149509952312, "etime": 1727149509952312, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55360, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149510972390, "etime": 1727149510972390, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55361, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149498237397, "etime": 1727149498237397, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55335, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149483832189, "etime": 1727149483832189, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55320, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149511004316, "etime": 1727149511004316, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55362, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149458180430, "etime": 1727149458180430, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55294, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727149462280909, "etime": 1727149462280909, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55298, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149463311536, "etime": 1727149463311536, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55299, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149465339427, "etime": 1727149465339427, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55301, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149473531900, "etime": 1727149473531900, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55310, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149467375789, "etime": 1727149467375789, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55303, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149507894214, "etime": 1727149507894214, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55357, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149459204617, "etime": 1727149459204617, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55295, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149474556279, "etime": 1727149474556279, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55311, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149499265435, "etime": 1727149499265435, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55336, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149477649501, "etime": 1727149477649501, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55314, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149492089749, "etime": 1727149492089749, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55328, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149468389112, "etime": 1727149468389112, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55305, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149494132878, "etime": 1727149494132878, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55330, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727149466350916, "etime": 1727149466350916, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55302, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:45:42.617] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 2|max_alert: 1000
[2025-12-09 20:45:42.617] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:45:42.617] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:45:42.617] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25968 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID11-tls1.2CS4.8_win8.1_ubuntu_jdk_domain.1727153847.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID11-tls1.2CS4.8_win8.1_ubuntu_jdk_domain.1727153847.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T124540Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=1ac6a104c501dbfdc09df1ed8d882065fe6571f6fde6badb5fe8abd72c04f5a8"}
[2025-12-09 20:45:42.617] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:45:42.617] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:45:42.617] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:45:42.617] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:45:42.617] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:45:42.617] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:45:44.090] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID11-tls1.2CS4.8_win8.1_ubuntu_jdk_domain.1727153847.jsonl|result:{"code": 1, "total_count": 34, "abnormal_count": 1, "normal_count": 33, "alert_count": 1, "timestamp": 1765313144089, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727153921445578, "etime": 1727153921445578, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49416, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153935101457, "etime": 1727153935101457, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49431, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153920398069, "etime": 1727153920398069, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49415, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153847453856, "etime": 1727153847453856, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49402, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727153932992515, "etime": 1727153932992515, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49428, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153915178797, "etime": 1727153915178797, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49410, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153936147831, "etime": 1727153936147831, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49432, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153909461148, "etime": 1727153909461148, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49404, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153925673197, "etime": 1727153925673197, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49421, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153917272929, "etime": 1727153917272929, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49412, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153933043490, "etime": 1727153933043490, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49429, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153912053778, "etime": 1727153912053778, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49407, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153929866690, "etime": 1727153929866690, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49425, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153916210460, "etime": 1727153916210460, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49411, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153849397824, "etime": 1727153849397824, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49403, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153919365985, "etime": 1727153919365985, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49414, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153927772704, "etime": 1727153927772704, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49423, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153913100913, "etime": 1727153913100913, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49408, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153928820871, "etime": 1727153928820871, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49424, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153922475849, "etime": 1727153922475849, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49417, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153926727134, "etime": 1727153926727134, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49422, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153938227753, "etime": 1727153938227753, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49434, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153938275898, "etime": 1727153938275898, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49435, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153925616871, "etime": 1727153925616871, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49420, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153911007191, "etime": 1727153911007191, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49406, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153909960947, "etime": 1727153909960947, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49405, "dest_port": 9443, "protocol": "tls", "result": "Behinder"}, {"stime": 1727153924556229, "etime": 1727153924556229, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49419, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153934069321, "etime": 1727153934069321, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49430, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153914148495, "etime": 1727153914148495, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49409, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153918320298, "etime": 1727153918320298, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49413, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153937194583, "etime": 1727153937194583, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49433, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153930898829, "etime": 1727153930898829, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49426, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153931946271, "etime": 1727153931946271, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49427, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153923508381, "etime": 1727153923508381, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49418, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:45:44.090] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:45:44.090] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:45:44.090] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:45:44.090] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24719 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID15-tls1.2CS4.8_win8_ubuntu_jdk_domain.1727154653.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID15-tls1.2CS4.8_win8_ubuntu_jdk_domain.1727154653.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=57ad95ccf8ec7365fc52e604e49f9acbaf10c403c9e83a4d83e16f7c295bf7f5&X-Amz-Date=20251209T124543Z&X-Amz-Expires=604800"}
[2025-12-09 20:45:44.090] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:45:44.090] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:45:44.090] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:45:44.090] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:45:44.090] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:45:44.090] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:45:45.834] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID15-tls1.2CS4.8_win8_ubuntu_jdk_domain.1727154653.jsonl|result:{"code": 1, "total_count": 39, "abnormal_count": 2, "normal_count": 37, "alert_count": 2, "timestamp": 1765313145833, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727154750995703, "etime": 1727154750995703, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50144, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154721386491, "etime": 1727154721386491, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50117, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154729390066, "etime": 1727154729390066, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50124, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154748717591, "etime": 1727154748717591, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50142, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154751155453, "etime": 1727154751155453, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50145, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154732790286, "etime": 1727154732790286, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50127, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154745302297, "etime": 1727154745302297, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50139, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154653546974, "etime": 1727154653546974, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50110, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727154717973043, "etime": 1727154717973043, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50114, "dest_port": 9443, "protocol": "tls", "result": "Behinder"}, {"stime": 1727154743024909, "etime": 1727154743024909, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50137, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154749857229, "etime": 1727154749857229, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50143, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154728236108, "etime": 1727154728236108, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50123, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154739623579, "etime": 1727154739623579, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50134, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154725958030, "etime": 1727154725958030, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50121, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154740761734, "etime": 1727154740761734, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50135, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154746441116, "etime": 1727154746441116, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50140, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154730528188, "etime": 1727154730528188, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50125, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154716270081, "etime": 1727154716270081, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50113, "dest_port": 9443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727154723683131, "etime": 1727154723683131, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50119, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154737345373, "etime": 1727154737345373, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50132, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154741900838, "etime": 1727154741900838, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50136, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154731667570, "etime": 1727154731667570, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50126, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154724819806, "etime": 1727154724819806, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50120, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154655886937, "etime": 1727154655886937, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50111, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154755851395, "etime": 1727154755851395, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50150, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154738484222, "etime": 1727154738484222, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50133, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154744162453, "etime": 1727154744162453, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50138, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154727096389, "etime": 1727154727096389, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50122, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154735067990, "etime": 1727154735067990, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50130, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154747579534, "etime": 1727154747579534, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50141, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154720248999, "etime": 1727154720248999, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50116, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154733929298, "etime": 1727154733929298, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50128, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154752307167, "etime": 1727154752307167, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50146, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154753445311, "etime": 1727154753445311, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50147, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154754584030, "etime": 1727154754584030, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50148, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154722525396, "etime": 1727154722525396, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50118, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154736206932, "etime": 1727154736206932, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50131, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154755722764, "etime": 1727154755722764, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50149, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727154719111249, "etime": 1727154719111249, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.41", "src_port": 50115, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:45:45.834] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 2|max_alert: 1000
[2025-12-09 20:45:45.834] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:45:45.834] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:45:46.883] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24720 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID44-httpCS4.8_windowsserver2016_ubuntu_openjdk_IP.1727401095.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID44-httpCS4.8_windowsserver2016_ubuntu_openjdk_IP.1727401095.jsonl?X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=46a91e0a3e4dde14e46e0e7c595012bcad97a38a691c610bce3193d15c901875&X-Amz-Date=20251209T124546Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:45:46.883] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:45:46.883] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:45:46.883] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:45:46.883] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:45:46.883] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:45:46.884] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:45:51.088] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID44-httpCS4.8_windowsserver2016_ubuntu_openjdk_IP.1727401095.jsonl|result:{"code": 0, "total_count": 96, "abnormal_count": 0, "normal_count": 96, "alert_count": 0, "timestamp": 1765313151086, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727401172054501, "etime": 1727401172054501, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50254, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401169945145, "etime": 1727401169945145, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50251, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401160749292, "etime": 1727401160749292, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50241, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401238460845, "etime": 1727401238460845, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50327, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401174086502, "etime": 1727401174086502, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50256, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401178164621, "etime": 1727401178164621, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50260, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401228101368, "etime": 1727401228101368, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50315, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401175118073, "etime": 1727401175118073, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50257, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401234382584, "etime": 1727401234382584, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50323, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401211742153, "etime": 1727401211742153, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50298, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401213773441, "etime": 1727401213773441, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50300, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401201445423, "etime": 1727401201445423, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50285, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401179179687, "etime": 1727401179179687, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50261, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401192195649, "etime": 1727401192195649, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50274, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401199351530, "etime": 1727401199351530, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50282, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401196294948, "etime": 1727401196294948, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50279, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401208634452, "etime": 1727401208634452, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50293, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401215820788, "etime": 1727401215820788, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50302, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401181211115, "etime": 1727401181211115, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50263, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401221960927, "etime": 1727401221960927, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50308, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401188098529, "etime": 1727401188098529, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50269, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401225008472, "etime": 1727401225008472, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50311, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401210736931, "etime": 1727401210736931, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50297, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401171037737, "etime": 1727401171037737, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50253, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401182226571, "etime": 1727401182226571, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50264, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401214805537, "etime": 1727401214805537, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50301, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401168931633, "etime": 1727401168931633, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50250, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401208667519, "etime": 1727401208667519, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50294, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401219913972, "etime": 1727401219913972, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50306, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401227088027, "etime": 1727401227088027, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50314, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401170977742, "etime": 1727401170977742, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50252, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401231289228, "etime": 1727401231289228, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50319, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401156523172, "etime": 1727401156523172, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50236, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401166898847, "etime": 1727401166898847, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50248, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401209680332, "etime": 1727401209680332, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50295, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401164867296, "etime": 1727401164867296, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50246, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401238464777, "etime": 1727401238464777, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50328, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401159710859, "etime": 1727401159710859, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50240, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401165882688, "etime": 1727401165882688, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50247, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401204492407, "etime": 1727401204492407, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50288, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401223992262, "etime": 1727401223992262, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50310, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401216853063, "etime": 1727401216853063, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50303, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401162791058, "etime": 1727401162791058, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50243, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401194227045, "etime": 1727401194227045, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50276, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401237446230, "etime": 1727401237446230, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50326, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401161773973, "etime": 1727401161773973, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50242, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401191132495, "etime": 1727401191132495, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50272, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401233320651, "etime": 1727401233320651, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50321, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401095498631, "etime": 1727401095498631, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50234, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401210695335, "etime": 1727401210695335, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50296, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401155507776, "etime": 1727401155507776, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50235, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401183241980, "etime": 1727401183241980, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50265, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401157681151, "etime": 1727401157681151, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50238, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401163851811, "etime": 1727401163851811, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50245, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401095480004, "etime": 1727401095480004, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50233, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401176132839, "etime": 1727401176132839, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50258, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401190117109, "etime": 1727401190117109, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50271, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401217867552, "etime": 1727401217867552, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50304, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401196257802, "etime": 1727401196257802, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50278, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401203476406, "etime": 1727401203476406, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50287, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401180195691, "etime": 1727401180195691, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50262, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401199408145, "etime": 1727401199408145, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50283, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401220946314, "etime": 1727401220946314, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50307, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401230283000, "etime": 1727401230283000, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50318, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401232305213, "etime": 1727401232305213, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50320, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401233376406, "etime": 1727401233376406, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50322, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401235400279, "etime": 1727401235400279, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50324, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401158697920, "etime": 1727401158697920, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50239, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401205507715, "etime": 1727401205507715, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50289, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401167913927, "etime": 1727401167913927, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50249, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401189101257, "etime": 1727401189101257, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50270, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401193210586, "etime": 1727401193210586, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50275, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401198335709, "etime": 1727401198335709, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50281, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401187039149, "etime": 1727401187039149, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50267, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401162847666, "etime": 1727401162847666, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50244, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401156671245, "etime": 1727401156671245, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50237, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401188054690, "etime": 1727401188054690, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50268, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401202461561, "etime": 1727401202461561, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50286, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401197304652, "etime": 1727401197304652, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50280, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401222976503, "etime": 1727401222976503, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50309, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401225063377, "etime": 1727401225063377, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50312, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401230148779, "etime": 1727401230148779, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50317, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401200429447, "etime": 1727401200429447, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50284, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401195242285, "etime": 1727401195242285, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50277, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401207602131, "etime": 1727401207602131, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50292, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401191179477, "etime": 1727401191179477, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50273, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401229133252, "etime": 1727401229133252, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50316, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401218900042, "etime": 1727401218900042, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50305, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401236414448, "etime": 1727401236414448, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50325, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401186034323, "etime": 1727401186034323, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50266, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401206523294, "etime": 1727401206523294, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50290, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401177148407, "etime": 1727401177148407, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50259, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401206585685, "etime": 1727401206585685, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50291, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401226070544, "etime": 1727401226070544, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50313, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401212760778, "etime": 1727401212760778, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50299, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727401173071646, "etime": 1727401173071646, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50255, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:45:51.088] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:45:51.088] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25969 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID14-tls1.2CS4.8_win8_kali_openjdk_IP.1727156434.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID14-tls1.2CS4.8_win8_kali_openjdk_IP.1727156434.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=4bd018ec6136f11d5a107ff2aa143cb684a0966cbf6f92748b5285123cb0451f&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T124549Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 20:45:51.088] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:45:51.088] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:45:51.088] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:45:51.088] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:45:51.088] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:45:51.088] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:45:52.637] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID14-tls1.2CS4.8_win8_kali_openjdk_IP.1727156434.jsonl|result:{"code": 1, "total_count": 35, "abnormal_count": 3, "normal_count": 32, "alert_count": 3, "timestamp": 1765313152636, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727156528136049, "etime": 1727156528136049, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50300, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156519055507, "etime": 1727156519055507, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50292, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156497938593, "etime": 1727156497938593, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50272, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156504765960, "etime": 1727156504765960, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50278, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156508435098, "etime": 1727156508435098, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50282, "dest_port": 6443, "protocol": "tls", "result": "Behinder"}, {"stime": 1727156503627109, "etime": 1727156503627109, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50277, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156514111121, "etime": 1727156514111121, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50288, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156515639328, "etime": 1727156515639328, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50289, "dest_port": 6443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727156523580511, "etime": 1727156523580511, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50296, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156529274244, "etime": 1727156529274244, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50301, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156500211823, "etime": 1727156500211823, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50274, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156521302067, "etime": 1727156521302067, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50294, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156509570611, "etime": 1727156509570611, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50284, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156524718553, "etime": 1727156524718553, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50297, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156525857836, "etime": 1727156525857836, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50298, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156512971542, "etime": 1727156512971542, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50287, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156501355181, "etime": 1727156501355181, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50275, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156516778354, "etime": 1727156516778354, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50290, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156530412893, "etime": 1727156530412893, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50302, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156505889458, "etime": 1727156505889458, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50279, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156497747582, "etime": 1727156497747582, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50271, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156511833248, "etime": 1727156511833248, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50286, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156520178837, "etime": 1727156520178837, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50293, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156526996908, "etime": 1727156526996908, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50299, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156437388424, "etime": 1727156437388424, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50270, "dest_port": 6443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727156531552771, "etime": 1727156531552771, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50303, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156531682781, "etime": 1727156531682781, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50304, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156502488740, "etime": 1727156502488740, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50276, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156510694946, "etime": 1727156510694946, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50285, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156517916544, "etime": 1727156517916544, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50291, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156522441226, "etime": 1727156522441226, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50295, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156507014183, "etime": 1727156507014183, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50280, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156434881562, "etime": 1727156434881562, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50269, "dest_port": 8001, "protocol": "tls", "result": "Normal"}, {"stime": 1727156499072603, "etime": 1727156499072603, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50273, "dest_port": 6443, "protocol": "tls", "result": "Normal"}, {"stime": 1727156508151089, "etime": 1727156508151089, "src_ip": "192.168.32.46", "dest_ip": "192.168.32.42", "src_port": 50281, "dest_port": 6443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:45:52.637] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 3|max_alert: 1000
[2025-12-09 20:45:52.637] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:45:52.637] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:45:53.181] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24293 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID10-tls1.2CS4.8_win8.1_kali_openjdk_domain.1727075622.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID10-tls1.2CS4.8_win8.1_kali_openjdk_domain.1727075622.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=9463753d3c306c9c1af9e1577dc000fb4e1e601c81351d8d23e054248a403f5e&X-Amz-Date=20251209T124552Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:45:53.181] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:45:53.181] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:45:53.181] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:45:53.181] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:45:53.181] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:45:53.181] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:45:54.525] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID10-tls1.2CS4.8_win8.1_kali_openjdk_domain.1727075622.jsonl|result:{"code": 1, "total_count": 31, "abnormal_count": 1, "normal_count": 30, "alert_count": 1, "timestamp": 1765313154524, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727075714292801, "etime": 1727075714292801, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50352, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727075689254261, "etime": 1727075689254261, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50327, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727075693411701, "etime": 1727075693411701, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50331, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727075696553256, "etime": 1727075696553256, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50334, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727075704895480, "etime": 1727075704895480, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50342, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727075708005459, "etime": 1727075708005459, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50345, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727075692365669, "etime": 1727075692365669, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50330, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727075700723822, "etime": 1727075700723822, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50338, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727075688223131, "etime": 1727075688223131, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50326, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727075694459612, "etime": 1727075694459612, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50332, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727075706962746, "etime": 1727075706962746, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50344, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727075690285766, "etime": 1727075690285766, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50328, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727075695520139, "etime": 1727075695520139, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50333, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727075698646633, "etime": 1727075698646633, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50336, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727075622830456, "etime": 1727075622830456, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50322, "dest_port": 801, "protocol": "tls", "result": "Normal"}, {"stime": 1727075711145729, "etime": 1727075711145729, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50348, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727075712195008, "etime": 1727075712195008, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50349, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727075703848280, "etime": 1727075703848280, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50341, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727075710098836, "etime": 1727075710098836, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50347, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727075625165303, "etime": 1727075625165303, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50323, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727075697599515, "etime": 1727075697599515, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50335, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727075691318375, "etime": 1727075691318375, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50329, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727075713239078, "etime": 1727075713239078, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50350, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727075709051717, "etime": 1727075709051717, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50346, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727075705927383, "etime": 1727075705927383, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50343, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727075701770571, "etime": 1727075701770571, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50339, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727075687183876, "etime": 1727075687183876, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50325, "dest_port": 4431, "protocol": "tls", "result": "Behinder"}, {"stime": 1727075685223318, "etime": 1727075685223318, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50324, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727075702801624, "etime": 1727075702801624, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50340, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727075714271031, "etime": 1727075714271031, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50351, "dest_port": 4431, "protocol": "tls", "result": "Normal"}, {"stime": 1727075699692956, "etime": 1727075699692956, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.42", "src_port": 50337, "dest_port": 4431, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:45:54.525] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:45:54.525] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:45:54.525] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:45:56.339] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24721 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID12-tls1.2CS4.8_win8.1_ubuntu_openjdk_domain.1727155214.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID12-tls1.2CS4.8_win8.1_ubuntu_openjdk_domain.1727155214.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T124555Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=057e8c14118374c232bb2c1bb409459e526525d75cd02e922b1b89d9db8a62bc&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 20:45:56.339] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:45:56.339] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:45:56.339] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:45:56.339] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:45:56.339] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:45:56.340] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:45:57.764] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID12-tls1.2CS4.8_win8.1_ubuntu_openjdk_domain.1727155214.jsonl|result:{"code": 1, "total_count": 32, "abnormal_count": 2, "normal_count": 30, "alert_count": 2, "timestamp": 1765313157763, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727155278256821, "etime": 1727155278256821, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49472, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155282428507, "etime": 1727155282428507, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49476, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155288739798, "etime": 1727155288739798, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49483, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155294428233, "etime": 1727155294428233, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49488, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155301803760, "etime": 1727155301803760, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49496, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155293384586, "etime": 1727155293384586, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49487, "dest_port": 9443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727155298599476, "etime": 1727155298599476, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49492, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155277218175, "etime": 1727155277218175, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49471, "dest_port": 9443, "protocol": "tls", "result": "Behinder"}, {"stime": 1727155284583471, "etime": 1727155284583471, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49479, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155279302935, "etime": 1727155279302935, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49473, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155303896430, "etime": 1727155303896430, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49498, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155300756087, "etime": 1727155300756087, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49495, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155286647065, "etime": 1727155286647065, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49481, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155282519245, "etime": 1727155282519245, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49477, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155296536707, "etime": 1727155296536707, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49490, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155295478235, "etime": 1727155295478235, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49489, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155283552406, "etime": 1727155283552406, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49478, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155297569363, "etime": 1727155297569363, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49491, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155289772257, "etime": 1727155289772257, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49484, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155299631319, "etime": 1727155299631319, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49493, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155214749328, "etime": 1727155214749328, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49468, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727155216730739, "etime": 1727155216730739, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49469, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155290819204, "etime": 1727155290819204, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49485, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155299713847, "etime": 1727155299713847, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49494, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155303938613, "etime": 1727155303938613, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49499, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155280333717, "etime": 1727155280333717, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49474, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155287693700, "etime": 1727155287693700, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49482, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155302851039, "etime": 1727155302851039, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49497, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155285615058, "etime": 1727155285615058, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49480, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155276803988, "etime": 1727155276803988, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49470, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155281364718, "etime": 1727155281364718, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49475, "dest_port": 9443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155291880495, "etime": 1727155291880495, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49486, "dest_port": 9443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:45:57.764] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 2|max_alert: 1000
[2025-12-09 20:45:57.764] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:45:57.764] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:45:59.530] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24722 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID48-tls1.2CS4.8_windowsserver2022_ubuntu_openjdk_IP.1727315594.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID48-tls1.2CS4.8_windowsserver2022_ubuntu_openjdk_IP.1727315594.jsonl?X-Amz-Signature=528367e53b7dd2ee4c0c2b9f383de9ddc7076d4dbfadeeb5239aab0503eae1b7&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T124559Z&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:45:59.530] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:45:59.530] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:45:59.530] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:45:59.530] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:45:59.530] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:45:59.530] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:46:00.699] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID48-tls1.2CS4.8_windowsserver2022_ubuntu_openjdk_IP.1727315594.jsonl|result:{"code": 1, "total_count": 27, "abnormal_count": 5, "normal_count": 22, "alert_count": 5, "timestamp": 1765313160698, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727315594926828, "etime": 1727315594926828, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49687, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727315594980581, "etime": 1727315594980581, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49688, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727315784158621, "etime": 1727315784158621, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49702, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727315787205688, "etime": 1727315787205688, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49705, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727315777984988, "etime": 1727315777984988, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49695, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727315787279964, "etime": 1727315787279964, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49706, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727315789368292, "etime": 1727315789368292, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49708, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727315792489115, "etime": 1727315792489115, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49712, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727315783143356, "etime": 1727315783143356, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49701, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727315781117744, "etime": 1727315781117744, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49699, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727315780017980, "etime": 1727315780017980, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49697, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727315655002994, "etime": 1727315655002994, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49690, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727315781034051, "etime": 1727315781034051, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49698, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727315775035384, "etime": 1727315775035384, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49694, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727315715017811, "etime": 1727315715017811, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49692, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727315782127314, "etime": 1727315782127314, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49700, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727315779002678, "etime": 1727315779002678, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49696, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727315786189928, "etime": 1727315786189928, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49704, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727315788299690, "etime": 1727315788299690, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49707, "dest_port": 443, "protocol": "tls", "result": "Godzilla"}, {"stime": 1727315790433491, "etime": 1727315790433491, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49710, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727315791455711, "etime": 1727315791455711, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49711, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727315794533739, "etime": 1727315794533739, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49714, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727315795549119, "etime": 1727315795549119, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49715, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727315795557411, "etime": 1727315795557411, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49716, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727315790377280, "etime": 1727315790377280, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49709, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727315793502603, "etime": 1727315793502603, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49713, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727315785174389, "etime": 1727315785174389, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49703, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:46:00.699] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 5|max_alert: 1000
[2025-12-09 20:46:00.699] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:46:00.699] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:46:02.699] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24294 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID12-tls1.2CS4.8_win8.1_ubuntu_openjdk_IP.1727155060.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID12-tls1.2CS4.8_win8.1_ubuntu_openjdk_IP.1727155060.jsonl?X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T124602Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=047baa6ca15aa786510ce8257da84e89c8775fae02ce52f619e3aeea666947c8"}
[2025-12-09 20:46:02.699] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:46:02.699] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:46:02.699] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:46:02.699] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:46:02.699] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:46:02.700] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:46:04.019] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID12-tls1.2CS4.8_win8.1_ubuntu_openjdk_IP.1727155060.jsonl|result:{"code": 1, "total_count": 31, "abnormal_count": 4, "normal_count": 27, "alert_count": 4, "timestamp": 1765313164019, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727155145798853, "etime": 1727155145798853, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49463, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155146848439, "etime": 1727155146848439, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49464, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155130456872, "etime": 1727155130456872, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49447, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155134097802, "etime": 1727155134097802, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49450, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155145722940, "etime": 1727155145722940, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49462, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155137253703, "etime": 1727155137253703, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49453, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155123149722, "etime": 1727155123149722, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49440, "dest_port": 443, "protocol": "tls", "result": "Behinder"}, {"stime": 1727155136191957, "etime": 1727155136191957, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49452, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155137345462, "etime": 1727155137345462, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49454, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727155129410853, "etime": 1727155129410853, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49446, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155126287049, "etime": 1727155126287049, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49443, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155140505663, "etime": 1727155140505663, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49457, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155147879359, "etime": 1727155147879359, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49465, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155143659763, "etime": 1727155143659763, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49460, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155122583201, "etime": 1727155122583201, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49439, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727155148968533, "etime": 1727155148968533, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49467, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155062518267, "etime": 1727155062518267, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49438, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155139456963, "etime": 1727155139456963, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49456, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155148910770, "etime": 1727155148910770, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49466, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155141551760, "etime": 1727155141551760, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49458, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155060685223, "etime": 1727155060685223, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49437, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727155131488441, "etime": 1727155131488441, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49448, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155125225532, "etime": 1727155125225532, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49442, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155127332947, "etime": 1727155127332947, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49444, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155135145629, "etime": 1727155135145629, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49451, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155133047785, "etime": 1727155133047785, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49449, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1727155128379943, "etime": 1727155128379943, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49445, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155142600014, "etime": 1727155142600014, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49459, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155144691840, "etime": 1727155144691840, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49461, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155138395889, "etime": 1727155138395889, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49455, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727155124192194, "etime": 1727155124192194, "src_ip": "192.168.32.43", "dest_ip": "192.168.32.41", "src_port": 49441, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:46:04.020] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 4|max_alert: 1000
[2025-12-09 20:46:04.020] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:46:04.020] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:46:05.810] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24723 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID42-httpCS4.8_windowsserver2016_kali_openjdk_IP.1727338723.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID42-httpCS4.8_windowsserver2016_kali_openjdk_IP.1727338723.jsonl?X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T124605Z&X-Amz-Expires=604800&X-Amz-Signature=4be3a2a75edf58628811f39ce8079fcffe2448e805cc7de7370dab9a1ab75d37&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:46:05.810] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:46:05.810] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:46:05.810] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:46:05.810] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:46:05.810] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:46:05.810] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:46:09.942] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID42-httpCS4.8_windowsserver2016_kali_openjdk_IP.1727338723.jsonl|result:{"code": 0, "total_count": 95, "abnormal_count": 0, "normal_count": 95, "alert_count": 0, "timestamp": 1765313169941, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727338802285163, "etime": 1727338802285163, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53623, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338862613176, "etime": 1727338862613176, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53688, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338819784966, "etime": 1727338819784966, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53642, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338826943570, "etime": 1727338826943570, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53650, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338842176476, "etime": 1727338842176476, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53665, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338868738588, "etime": 1727338868738588, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53695, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338869754133, "etime": 1727338869754133, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53696, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338845222553, "etime": 1727338845222553, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53668, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338812613139, "etime": 1727338812613139, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53634, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338804332439, "etime": 1727338804332439, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53625, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338841159917, "etime": 1727338841159917, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53664, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338793098317, "etime": 1727338793098317, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53613, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338801274925, "etime": 1727338801274925, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53622, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338806378955, "etime": 1727338806378955, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53627, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338797160252, "etime": 1727338797160252, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53617, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338863629252, "etime": 1727338863629252, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53689, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338791066642, "etime": 1727338791066642, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53611, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338864644406, "etime": 1727338864644406, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53690, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338865691780, "etime": 1727338865691780, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53692, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338798175814, "etime": 1727338798175814, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53618, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338723116538, "etime": 1727338723116538, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53603, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338836081855, "etime": 1727338836081855, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53659, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338869766985, "etime": 1727338869766985, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53697, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338859571323, "etime": 1727338859571323, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53685, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338787003682, "etime": 1727338787003682, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53607, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338824863483, "etime": 1727338824863483, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53647, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338814675720, "etime": 1727338814675720, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53637, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338809566405, "etime": 1727338809566405, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53631, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338806514029, "etime": 1727338806514029, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53628, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338846238579, "etime": 1727338846238579, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53669, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338852394867, "etime": 1727338852394867, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53676, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338831003955, "etime": 1727338831003955, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53654, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338821816424, "etime": 1727338821816424, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53644, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338832019776, "etime": 1727338832019776, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53655, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338857504060, "etime": 1727338857504060, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53682, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338803317477, "etime": 1727338803317477, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53624, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338827957758, "etime": 1727338827957758, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53651, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338790050756, "etime": 1727338790050756, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53610, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338816722652, "etime": 1727338816722652, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53639, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338818769696, "etime": 1727338818769696, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53641, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338849285679, "etime": 1727338849285679, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53672, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338828972882, "etime": 1727338828972882, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53652, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338844207602, "etime": 1727338844207602, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53667, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338856456871, "etime": 1727338856456871, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53680, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338833035531, "etime": 1727338833035531, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53656, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338813629290, "etime": 1727338813629290, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53635, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338864688207, "etime": 1727338864688207, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53691, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338807535244, "etime": 1727338807535244, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53629, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338723135352, "etime": 1727338723135352, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53604, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338820800890, "etime": 1727338820800890, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53643, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338839129018, "etime": 1727338839129018, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53662, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338808550916, "etime": 1727338808550916, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53630, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338815709240, "etime": 1727338815709240, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53638, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338799191609, "etime": 1727338799191609, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53619, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338823847550, "etime": 1727338823847550, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53646, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338785986825, "etime": 1727338785986825, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53606, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338840144404, "etime": 1727338840144404, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53663, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338843191205, "etime": 1727338843191205, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53666, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338835066772, "etime": 1727338835066772, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53658, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338855441593, "etime": 1727338855441593, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53679, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338813665341, "etime": 1727338813665341, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53636, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338848269753, "etime": 1727338848269753, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53671, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338860582320, "etime": 1727338860582320, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53686, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338795128924, "etime": 1727338795128924, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53615, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338805364363, "etime": 1727338805364363, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53626, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338856487576, "etime": 1727338856487576, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53681, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338858520121, "etime": 1727338858520121, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53683, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338851373031, "etime": 1727338851373031, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53675, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338788019311, "etime": 1727338788019311, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53608, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338847254626, "etime": 1727338847254626, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53670, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338811597829, "etime": 1727338811597829, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53633, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338854425899, "etime": 1727338854425899, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53678, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338829988539, "etime": 1727338829988539, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53653, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338794113495, "etime": 1727338794113495, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53614, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338783145233, "etime": 1727338783145233, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53605, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338861599682, "etime": 1727338861599682, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53687, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338851316747, "etime": 1727338851316747, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53674, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338822832081, "etime": 1727338822832081, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53645, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338817754826, "etime": 1727338817754826, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53640, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338810581980, "etime": 1727338810581980, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53632, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338792081772, "etime": 1727338792081772, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53612, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338799238839, "etime": 1727338799238839, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53620, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338853410104, "etime": 1727338853410104, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53677, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338859535245, "etime": 1727338859535245, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53684, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338837097842, "etime": 1727338837097842, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53660, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338867722874, "etime": 1727338867722874, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53694, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338789035515, "etime": 1727338789035515, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53609, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338838113523, "etime": 1727338838113523, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53661, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338796144912, "etime": 1727338796144912, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53616, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338826894749, "etime": 1727338826894749, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53649, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338850300977, "etime": 1727338850300977, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53673, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338866706849, "etime": 1727338866706849, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53693, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338834050845, "etime": 1727338834050845, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53657, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338825879391, "etime": 1727338825879391, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53648, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727338800254932, "etime": 1727338800254932, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 53621, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:46:09.942] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:46:09.942] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24295 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID41-httpCS4.8_windowsserver2016_kali_jdk_domain3.1727337565.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID41-httpCS4.8_windowsserver2016_kali_jdk_domain3.1727337565.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Date=20251209T124608Z&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=ce7823971a442314c0b59d4d5941bd6a759938db75769e7c772226f9e83a7a8c"}
[2025-12-09 20:46:09.942] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:46:09.942] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:46:09.942] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:46:09.942] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:46:09.942] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:46:09.943] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:46:13.852] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID41-httpCS4.8_windowsserver2016_kali_jdk_domain3.1727337565.jsonl|result:{"code": 0, "total_count": 90, "abnormal_count": 0, "normal_count": 90, "alert_count": 0, "timestamp": 1765313173850, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727337627111047, "etime": 1727337627111047, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52024, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337635268138, "etime": 1727337635268138, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52033, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337660704773, "etime": 1727337660704773, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52059, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337675110894, "etime": 1727337675110894, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52075, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337691158153, "etime": 1727337691158153, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52090, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337646470354, "etime": 1727337646470354, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52045, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337636283068, "etime": 1727337636283068, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52034, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337672063404, "etime": 1727337672063404, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52072, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337645455295, "etime": 1727337645455295, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52044, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337707299291, "etime": 1727337707299291, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52107, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337679204757, "etime": 1727337679204757, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52080, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337684282819, "etime": 1727337684282819, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52085, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337704259406, "etime": 1727337704259406, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52104, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337671923595, "etime": 1727337671923595, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52071, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337680220315, "etime": 1727337680220315, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52081, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337653595570, "etime": 1727337653595570, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52052, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337652579667, "etime": 1727337652579667, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52051, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337681236346, "etime": 1727337681236346, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52082, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337625080237, "etime": 1727337625080237, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52022, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337631205144, "etime": 1727337631205144, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52029, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337655626992, "etime": 1727337655626992, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52054, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337664814174, "etime": 1727337664814174, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52064, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337674095780, "etime": 1727337674095780, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52074, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337678189812, "etime": 1727337678189812, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52079, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337687362166, "etime": 1727337687362166, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52088, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337693298894, "etime": 1727337693298894, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52093, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337696463880, "etime": 1727337696463880, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52097, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337708318061, "etime": 1727337708318061, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52109, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337704220755, "etime": 1727337704220755, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52103, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337673080554, "etime": 1727337673080554, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52073, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337634251690, "etime": 1727337634251690, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52032, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337656642360, "etime": 1727337656642360, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52055, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337686330751, "etime": 1727337686330751, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52087, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337642410898, "etime": 1727337642410898, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52041, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337647486135, "etime": 1727337647486135, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52046, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337702189416, "etime": 1727337702189416, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52101, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337706283205, "etime": 1727337706283205, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52106, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337677142120, "etime": 1727337677142120, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52077, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337642376757, "etime": 1727337642376757, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52040, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337651564526, "etime": 1727337651564526, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52050, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337629142209, "etime": 1727337629142209, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52026, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337663795807, "etime": 1727337663795807, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52063, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337695329987, "etime": 1727337695329987, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52095, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337703205197, "etime": 1727337703205197, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52102, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337633235981, "etime": 1727337633235981, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52031, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337644438920, "etime": 1727337644438920, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52043, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337659689160, "etime": 1727337659689160, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52058, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337657657910, "etime": 1727337657657910, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52056, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337641360920, "etime": 1727337641360920, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52039, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337694314292, "etime": 1727337694314292, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52094, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337630190728, "etime": 1727337630190728, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52028, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337628126443, "etime": 1727337628126443, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52025, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337565053506, "etime": 1727337565053506, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52020, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337658673567, "etime": 1727337658673567, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52057, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337637299415, "etime": 1727337637299415, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52035, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337666845589, "etime": 1727337666845589, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52066, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337682251648, "etime": 1727337682251648, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52083, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337640346083, "etime": 1727337640346083, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52038, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337565065759, "etime": 1727337565065759, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52021, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337632220581, "etime": 1727337632220581, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52030, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337648501851, "etime": 1727337648501851, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52047, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337676126736, "etime": 1727337676126736, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52076, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337690142403, "etime": 1727337690142403, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52089, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337649517345, "etime": 1727337649517345, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52048, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337701184994, "etime": 1727337701184994, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52100, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337667861459, "etime": 1727337667861459, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52067, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337708314392, "etime": 1727337708314392, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52108, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337696345405, "etime": 1727337696345405, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52096, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337705267238, "etime": 1727337705267238, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52105, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337663752261, "etime": 1727337663752261, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52062, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337692288442, "etime": 1727337692288442, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52092, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337698486307, "etime": 1727337698486307, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52099, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337650532792, "etime": 1727337650532792, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52049, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337639329532, "etime": 1727337639329532, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52037, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337697470558, "etime": 1727337697470558, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52098, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337662736276, "etime": 1727337662736276, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52061, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337626095108, "etime": 1727337626095108, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52023, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337665829919, "etime": 1727337665829919, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52065, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337668876570, "etime": 1727337668876570, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52068, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337683267350, "etime": 1727337683267350, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52084, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337685319546, "etime": 1727337685319546, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52086, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337638314047, "etime": 1727337638314047, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52036, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337692173801, "etime": 1727337692173801, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52091, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337677185412, "etime": 1727337677185412, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52078, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337669892535, "etime": 1727337669892535, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52069, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337670908111, "etime": 1727337670908111, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52070, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337630157972, "etime": 1727337630157972, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52027, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337654611417, "etime": 1727337654611417, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52053, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337643423744, "etime": 1727337643423744, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52042, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337661720185, "etime": 1727337661720185, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 52060, "dest_port": 8070, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:46:13.852] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:46:13.852] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24296 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai6zwlkhflow1zwrkh.1726643864.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai6zwlkhflow1zwrkh.1726643864.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=bb47e958a62b6c2d66de784787b9b764c8a2a8886b2e00ec0cbfff0dd32c4a17&X-Amz-Expires=604800&X-Amz-Date=20251209T124611Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 20:46:13.852] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:46:13.852] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:46:13.852] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:46:13.852] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:46:13.852] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:46:13.852] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:46:13.898] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai6zwlkhflow1zwrkh.1726643864.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765313173897, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726643864589367, "etime": 1726643864589367, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49298, "dest_port": 50050, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:46:13.898] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:46:15.328] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25970 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai6zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49298.1726643864.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai6zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49298.1726643864.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=402951af6fcdc80fde2a10ed10ba1935882c9a9f3cd797050be22e060631dfac&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T124614Z"}
[2025-12-09 20:46:15.328] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:46:15.328] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:46:15.328] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:46:15.328] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:46:15.328] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:46:15.328] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:46:15.401] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai6zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49298.1726643864.jsonl|result:{"code": 0, "total_count": 1, "abnormal_count": 0, "normal_count": 1, "alert_count": 0, "timestamp": 1765313175401, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1726643864589367, "etime": 1726643864589367, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49298, "dest_port": 50050, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:46:15.401] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:46:18.502] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24724 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai5zwlkhflow1zwrkh.1726643632.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai5zwlkhflow1zwrkh.1726643632.jsonl?X-Amz-Expires=604800&X-Amz-Signature=36bd3803e62bcbddeb1a29b9e82c1233b1e37a5cf8cadfc48127fcf0e75f8692&X-Amz-Date=20251209T124618Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 20:46:18.502] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:46:18.502] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:46:18.502] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:46:18.502] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:46:18.502] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:46:18.503] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:46:18.610] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai5zwlkhflow1zwrkh.1726643632.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765313178609, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726643632227044, "etime": 1726643632227044, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49297, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:46:18.610] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:46:18.610] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:46:18.610] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:46:21.677] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24725 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai5zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49297.1726643632.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai5zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49297.1726643632.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T124621Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=adc7e86721680d87ddb752ee357439370bf1fbad13dc3c0eeb984d5790d62209"}
[2025-12-09 20:46:21.678] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:46:21.678] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:46:21.678] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:46:21.678] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:46:21.678] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:46:21.679] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:46:21.789] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai5zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49297.1726643632.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765313181789, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726643632227044, "etime": 1726643632227044, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49297, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:46:21.789] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:46:21.789] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:46:21.789] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:46:24.794] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24297 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID42-httpCS4.8_windowsserver2016_kali_openjdk_domain2.1727339870.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID42-httpCS4.8_windowsserver2016_kali_openjdk_domain2.1727339870.jsonl?X-Amz-Date=20251209T124624Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=839ff7ca5a5f7d4db2ca0409d898f17b7e7b7acbc10e1528e9f1097ce9f566c1&X-Amz-SignedHeaders=host"}
[2025-12-09 20:46:24.794] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:46:24.794] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:46:24.794] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:46:24.794] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:46:24.794] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:46:24.795] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:46:29.817] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID42-httpCS4.8_windowsserver2016_kali_openjdk_domain2.1727339870.jsonl|result:{"code": 0, "total_count": 95, "abnormal_count": 0, "normal_count": 95, "alert_count": 0, "timestamp": 1765313189815, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727339935021567, "etime": 1727339935021567, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54100, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339941163176, "etime": 1727339941163176, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54106, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339999256037, "etime": 1727339999256037, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54166, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340012693966, "etime": 1727340012693966, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54182, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339990084246, "etime": 1727339990084246, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54156, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339938101060, "etime": 1727339938101060, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54103, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339932990373, "etime": 1727339932990373, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54098, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339980850085, "etime": 1727339980850085, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54146, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339991099773, "etime": 1727339991099773, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54157, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339953365551, "etime": 1727339953365551, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54118, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339943208977, "etime": 1727339943208977, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54108, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339955396746, "etime": 1727339955396746, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54120, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339969818644, "etime": 1727339969818644, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54136, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339973709515, "etime": 1727339973709515, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54138, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340014724772, "etime": 1727340014724772, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54184, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339936037504, "etime": 1727339936037504, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54101, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339945240487, "etime": 1727339945240487, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54110, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339931975102, "etime": 1727339931975102, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54097, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339963569141, "etime": 1727339963569141, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54129, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339981897139, "etime": 1727339981897139, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54148, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340010490509, "etime": 1727340010490509, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54179, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340015740762, "etime": 1727340015740762, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54185, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339950318421, "etime": 1727339950318421, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54115, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339959493593, "etime": 1727339959493593, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54125, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339980889332, "etime": 1727339980889332, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54147, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340005412802, "etime": 1727340005412802, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54174, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339870888145, "etime": 1727339870888145, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54094, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339958475137, "etime": 1727339958475137, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54124, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339999286199, "etime": 1727339999286199, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54167, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339997225108, "etime": 1727339997225108, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54164, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339986006590, "etime": 1727339986006590, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54152, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339956412798, "etime": 1727339956412798, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54121, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339870870239, "etime": 1727339870870239, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54093, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339964724977, "etime": 1727339964724977, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54131, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339939115448, "etime": 1727339939115448, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54104, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339987046062, "etime": 1727339987046062, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54153, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339937052795, "etime": 1727339937052795, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54102, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340006427955, "etime": 1727340006427955, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54175, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340003385355, "etime": 1727340003385355, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54172, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340008459300, "etime": 1727340008459300, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54177, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339983959341, "etime": 1727339983959341, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54150, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339996209297, "etime": 1727339996209297, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54163, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339989068628, "etime": 1727339989068628, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54155, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339930953153, "etime": 1727339930953153, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54096, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339930912534, "etime": 1727339930912534, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54095, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339984991434, "etime": 1727339984991434, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54151, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340004397186, "etime": 1727340004397186, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54173, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340007443538, "etime": 1727340007443538, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54176, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340002334362, "etime": 1727340002334362, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54170, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340016761318, "etime": 1727340016761318, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54187, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339978818829, "etime": 1727339978818829, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54144, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340011675601, "etime": 1727340011675601, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54181, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339972695871, "etime": 1727339972695871, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54137, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339948287613, "etime": 1727339948287613, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54113, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339951335166, "etime": 1727339951335166, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54116, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339968802787, "etime": 1727339968802787, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54135, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339942194927, "etime": 1727339942194927, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54107, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339944225086, "etime": 1727339944225086, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54109, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339952350083, "etime": 1727339952350083, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54117, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339975740814, "etime": 1727339975740814, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54140, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339995194197, "etime": 1727339995194197, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54162, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339940147504, "etime": 1727339940147504, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54105, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339967788769, "etime": 1727339967788769, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54134, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339982945572, "etime": 1727339982945572, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54149, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339960506162, "etime": 1727339960506162, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54126, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339977802863, "etime": 1727339977802863, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54143, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339998240611, "etime": 1727339998240611, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54165, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339954381478, "etime": 1727339954381478, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54119, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339946256398, "etime": 1727339946256398, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54111, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339961539844, "etime": 1727339961539844, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54127, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339992115818, "etime": 1727339992115818, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54158, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339947272212, "etime": 1727339947272212, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54112, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339962553176, "etime": 1727339962553176, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54128, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339965742131, "etime": 1727339965742131, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54132, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339992144263, "etime": 1727339992144263, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54159, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339934006141, "etime": 1727339934006141, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54099, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339957428105, "etime": 1727339957428105, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54122, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339988053278, "etime": 1727339988053278, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54154, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340011506277, "etime": 1727340011506277, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54180, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340013709916, "etime": 1727340013709916, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54183, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340009474928, "etime": 1727340009474928, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54178, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339963718566, "etime": 1727339963718566, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54130, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340003350044, "etime": 1727340003350044, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54171, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339994177977, "etime": 1727339994177977, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54161, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339993162516, "etime": 1727339993162516, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54160, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339957472301, "etime": 1727339957472301, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54123, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340016756271, "etime": 1727340016756271, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54186, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339966756301, "etime": 1727339966756301, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54133, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339974724876, "etime": 1727339974724876, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54139, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339976787256, "etime": 1727339976787256, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54142, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339975769053, "etime": 1727339975769053, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54141, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339979834340, "etime": 1727339979834340, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54145, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340000303338, "etime": 1727340000303338, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54168, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340001318594, "etime": 1727340001318594, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54169, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339949303523, "etime": 1727339949303523, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54114, "dest_port": 8090, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:46:29.817] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:46:29.817] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24298 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID36-httpCS4.8_windowsserver2008_ubuntu_openjdk_IP.1727406093.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID36-httpCS4.8_windowsserver2008_ubuntu_openjdk_IP.1727406093.jsonl?X-Amz-Signature=fb5cc0feb0297e8d607ce676915aa929596b20c02de945a3b088349882e60cf3&X-Amz-Date=20251209T124627Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 20:46:29.817] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:46:29.817] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:46:29.817] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:46:29.817] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:46:29.817] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:46:29.818] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:46:33.635] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID36-httpCS4.8_windowsserver2008_ubuntu_openjdk_IP.1727406093.jsonl|result:{"code": 0, "total_count": 83, "abnormal_count": 0, "normal_count": 83, "alert_count": 0, "timestamp": 1765313193634, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727406183348147, "etime": 1727406183348147, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49260, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406168980774, "etime": 1727406168980774, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49243, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406214221253, "etime": 1727406214221253, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49300, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406154113857, "etime": 1727406154113857, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49229, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406159808188, "etime": 1727406159808188, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49234, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406180259635, "etime": 1727406180259635, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49256, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406169994515, "etime": 1727406169994515, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49244, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406176172631, "etime": 1727406176172631, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49251, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406178231789, "etime": 1727406178231789, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49254, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406093071760, "etime": 1727406093071760, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49226, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406192537133, "etime": 1727406192537133, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49272, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406181319461, "etime": 1727406181319461, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49258, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406204923484, "etime": 1727406204923484, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49288, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406205952823, "etime": 1727406205952823, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49289, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406156142478, "etime": 1727406156142478, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49231, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406216248878, "etime": 1727406216248878, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49302, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406194596703, "etime": 1727406194596703, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49275, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406203907238, "etime": 1727406203907238, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49287, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406167966940, "etime": 1727406167966940, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49242, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406206982291, "etime": 1727406206982291, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49291, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406220357404, "etime": 1727406220357404, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49308, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406197701242, "etime": 1727406197701242, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49279, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406187451195, "etime": 1727406187451195, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49266, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406093093679, "etime": 1727406093093679, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49227, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406186421531, "etime": 1727406186421531, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49264, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406177186115, "etime": 1727406177186115, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49252, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406177223085, "etime": 1727406177223085, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49253, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406160837243, "etime": 1727406160837243, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49235, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406172053675, "etime": 1727406172053675, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49246, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406155127851, "etime": 1727406155127851, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49230, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406179245615, "etime": 1727406179245615, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49255, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406191523254, "etime": 1727406191523254, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49271, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406174144576, "etime": 1727406174144576, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49249, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406186448711, "etime": 1727406186448711, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49265, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406193567337, "etime": 1727406193567337, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49274, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406201803377, "etime": 1727406201803377, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49283, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406198730097, "etime": 1727406198730097, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49280, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406211085256, "etime": 1727406211085256, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49295, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406166952432, "etime": 1727406166952432, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49241, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406171024431, "etime": 1727406171024431, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49245, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406182334584, "etime": 1727406182334584, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49259, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406218308325, "etime": 1727406218308325, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49305, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406158794249, "etime": 1727406158794249, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49233, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406165938711, "etime": 1727406165938711, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49240, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406172127138, "etime": 1727406172127138, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49247, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406173130790, "etime": 1727406173130790, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49248, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406161866941, "etime": 1727406161866941, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49236, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406210055599, "etime": 1727406210055599, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49294, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406196639915, "etime": 1727406196639915, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49277, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406205972754, "etime": 1727406205972754, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49290, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406215234796, "etime": 1727406215234796, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49301, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406209041852, "etime": 1727406209041852, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49293, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406195625950, "etime": 1727406195625950, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49276, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406212161447, "etime": 1727406212161447, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49297, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406184393596, "etime": 1727406184393596, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49262, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406164924632, "etime": 1727406164924632, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49239, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406202848705, "etime": 1727406202848705, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49285, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406200774672, "etime": 1727406200774672, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49282, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406163911030, "etime": 1727406163911030, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49238, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406181289230, "etime": 1727406181289230, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49257, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406183380500, "etime": 1727406183380500, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49261, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406203878290, "etime": 1727406203878290, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49286, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406216281743, "etime": 1727406216281743, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49303, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406217294485, "etime": 1727406217294485, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49304, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406185407653, "etime": 1727406185407653, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49263, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406153104595, "etime": 1727406153104595, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49228, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406189479563, "etime": 1727406189479563, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49268, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406175158076, "etime": 1727406175158076, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49250, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406196688195, "etime": 1727406196688195, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49278, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406162897267, "etime": 1727406162897267, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49237, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406201834986, "etime": 1727406201834986, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49284, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406219321775, "etime": 1727406219321775, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49306, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406211146255, "etime": 1727406211146255, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49296, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406157781818, "etime": 1727406157781818, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49232, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406190520625, "etime": 1727406190520625, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49270, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406192556656, "etime": 1727406192556656, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49273, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406213191132, "etime": 1727406213191132, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49298, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406213204601, "etime": 1727406213204601, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49299, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406220351977, "etime": 1727406220351977, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49307, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406188465509, "etime": 1727406188465509, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49267, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406199744434, "etime": 1727406199744434, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49281, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406208012346, "etime": 1727406208012346, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49292, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727406190493107, "etime": 1727406190493107, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49269, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:46:33.635] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:46:33.635] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24299 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_domain_mogai6zwlkhflow1zwrkh.1726645691.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_domain_mogai6zwlkhflow1zwrkh.1726645691.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=b7dc990bf101442cce2088f22980585e1cc5cd3cf72766dbd7120016bce3084d&X-Amz-Date=20251209T124630Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 20:46:33.635] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:46:33.635] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:46:33.636] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:46:33.636] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:46:33.636] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:46:33.636] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:46:33.684] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_domain_mogai6zwlkhflow1zwrkh.1726645691.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765313193683, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726645691903184, "etime": 1726645691903184, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49304, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:46:33.684] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:46:33.684] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:46:33.684] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:46:34.218] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25971 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID43-httpCS4.8_windowsserver2016_ubuntu_jdk_IP.1727342458.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID43-httpCS4.8_windowsserver2016_ubuntu_jdk_IP.1727342458.jsonl?X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T124633Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=dc49372dbdfcc94a6945f42551f91a674d55e59e5de4d40f6b0925e8c25cf98f"}
[2025-12-09 20:46:34.219] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:46:34.219] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:46:34.219] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:46:34.219] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:46:34.219] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:46:34.219] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:46:37.792] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID43-httpCS4.8_windowsserver2016_ubuntu_jdk_IP.1727342458.jsonl|result:{"code": 0, "total_count": 81, "abnormal_count": 0, "normal_count": 81, "alert_count": 0, "timestamp": 1765313197791, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727342567059658, "etime": 1727342567059658, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55426, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342568214281, "etime": 1727342568214281, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55428, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342540901867, "etime": 1727342540901867, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55399, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342533746120, "etime": 1727342533746120, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55391, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342588729967, "etime": 1727342588729967, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55452, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342538870459, "etime": 1727342538870459, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55397, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342584638982, "etime": 1727342584638982, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55448, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342549120952, "etime": 1727342549120952, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55409, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342537854944, "etime": 1727342537854944, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55396, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342526609167, "etime": 1727342526609167, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55383, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342543997279, "etime": 1727342543997279, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55403, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342579464489, "etime": 1727342579464489, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55441, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342580480429, "etime": 1727342580480429, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55442, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342577433027, "etime": 1727342577433027, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55439, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342584589435, "etime": 1727342584589435, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55447, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342532730589, "etime": 1727342532730589, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55390, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342585652416, "etime": 1727342585652416, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55449, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342574371120, "etime": 1727342574371120, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55435, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342546043034, "etime": 1727342546043034, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55405, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342575412482, "etime": 1727342575412482, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55437, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342558308093, "etime": 1727342558308093, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55419, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342578448929, "etime": 1727342578448929, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55440, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342458542996, "etime": 1727342458542996, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55374, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342552214090, "etime": 1727342552214090, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55413, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342555261540, "etime": 1727342555261540, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55416, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342529676076, "etime": 1727342529676076, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55387, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342524464456, "etime": 1727342524464456, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55380, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342543948736, "etime": 1727342543948736, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55402, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342534777926, "etime": 1727342534777926, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55392, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342541917373, "etime": 1727342541917373, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55400, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342542933369, "etime": 1727342542933369, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55401, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342551152280, "etime": 1727342551152280, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55411, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342553229867, "etime": 1727342553229867, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55414, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342559323785, "etime": 1727342559323785, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55420, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342560339292, "etime": 1727342560339292, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55421, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342531698514, "etime": 1727342531698514, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55389, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342519589518, "etime": 1727342519589518, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55377, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342554245771, "etime": 1727342554245771, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55415, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342557293256, "etime": 1727342557293256, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55418, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342573354998, "etime": 1727342573354998, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55434, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342586683131, "etime": 1727342586683131, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55450, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342582558008, "etime": 1727342582558008, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55445, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342525480164, "etime": 1727342525480164, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55381, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342548105184, "etime": 1727342548105184, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55408, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342568073976, "etime": 1727342568073976, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55427, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342572323692, "etime": 1727342572323692, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55433, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342576417517, "etime": 1727342576417517, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55438, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342566042625, "etime": 1727342566042625, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55425, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342530685279, "etime": 1727342530685279, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55388, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342526495440, "etime": 1727342526495440, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55382, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342571315862, "etime": 1727342571315862, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55432, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342458557077, "etime": 1727342458557077, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55375, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342520604690, "etime": 1727342520604690, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55378, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342534812599, "etime": 1727342534812599, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55393, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342535823639, "etime": 1727342535823639, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55394, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342569230711, "etime": 1727342569230711, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55429, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342545011227, "etime": 1727342545011227, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55404, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342527620235, "etime": 1727342527620235, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55384, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342539886569, "etime": 1727342539886569, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55398, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342570261488, "etime": 1727342570261488, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55430, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342571276953, "etime": 1727342571276953, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55431, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342581549318, "etime": 1727342581549318, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55444, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342589762809, "etime": 1727342589762809, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55454, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342528638089, "etime": 1727342528638089, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55385, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342581495914, "etime": 1727342581495914, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55443, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342536839377, "etime": 1727342536839377, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55395, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342547088982, "etime": 1727342547088982, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55407, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342583574066, "etime": 1727342583574066, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55446, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342565027046, "etime": 1727342565027046, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55424, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342523458342, "etime": 1727342523458342, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55379, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342587714272, "etime": 1727342587714272, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55451, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342563995673, "etime": 1727342563995673, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55423, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342529651617, "etime": 1727342529651617, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55386, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342589745722, "etime": 1727342589745722, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55453, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342551208636, "etime": 1727342551208636, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55412, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342556276738, "etime": 1727342556276738, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55417, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342562986534, "etime": 1727342562986534, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55422, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342575386087, "etime": 1727342575386087, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55436, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342547057927, "etime": 1727342547057927, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55406, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342518573614, "etime": 1727342518573614, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55376, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727342550136433, "etime": 1727342550136433, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 55410, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:46:37.792] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:46:37.792] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24726 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID43-httpCS4.8_windowsserver2016_ubuntu_jdk_domain1.1727399825.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID43-httpCS4.8_windowsserver2016_ubuntu_jdk_domain1.1727399825.jsonl?X-Amz-Signature=29ff48c8ca4ff7f130e11c12d37b7b01885313f602d5076921df6a71af6fb71a&X-Amz-Date=20251209T124636Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:46:37.792] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:46:37.792] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:46:37.792] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:46:37.792] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:46:37.792] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:46:37.793] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:46:41.173] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID43-httpCS4.8_windowsserver2016_ubuntu_jdk_domain1.1727399825.jsonl|result:{"code": 0, "total_count": 78, "abnormal_count": 0, "normal_count": 78, "alert_count": 0, "timestamp": 1765313201171, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727399910614861, "etime": 1727399910614861, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49945, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399930567815, "etime": 1727399930567815, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49964, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399947037492, "etime": 1727399947037492, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49982, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399895244462, "etime": 1727399895244462, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49927, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399938849540, "etime": 1727399938849540, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49973, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399906489624, "etime": 1727399906489624, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49940, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399912645746, "etime": 1727399912645746, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49947, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399915787071, "etime": 1727399915787071, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49951, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399925495403, "etime": 1727399925495403, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49959, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399944991328, "etime": 1727399944991328, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49980, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399887411377, "etime": 1727399887411377, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49921, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399897273633, "etime": 1727399897273633, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49929, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399932599179, "etime": 1727399932599179, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49966, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399889442486, "etime": 1727399889442486, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49923, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399918833411, "etime": 1727399918833411, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49954, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399936693115, "etime": 1727399936693115, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49970, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399931585136, "etime": 1727399931585136, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49965, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399912737102, "etime": 1727399912737102, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49948, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399892491159, "etime": 1727399892491159, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49926, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399900349465, "etime": 1727399900349465, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49933, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399937718194, "etime": 1727399937718194, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49971, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399951161553, "etime": 1727399951161553, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49987, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399898287213, "etime": 1727399898287213, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49930, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399898325348, "etime": 1727399898325348, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49931, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399896255316, "etime": 1727399896255316, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49928, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399934646137, "etime": 1727399934646137, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49968, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399901405893, "etime": 1727399901405893, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49935, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399917817847, "etime": 1727399917817847, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49953, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399916802731, "etime": 1727399916802731, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49952, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399948100469, "etime": 1727399948100469, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49984, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399919850835, "etime": 1727399919850835, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49955, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399942944760, "etime": 1727399942944760, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49978, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399886397853, "etime": 1727399886397853, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49920, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399949130373, "etime": 1727399949130373, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49985, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399927520726, "etime": 1727399927520726, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49961, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399907521735, "etime": 1727399907521735, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49941, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399920864665, "etime": 1727399920864665, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49956, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399913755496, "etime": 1727399913755496, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49949, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399940881096, "etime": 1727399940881096, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49975, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399940921411, "etime": 1727399940921411, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49976, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399946005321, "etime": 1727399946005321, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49981, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399902411941, "etime": 1727399902411941, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49936, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399953223874, "etime": 1727399953223874, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49990, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399954239935, "etime": 1727399954239935, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49991, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399890458501, "etime": 1727399890458501, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49924, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399901367100, "etime": 1727399901367100, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49934, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399885384287, "etime": 1727399885384287, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49919, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399941927647, "etime": 1727399941927647, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49977, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399939864784, "etime": 1727399939864784, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49974, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399955255484, "etime": 1727399955255484, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49992, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399947090049, "etime": 1727399947090049, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49983, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399885240066, "etime": 1727399885240066, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49918, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399951203903, "etime": 1727399951203903, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49988, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399911631105, "etime": 1727399911631105, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49946, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399943958556, "etime": 1727399943958556, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49979, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399888427140, "etime": 1727399888427140, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49922, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399825219256, "etime": 1727399825219256, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49915, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399926505444, "etime": 1727399926505444, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49960, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399952209532, "etime": 1727399952209532, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49989, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399909599176, "etime": 1727399909599176, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49944, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399921880083, "etime": 1727399921880083, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49957, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399825231891, "etime": 1727399825231891, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49916, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399955261617, "etime": 1727399955261617, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49993, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399922895833, "etime": 1727399922895833, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49958, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399899333506, "etime": 1727399899333506, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49932, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399935678942, "etime": 1727399935678942, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49969, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399937833893, "etime": 1727399937833893, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49972, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399903429368, "etime": 1727399903429368, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49937, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399914771623, "etime": 1727399914771623, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49950, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399891474745, "etime": 1727399891474745, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49925, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399904443077, "etime": 1727399904443077, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49938, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399908583462, "etime": 1727399908583462, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49943, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399907573808, "etime": 1727399907573808, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49942, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399905476043, "etime": 1727399905476043, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49939, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399950146489, "etime": 1727399950146489, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49986, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399929552682, "etime": 1727399929552682, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49963, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399928536576, "etime": 1727399928536576, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49962, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727399933632472, "etime": 1727399933632472, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49967, "dest_port": 8900, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:46:41.173] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:46:41.173] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25972 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID36-httpCS4.8_windowsserver2008_ubuntu_openjdk_domain3.1727407340.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID36-httpCS4.8_windowsserver2008_ubuntu_openjdk_domain3.1727407340.jsonl?X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=d9e4cba35453f4196dc03ff15e8c69ecb24fbab7db267187c1b5025c97d1ae0e&X-Amz-Date=20251209T124640Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:46:41.173] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:46:41.173] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:46:41.173] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:46:41.173] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:46:41.173] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:46:41.173] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:46:44.585] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID36-httpCS4.8_windowsserver2008_ubuntu_openjdk_domain3.1727407340.jsonl|result:{"code": 0, "total_count": 82, "abnormal_count": 0, "normal_count": 82, "alert_count": 0, "timestamp": 1765313204584, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727407458042285, "etime": 1727407458042285, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49762, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407453939719, "etime": 1727407453939719, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49757, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407402569384, "etime": 1727407402569384, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49702, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407403582767, "etime": 1727407403582767, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49703, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407447844007, "etime": 1727407447844007, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49750, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407461084502, "etime": 1727407461084502, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49766, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407415779208, "etime": 1727407415779208, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49717, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407420925249, "etime": 1727407420925249, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49723, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407442270813, "etime": 1727407442270813, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49747, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407439229202, "etime": 1727407439229202, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49744, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407432099635, "etime": 1727407432099635, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49736, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407455000296, "etime": 1727407455000296, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49759, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407466170820, "etime": 1727407466170820, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49772, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407407638405, "etime": 1727407407638405, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49707, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407429042324, "etime": 1727407429042324, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49732, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407435141636, "etime": 1727407435141636, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49739, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407467184188, "etime": 1727407467184188, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49773, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407465156298, "etime": 1727407465156298, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49771, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407412708970, "etime": 1727407412708970, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49712, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407437169887, "etime": 1727407437169887, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49741, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407428027843, "etime": 1727407428027843, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49731, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407462098221, "etime": 1727407462098221, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49767, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407467204090, "etime": 1727407467204090, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49774, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407419837877, "etime": 1727407419837877, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49721, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407409666364, "etime": 1727407409666364, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49709, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407433113330, "etime": 1727407433113330, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49737, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407406624706, "etime": 1727407406624706, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49706, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407453989971, "etime": 1727407453989971, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49758, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407456014412, "etime": 1727407456014412, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49760, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407468213640, "etime": 1727407468213640, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49775, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407444298520, "etime": 1727407444298520, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49749, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407464146598, "etime": 1727407464146598, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49770, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407448874340, "etime": 1727407448874340, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49752, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407450897577, "etime": 1727407450897577, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49754, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407422942062, "etime": 1727407422942062, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49725, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407422962177, "etime": 1727407422962177, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49726, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407451911514, "etime": 1727407451911514, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49755, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407340525341, "etime": 1727407340525341, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49699, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407401554567, "etime": 1727407401554567, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49701, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407443284709, "etime": 1727407443284709, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49748, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407470241644, "etime": 1727407470241644, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49777, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407457028750, "etime": 1727407457028750, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49761, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407340509209, "etime": 1727407340509209, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49698, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407431085306, "etime": 1727407431085306, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49735, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407431069639, "etime": 1727407431069639, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49734, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407436155360, "etime": 1727407436155360, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49740, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407423971598, "etime": 1727407423971598, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49727, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407425999764, "etime": 1727407425999764, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49729, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407416795490, "etime": 1727407416795490, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49718, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407452925429, "etime": 1727407452925429, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49756, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407460070071, "etime": 1727407460070071, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49764, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407420851816, "etime": 1727407420851816, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49722, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407448853661, "etime": 1727407448853661, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49751, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407408652600, "etime": 1727407408652600, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49708, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407471255685, "etime": 1727407471255685, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49778, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407471262269, "etime": 1727407471262269, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49779, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407400540753, "etime": 1727407400540753, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49700, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407438214619, "etime": 1727407438214619, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49743, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407404597535, "etime": 1727407404597535, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49704, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407417809751, "etime": 1727407417809751, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49719, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407424985852, "etime": 1727407424985852, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49728, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407469227989, "etime": 1727407469227989, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49776, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407413722561, "etime": 1727407413722561, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49713, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407411694525, "etime": 1727407411694525, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49711, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407449883413, "etime": 1727407449883413, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49753, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407410680602, "etime": 1727407410680602, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49710, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407415765991, "etime": 1727407415765991, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49716, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407405610565, "etime": 1727407405610565, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49705, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407441256559, "etime": 1727407441256559, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49746, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407413741457, "etime": 1727407413741457, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49714, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407440242730, "etime": 1727407440242730, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49745, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407459056489, "etime": 1727407459056489, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49763, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407430055989, "etime": 1727407430055989, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49733, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407437198088, "etime": 1727407437198088, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49742, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407460082814, "etime": 1727407460082814, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49765, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407427013609, "etime": 1727407427013609, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49730, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407434127752, "etime": 1727407434127752, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49738, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407464126116, "etime": 1727407464126116, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49769, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407463112537, "etime": 1727407463112537, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49768, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407418824472, "etime": 1727407418824472, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49720, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407414752114, "etime": 1727407414752114, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49715, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407421928235, "etime": 1727407421928235, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49724, "dest_port": 8070, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:46:44.585] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:46:44.585] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25973 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_domain_mogai6zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49304.1726645691.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_domain_mogai6zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49304.1726645691.jsonl?X-Amz-SignedHeaders=host&X-Amz-Signature=9765af9d6141c687c294ae52588564b8e89b7eeada456c2cebdcdfc563b9b945&X-Amz-Date=20251209T124643Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800"}
[2025-12-09 20:46:44.585] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:46:44.585] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:46:44.585] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:46:44.585] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:46:44.585] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:46:44.585] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:46:44.632] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID17-tls1.3CS4.8_win7_kali_jdk_domain_mogai6zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49304.1726645691.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765313204632, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726645691903184, "etime": 1726645691903184, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49304, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:46:44.632] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:46:44.632] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:46:44.632] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:46:46.806] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24300 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID45-httpCS4.8_windowsserver2022_kali_jdk_IP.1727331897.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID45-httpCS4.8_windowsserver2022_kali_jdk_IP.1727331897.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T124646Z&X-Amz-SignedHeaders=host&X-Amz-Signature=e0f887744c421a8328a9b3ff14746cd64a8ca47ca800841eb75db31423194eb3"}
[2025-12-09 20:46:46.806] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:46:46.806] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:46:46.807] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:46:46.807] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:46:46.807] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:46:46.808] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:46:50.279] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID45-httpCS4.8_windowsserver2022_kali_jdk_IP.1727331897.jsonl|result:{"code": 0, "total_count": 83, "abnormal_count": 0, "normal_count": 83, "alert_count": 0, "timestamp": 1765313210278, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727331986471747, "etime": 1727331986471747, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51655, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332010941085, "etime": 1727332010941085, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51680, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331990550680, "etime": 1727331990550680, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51659, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332009925529, "etime": 1727332009925529, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51679, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331967737722, "etime": 1727331967737722, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51633, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331897986582, "etime": 1727331897986582, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51623, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332027222036, "etime": 1727332027222036, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51696, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332031378800, "etime": 1727332031378800, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51701, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331985456124, "etime": 1727331985456124, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51654, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332030289026, "etime": 1727332030289026, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51699, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331964097387, "etime": 1727331964097387, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51631, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331966732130, "etime": 1727331966732130, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51632, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331992659947, "etime": 1727331992659947, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51662, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332034457597, "etime": 1727332034457597, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51704, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332003831438, "etime": 1727332003831438, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51673, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332011956450, "etime": 1727332011956450, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51681, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331970815927, "etime": 1727331970815927, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51636, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331982331356, "etime": 1727331982331356, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51650, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331987487742, "etime": 1727331987487742, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51656, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331996722545, "etime": 1727331996722545, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51666, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332018050239, "etime": 1727332018050239, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51687, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331972034408, "etime": 1727331972034408, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51638, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331968769719, "etime": 1727331968769719, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51634, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332002815817, "etime": 1727332002815817, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51672, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332006878152, "etime": 1727332006878152, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51676, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332015003505, "etime": 1727332015003505, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51684, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332016019533, "etime": 1727332016019533, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51685, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332023159923, "etime": 1727332023159923, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51692, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332025190765, "etime": 1727332025190765, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51694, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332032394183, "etime": 1727332032394183, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51702, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331974065836, "etime": 1727331974065836, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51640, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332007893942, "etime": 1727332007893942, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51677, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331992581334, "etime": 1727331992581334, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51661, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332033409560, "etime": 1727332033409560, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51703, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331995706413, "etime": 1727331995706413, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51665, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332019065900, "etime": 1727332019065900, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51688, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332034465285, "etime": 1727332034465285, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51705, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332030363173, "etime": 1727332030363173, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51700, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331897966728, "etime": 1727331897966728, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51622, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331977159605, "etime": 1727331977159605, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51644, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332028238138, "etime": 1727332028238138, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51697, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331983347398, "etime": 1727331983347398, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51651, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331984363102, "etime": 1727331984363102, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51652, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332017034156, "etime": 1727332017034156, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51686, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331997737454, "etime": 1727331997737454, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51667, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331998754148, "etime": 1727331998754148, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51668, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332000784451, "etime": 1727332000784451, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51670, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331976144009, "etime": 1727331976144009, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51643, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331962065716, "etime": 1727331962065716, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51629, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331958003616, "etime": 1727331958003616, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51625, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331994690738, "etime": 1727331994690738, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51664, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331960034718, "etime": 1727331960034718, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51627, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331975129011, "etime": 1727331975129011, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51642, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331963081105, "etime": 1727331963081105, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51630, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332029253278, "etime": 1727332029253278, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51698, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331991565710, "etime": 1727331991565710, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51660, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331980207260, "etime": 1727331980207260, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51647, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331981316341, "etime": 1727331981316341, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51649, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331989535922, "etime": 1727331989535922, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51658, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331959021269, "etime": 1727331959021269, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51626, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331993675260, "etime": 1727331993675260, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51663, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332005863101, "etime": 1727332005863101, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51675, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332004846790, "etime": 1727332004846790, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51674, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332026207236, "etime": 1727332026207236, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51695, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331978174815, "etime": 1727331978174815, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51645, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331973050613, "etime": 1727331973050613, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51639, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332008909561, "etime": 1727332008909561, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51678, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331971015765, "etime": 1727331971015765, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51637, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332022143805, "etime": 1727332022143805, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51691, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331985378668, "etime": 1727331985378668, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51653, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332001800682, "etime": 1727332001800682, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51671, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332021129418, "etime": 1727332021129418, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51690, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331979190920, "etime": 1727331979190920, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51646, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331961050803, "etime": 1727331961050803, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51628, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331980299679, "etime": 1727331980299679, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51648, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331999768517, "etime": 1727331999768517, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51669, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331969784374, "etime": 1727331969784374, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51635, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332012972388, "etime": 1727332012972388, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51682, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332024174846, "etime": 1727332024174846, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51693, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331988503813, "etime": 1727331988503813, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51657, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727331974122620, "etime": 1727331974122620, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51641, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332013988493, "etime": 1727332013988493, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51683, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727332020113616, "etime": 1727332020113616, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51689, "dest_port": 80, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:46:50.280] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:46:50.280] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25974 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID37-tls1.2CS4.8_windowsserver2008R2_kali_jdk_IP.1726231580.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID37-tls1.2CS4.8_windowsserver2008R2_kali_jdk_IP.1726231580.jsonl?X-Amz-Date=20251209T124649Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=117093e9a491860635a2c8371f84fb85f82864e3b6d42d1a71223dabf28b5331&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:46:50.280] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:46:50.280] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:46:50.280] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:46:50.280] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:46:50.280] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:46:50.280] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:46:54.917] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID37-tls1.2CS4.8_windowsserver2008R2_kali_jdk_IP.1726231580.jsonl|result:{"code": 1, "total_count": 112, "abnormal_count": 110, "normal_count": 2, "alert_count": 110, "timestamp": 1765313214916, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726231702245505, "etime": 1726231702245505, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49768, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231726605634, "etime": 1726231726605634, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49784, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231740237289, "etime": 1726231740237289, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49793, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231652138598, "etime": 1726231652138598, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49735, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231647047793, "etime": 1726231647047793, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49731, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231750893867, "etime": 1726231750893867, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49800, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231662315257, "etime": 1726231662315257, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49743, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231761532869, "etime": 1726231761532869, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49807, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231676119696, "etime": 1726231676119696, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49754, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231766004939, "etime": 1726231766004939, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49810, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231738728258, "etime": 1726231738728258, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49792, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231747833208, "etime": 1726231747833208, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49798, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231662933840, "etime": 1726231662933840, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49744, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231684114948, "etime": 1726231684114948, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49756, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1726231665934675, "etime": 1726231665934675, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49746, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231767500091, "etime": 1726231767500091, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49811, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231667445299, "etime": 1726231667445299, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49747, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231771983853, "etime": 1726231771983853, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49814, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231731126949, "etime": 1726231731126949, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49787, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231773494017, "etime": 1726231773494017, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49815, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231776544594, "etime": 1726231776544594, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49817, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231749372181, "etime": 1726231749372181, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49799, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231785640091, "etime": 1726231785640091, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49823, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231799309698, "etime": 1726231799309698, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49832, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231717531741, "etime": 1726231717531741, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49778, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231758476575, "etime": 1726231758476575, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49805, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231660801716, "etime": 1726231660801716, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49742, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231690157186, "etime": 1726231690157186, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49760, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231703772945, "etime": 1726231703772945, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49769, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231642487713, "etime": 1726231642487713, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49728, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231685629316, "etime": 1726231685629316, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49757, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231655718417, "etime": 1726231655718417, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49738, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231677628999, "etime": 1726231677628999, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49755, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231693172523, "etime": 1726231693172523, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49762, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231705344615, "etime": 1726231705344615, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49770, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231674624984, "etime": 1726231674624984, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49753, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231708349304, "etime": 1726231708349304, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49772, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231668025766, "etime": 1726231668025766, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49748, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1726231714481527, "etime": 1726231714481527, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49776, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231734150353, "etime": 1726231734150353, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49789, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231673121055, "etime": 1726231673121055, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49752, "dest_port": 443, "protocol": "tls", "result": "Antsword"}, {"stime": 1726231763029603, "etime": 1726231763029603, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49808, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231711368697, "etime": 1726231711368697, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49774, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231778007409, "etime": 1726231778007409, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49818, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231729615407, "etime": 1726231729615407, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49786, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231649102389, "etime": 1726231649102389, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49733, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231770504976, "etime": 1726231770504976, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49813, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231779502671, "etime": 1726231779502671, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49819, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231699225427, "etime": 1726231699225427, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49766, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231780995512, "etime": 1726231780995512, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49820, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231788643796, "etime": 1726231788643796, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49825, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231805335157, "etime": 1726231805335157, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49836, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231644013071, "etime": 1726231644013071, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49729, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231756962555, "etime": 1726231756962555, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49804, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231752413913, "etime": 1726231752413913, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49801, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231768995382, "etime": 1726231768995382, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49812, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231793216041, "etime": 1726231793216041, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49828, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231803840516, "etime": 1726231803840516, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49835, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231732638764, "etime": 1726231732638764, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49788, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231790158144, "etime": 1726231790158144, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49826, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231712959787, "etime": 1726231712959787, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49775, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231741747531, "etime": 1726231741747531, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49794, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231764525992, "etime": 1726231764525992, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49809, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231775020280, "etime": 1726231775020280, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49816, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231728118109, "etime": 1726231728118109, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49785, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231720558087, "etime": 1726231720558087, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49780, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231735675701, "etime": 1726231735675701, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49790, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231743241838, "etime": 1726231743241838, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49795, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231794713165, "etime": 1726231794713165, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49829, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231691673353, "etime": 1726231691673353, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49761, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231725075688, "etime": 1726231725075688, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49783, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231782520464, "etime": 1726231782520464, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49821, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231744783085, "etime": 1726231744783085, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49796, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231659301469, "etime": 1726231659301469, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49741, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231706839387, "etime": 1726231706839387, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49771, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231671059155, "etime": 1726231671059155, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49750, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231787142400, "etime": 1726231787142400, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49824, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231640948027, "etime": 1726231640948027, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49726, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231791672957, "etime": 1726231791672957, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49827, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231645538594, "etime": 1726231645538594, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49730, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231797798895, "etime": 1726231797798895, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49831, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231800835344, "etime": 1726231800835344, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49833, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231805825765, "etime": 1726231805825765, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49837, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231716006844, "etime": 1726231716006844, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49777, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231746307629, "etime": 1726231746307629, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49797, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231657239403, "etime": 1726231657239403, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49739, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231753915619, "etime": 1726231753915619, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49802, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231755431948, "etime": 1726231755431948, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49803, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231796271476, "etime": 1726231796271476, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49830, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231737201558, "etime": 1726231737201558, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49791, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231694686477, "etime": 1726231694686477, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49763, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231654196756, "etime": 1726231654196756, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49737, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231580326222, "etime": 1726231580326222, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49724, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231723576388, "etime": 1726231723576388, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49782, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231652667962, "etime": 1726231652667962, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49736, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1726231802346621, "etime": 1726231802346621, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49834, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231696215185, "etime": 1726231696215185, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49764, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231650627894, "etime": 1726231650627894, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49734, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231672554380, "etime": 1726231672554380, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49751, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231784105387, "etime": 1726231784105387, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49822, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231709859370, "etime": 1726231709859370, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49773, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231760005108, "etime": 1726231760005108, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49806, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231688657260, "etime": 1726231688657260, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49759, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231657786858, "etime": 1726231657786858, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49740, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231697728051, "etime": 1726231697728051, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49765, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231700718895, "etime": 1726231700718895, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49767, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231647605544, "etime": 1726231647605544, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49732, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231722060470, "etime": 1726231722060470, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49781, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231719039234, "etime": 1726231719039234, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49779, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231669532547, "etime": 1726231669532547, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49749, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231664421167, "etime": 1726231664421167, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49745, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1726231687135693, "etime": 1726231687135693, "src_ip": "192.168.163.40", "dest_ip": "192.168.163.38", "src_port": 49758, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}]}
[2025-12-09 20:46:54.918] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 110|max_alert: 1000
[2025-12-09 20:46:54.918] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:46:54.918] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:46:54.918] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24727 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID45-httpCS4.8_windowsserver2022_kali_jdk_domain1.1727332585.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID45-httpCS4.8_windowsserver2022_kali_jdk_domain1.1727332585.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T124652Z&X-Amz-SignedHeaders=host&X-Amz-Signature=df97ac8613013ab952faccde8a9d3ea321358632815eef7c006a341d5eba5364&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800"}
[2025-12-09 20:46:54.918] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:46:54.918] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:46:54.918] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:46:54.918] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:46:54.918] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:46:54.918] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:46:58.632] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID45-httpCS4.8_windowsserver2022_kali_jdk_domain1.1727332585.jsonl|result:{"code": 0, "total_count": 85, "abnormal_count": 0, "normal_count": 85, "alert_count": 0, "timestamp": 1765313218630, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727332647081295, "etime": 1727332647081295, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51927, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332691613211, "etime": 1727332691613211, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51970, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332712019248, "etime": 1727332712019248, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51991, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332703831943, "etime": 1727332703831943, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51982, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332717160579, "etime": 1727332717160579, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51997, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332712079430, "etime": 1727332712079430, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51992, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332694661565, "etime": 1727332694661565, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51973, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332686535165, "etime": 1727332686535165, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51965, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332669268878, "etime": 1727332669268878, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51948, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332715128500, "etime": 1727332715128500, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51995, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332721222957, "etime": 1727332721222957, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52001, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332585036675, "etime": 1727332585036675, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51924, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332657879215, "etime": 1727332657879215, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51936, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332663972300, "etime": 1727332663972300, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51942, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332673331280, "etime": 1727332673331280, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51952, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332645050309, "etime": 1727332645050309, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51925, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332670285277, "etime": 1727332670285277, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51949, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332687549896, "etime": 1727332687549896, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51966, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332671300331, "etime": 1727332671300331, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51950, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332708971787, "etime": 1727332708971787, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51988, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332711003526, "etime": 1727332711003526, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51990, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332688565732, "etime": 1727332688565732, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51967, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332707956133, "etime": 1727332707956133, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51987, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332660925874, "etime": 1727332660925874, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51939, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332656862253, "etime": 1727332656862253, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51935, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332675363252, "etime": 1727332675363252, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51954, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332697706142, "etime": 1727332697706142, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51976, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332704914117, "etime": 1727332704914117, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51984, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332672315935, "etime": 1727332672315935, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51951, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332676378900, "etime": 1727332676378900, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51955, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332709988052, "etime": 1727332709988052, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51989, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332668254079, "etime": 1727332668254079, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51947, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332682472609, "etime": 1727332682472609, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51961, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332713097564, "etime": 1727332713097564, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51993, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332649754427, "etime": 1727332649754427, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51928, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332724362912, "etime": 1727332724362912, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52005, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332699738447, "etime": 1727332699738447, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51978, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332689581528, "etime": 1727332689581528, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51968, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332690597109, "etime": 1727332690597109, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51969, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332692628381, "etime": 1727332692628381, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51971, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332706940934, "etime": 1727332706940934, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51986, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332653816898, "etime": 1727332653816898, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51932, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332678410113, "etime": 1727332678410113, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51957, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332703902553, "etime": 1727332703902553, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51983, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332720206899, "etime": 1727332720206899, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52000, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332698722382, "etime": 1727332698722382, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51977, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332719191268, "etime": 1727332719191268, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51999, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332666222064, "etime": 1727332666222064, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51945, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332652800380, "etime": 1727332652800380, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51931, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332658893791, "etime": 1727332658893791, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51937, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332661940950, "etime": 1727332661940950, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51940, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332685519383, "etime": 1727332685519383, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51964, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332716143916, "etime": 1727332716143916, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51996, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332674347096, "etime": 1727332674347096, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51953, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332721323466, "etime": 1727332721323466, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52002, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332650769532, "etime": 1727332650769532, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51929, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332705927435, "etime": 1727332705927435, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51985, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332722331427, "etime": 1727332722331427, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52003, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332664188410, "etime": 1727332664188410, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51943, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332695675142, "etime": 1727332695675142, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51974, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332693644301, "etime": 1727332693644301, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51972, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332723346954, "etime": 1727332723346954, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52004, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332684503862, "etime": 1727332684503862, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51963, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332659910876, "etime": 1727332659910876, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51938, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332651784565, "etime": 1727332651784565, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51930, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332646066900, "etime": 1727332646066900, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51926, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332725378779, "etime": 1727332725378779, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52006, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332585013053, "etime": 1727332585013053, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51923, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332679425642, "etime": 1727332679425642, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51958, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332665206805, "etime": 1727332665206805, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51944, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332667237723, "etime": 1727332667237723, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51946, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332696691371, "etime": 1727332696691371, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51975, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332701796645, "etime": 1727332701796645, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51980, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332680441543, "etime": 1727332680441543, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51959, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332681456347, "etime": 1727332681456347, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51960, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332702815510, "etime": 1727332702815510, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51981, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332655846737, "etime": 1727332655846737, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51934, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332700753360, "etime": 1727332700753360, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51979, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332677394352, "etime": 1727332677394352, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51956, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332662956469, "etime": 1727332662956469, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51941, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332683488210, "etime": 1727332683488210, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51962, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332714113274, "etime": 1727332714113274, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51994, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332718175250, "etime": 1727332718175250, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51998, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332725387220, "etime": 1727332725387220, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52007, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332654831557, "etime": 1727332654831557, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51933, "dest_port": 8090, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:46:58.632] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:46:58.632] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24301 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID44-httpCS4.8_windowsserver2016_ubuntu_openjdk_domain1.1727402108.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID44-httpCS4.8_windowsserver2016_ubuntu_openjdk_domain1.1727402108.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=d5e46039dedb6b2fb2dc885842a26880bd5a2d0f3b58b5c95784a4cfa95dbe77&X-Amz-Date=20251209T124655Z&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host"}
[2025-12-09 20:46:58.632] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:46:58.632] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:46:58.632] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:46:58.632] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:46:58.632] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:46:58.632] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:47:01.714] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID44-httpCS4.8_windowsserver2016_ubuntu_openjdk_domain1.1727402108.jsonl|result:{"code": 0, "total_count": 74, "abnormal_count": 0, "normal_count": 74, "alert_count": 0, "timestamp": 1765313221712, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727402179650587, "etime": 1727402179650587, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50630, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402198389630, "etime": 1727402198389630, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50654, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402191089125, "etime": 1727402191089125, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50645, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402194181263, "etime": 1727402194181263, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50649, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402221556314, "etime": 1727402221556314, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50679, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402172437464, "etime": 1727402172437464, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50621, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402226681537, "etime": 1727402226681537, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50685, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402225665878, "etime": 1727402225665878, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50684, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402184760084, "etime": 1727402184760084, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50636, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402211291133, "etime": 1727402211291133, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50667, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402221611352, "etime": 1727402221611352, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50680, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402200417879, "etime": 1727402200417879, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50656, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402190025181, "etime": 1727402190025181, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50643, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402214447220, "etime": 1727402214447220, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50672, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402173447234, "etime": 1727402173447234, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50622, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402184891482, "etime": 1727402184891482, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50637, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402186931865, "etime": 1727402186931865, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50639, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402203509688, "etime": 1727402203509688, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50660, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402218509719, "etime": 1727402218509719, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50676, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402210285514, "etime": 1727402210285514, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50666, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402229782182, "etime": 1727402229782182, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50690, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402228760174, "etime": 1727402228760174, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50688, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402207619133, "etime": 1727402207619133, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50665, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402174478453, "etime": 1727402174478453, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50623, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402205587694, "etime": 1727402205587694, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50663, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402213440720, "etime": 1727402213440720, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50671, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402220541114, "etime": 1727402220541114, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50678, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402213384735, "etime": 1727402213384735, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50670, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402196212955, "etime": 1727402196212955, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50651, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402219525436, "etime": 1727402219525436, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50677, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402193170892, "etime": 1727402193170892, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50648, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402178632013, "etime": 1727402178632013, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50629, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402175494518, "etime": 1727402175494518, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50624, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402215463014, "etime": 1727402215463014, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50673, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402193119924, "etime": 1727402193119924, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50647, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402187990710, "etime": 1727402187990710, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50641, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402180697381, "etime": 1727402180697381, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50632, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402224650236, "etime": 1727402224650236, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50683, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402227744401, "etime": 1727402227744401, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50687, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402177574518, "etime": 1727402177574518, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50627, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402217493875, "etime": 1727402217493875, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50675, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402229775774, "etime": 1727402229775774, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50689, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402189010165, "etime": 1727402189010165, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50642, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402178587951, "etime": 1727402178587951, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50628, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402190069814, "etime": 1727402190069814, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50644, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402195197815, "etime": 1727402195197815, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50650, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402212369059, "etime": 1727402212369059, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50669, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402226735960, "etime": 1727402226735960, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50686, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402182728268, "etime": 1727402182728268, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50634, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402211354094, "etime": 1727402211354094, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50668, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402183743991, "etime": 1727402183743991, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50635, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402198244206, "etime": 1727402198244206, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50653, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402179687435, "etime": 1727402179687435, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50631, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402185900845, "etime": 1727402185900845, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50638, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402197228858, "etime": 1727402197228858, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50652, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402176556609, "etime": 1727402176556609, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50626, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402203557447, "etime": 1727402203557447, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50661, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402216478525, "etime": 1727402216478525, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50674, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402187947398, "etime": 1727402187947398, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50640, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402199400284, "etime": 1727402199400284, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50655, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402201479057, "etime": 1727402201479057, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50658, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402200469733, "etime": 1727402200469733, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50657, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402222619412, "etime": 1727402222619412, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50681, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402204571968, "etime": 1727402204571968, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50662, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402223634674, "etime": 1727402223634674, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50682, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402192103210, "etime": 1727402192103210, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50646, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402202494851, "etime": 1727402202494851, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50659, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402181714715, "etime": 1727402181714715, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50633, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402108595969, "etime": 1727402108595969, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50617, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402175549773, "etime": 1727402175549773, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50625, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402169634602, "etime": 1727402169634602, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50620, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402168619618, "etime": 1727402168619618, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50619, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402206604059, "etime": 1727402206604059, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50664, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402108612694, "etime": 1727402108612694, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50618, "dest_port": 8070, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:47:01.714] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:47:01.714] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24302 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID42-httpCS4.8_windowsserver2016_kali_openjdk_domain1.1727339678.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID42-httpCS4.8_windowsserver2016_kali_openjdk_domain1.1727339678.jsonl?X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Signature=0f942e447091511f4a4f7e04dbc9c386f2abc9a205c228237bf4b3fb5c77ab14&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T124658Z"}
[2025-12-09 20:47:01.714] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:47:01.714] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:47:01.714] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:47:01.714] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:47:01.714] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:47:01.714] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:47:05.407] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID42-httpCS4.8_windowsserver2016_kali_openjdk_domain1.1727339678.jsonl|result:{"code": 0, "total_count": 88, "abnormal_count": 0, "normal_count": 88, "alert_count": 0, "timestamp": 1765313225406, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727339816084178, "etime": 1727339816084178, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54083, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339769287811, "etime": 1727339769287811, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54035, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339755068436, "etime": 1727339755068436, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54021, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339804881190, "etime": 1727339804881190, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54071, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339743083622, "etime": 1727339743083622, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54011, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339742068169, "etime": 1727339742068169, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54010, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339758114947, "etime": 1727339758114947, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54024, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339769334110, "etime": 1727339769334110, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54036, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339789646510, "etime": 1727339789646510, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54056, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339790661957, "etime": 1727339790661957, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54057, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339797771386, "etime": 1727339797771386, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54064, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339820193330, "etime": 1727339820193330, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54088, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339795740456, "etime": 1727339795740456, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54062, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339815068130, "etime": 1727339815068130, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54082, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339763193395, "etime": 1727339763193395, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54029, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339813006288, "etime": 1727339813006288, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54079, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339823240456, "etime": 1727339823240456, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54091, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339740036959, "etime": 1727339740036959, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54008, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339679005291, "etime": 1727339679005291, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54006, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339767255730, "etime": 1727339767255730, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54033, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339779490220, "etime": 1727339779490220, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54046, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339781521273, "etime": 1727339781521273, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54048, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339806912625, "etime": 1727339806912625, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54073, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339810974350, "etime": 1727339810974350, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54077, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339751005563, "etime": 1727339751005563, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54017, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339759131482, "etime": 1727339759131482, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54025, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339748983606, "etime": 1727339748983606, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54015, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339764209200, "etime": 1727339764209200, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54030, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339817099737, "etime": 1727339817099737, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54084, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339776443268, "etime": 1727339776443268, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54043, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339756084045, "etime": 1727339756084045, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54022, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339822224467, "etime": 1727339822224467, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54090, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339766240198, "etime": 1727339766240198, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54032, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339744099893, "etime": 1727339744099893, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54012, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339796756017, "etime": 1727339796756017, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54063, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339792693397, "etime": 1727339792693397, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54059, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339745114784, "etime": 1727339745114784, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54013, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339752021549, "etime": 1727339752021549, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54018, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339782537476, "etime": 1727339782537476, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54049, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339788630977, "etime": 1727339788630977, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54055, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339799804524, "etime": 1727339799804524, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54066, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339802849737, "etime": 1727339802849737, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54069, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339807927766, "etime": 1727339807927766, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54074, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339793708718, "etime": 1727339793708718, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54060, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339808943370, "etime": 1727339808943370, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54075, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339771365356, "etime": 1727339771365356, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54038, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339811990221, "etime": 1727339811990221, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54078, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339803865227, "etime": 1727339803865227, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54070, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339778474723, "etime": 1727339778474723, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54045, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339739021439, "etime": 1727339739021439, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54007, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339749990511, "etime": 1727339749990511, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54016, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339783552869, "etime": 1727339783552869, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54050, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339794725016, "etime": 1727339794725016, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54061, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339765224339, "etime": 1727339765224339, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54031, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339817150111, "etime": 1727339817150111, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54085, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339784568346, "etime": 1727339784568346, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54051, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339774412235, "etime": 1727339774412235, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54041, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339787615401, "etime": 1727339787615401, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54054, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339791677788, "etime": 1727339791677788, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54058, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339746130730, "etime": 1727339746130730, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54014, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339772381014, "etime": 1727339772381014, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54039, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339762177532, "etime": 1727339762177532, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54028, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339678992679, "etime": 1727339678992679, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54005, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339753036978, "etime": 1727339753036978, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54019, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339773396590, "etime": 1727339773396590, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54040, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339780506292, "etime": 1727339780506292, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54047, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339798786867, "etime": 1727339798786867, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54065, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339818161875, "etime": 1727339818161875, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54086, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339821209935, "etime": 1727339821209935, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54089, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339819177549, "etime": 1727339819177549, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54087, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339823243592, "etime": 1727339823243592, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54092, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339770349826, "etime": 1727339770349826, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54037, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339777458651, "etime": 1727339777458651, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54044, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339757099736, "etime": 1727339757099736, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54023, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339760146480, "etime": 1727339760146480, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54026, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339786599392, "etime": 1727339786599392, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54053, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339761162238, "etime": 1727339761162238, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54027, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339801833902, "etime": 1727339801833902, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54068, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339814022366, "etime": 1727339814022366, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54080, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339800818515, "etime": 1727339800818515, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54067, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339775427800, "etime": 1727339775427800, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54042, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339814053498, "etime": 1727339814053498, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54081, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339785584324, "etime": 1727339785584324, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54052, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339805896407, "etime": 1727339805896407, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54072, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339741052391, "etime": 1727339741052391, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54009, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339809958761, "etime": 1727339809958761, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54076, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339754052448, "etime": 1727339754052448, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54020, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727339768271331, "etime": 1727339768271331, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54034, "dest_port": 8090, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:47:05.407] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:47:05.407] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24728 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID43-httpCS4.8_windowsserver2016_ubuntu_jdk_domain3.1727400278.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID43-httpCS4.8_windowsserver2016_ubuntu_jdk_domain3.1727400278.jsonl?X-Amz-Expires=604800&X-Amz-Signature=9373df41d948267a48b3ca6ecbc777e683dcdabd55257e0b9c9e0b7562299ccf&X-Amz-Date=20251209T124702Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host"}
[2025-12-09 20:47:05.407] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:47:05.407] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:47:05.408] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:47:05.408] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:47:05.408] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:47:05.408] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:47:08.376] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID43-httpCS4.8_windowsserver2016_ubuntu_jdk_domain3.1727400278.jsonl|result:{"code": 0, "total_count": 71, "abnormal_count": 0, "normal_count": 71, "alert_count": 0, "timestamp": 1765313228375, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727400374289270, "etime": 1727400374289270, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50105, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400394943836, "etime": 1727400394943836, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50130, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400360303537, "etime": 1727400360303537, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50091, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400390850253, "etime": 1727400390850253, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50125, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400375303333, "etime": 1727400375303333, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50106, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400370196011, "etime": 1727400370196011, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50100, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400393928388, "etime": 1727400393928388, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50129, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400381491011, "etime": 1727400381491011, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50113, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400343162391, "etime": 1727400343162391, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50075, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400347289217, "etime": 1727400347289217, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50080, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400396017396, "etime": 1727400396017396, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50132, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400395959300, "etime": 1727400395959300, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50131, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400361318471, "etime": 1727400361318471, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50092, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400392912237, "etime": 1727400392912237, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50128, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400338038050, "etime": 1727400338038050, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50069, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400354191838, "etime": 1727400354191838, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50085, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400356225232, "etime": 1727400356225232, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50087, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400378382769, "etime": 1727400378382769, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50109, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400381538288, "etime": 1727400381538288, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50114, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400278009356, "etime": 1727400278009356, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50067, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400397021534, "etime": 1727400397021534, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50133, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400379444334, "etime": 1727400379444334, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50111, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400278022497, "etime": 1727400278022497, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50068, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400345209146, "etime": 1727400345209146, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50077, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400388811610, "etime": 1727400388811610, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50123, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400358257825, "etime": 1727400358257825, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50089, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400400086189, "etime": 1727400400086189, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50136, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400345264933, "etime": 1727400345264933, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50078, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400341131003, "etime": 1727400341131003, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50073, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400384584493, "etime": 1727400384584493, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50117, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400366007192, "etime": 1727400366007192, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50095, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400383568600, "etime": 1727400383568600, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50116, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400371251046, "etime": 1727400371251046, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50102, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400391896572, "etime": 1727400391896572, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50127, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400357240469, "etime": 1727400357240469, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50088, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400350349687, "etime": 1727400350349687, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50083, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400369178349, "etime": 1727400369178349, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50099, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400340068499, "etime": 1727400340068499, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50071, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400382553250, "etime": 1727400382553250, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50115, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400399052796, "etime": 1727400399052796, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50135, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400389819064, "etime": 1727400389819064, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50124, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400348303318, "etime": 1727400348303318, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50081, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400368171588, "etime": 1727400368171588, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50098, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400387757628, "etime": 1727400387757628, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50121, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400400090542, "etime": 1727400400090542, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50137, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400342149009, "etime": 1727400342149009, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50074, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400385724252, "etime": 1727400385724252, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50119, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400346271606, "etime": 1727400346271606, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50079, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400377349560, "etime": 1727400377349560, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50108, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400371209208, "etime": 1727400371209208, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50101, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400376335463, "etime": 1727400376335463, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50107, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400388771668, "etime": 1727400388771668, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50122, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400339053022, "etime": 1727400339053022, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50070, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400398039702, "etime": 1727400398039702, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50134, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400385600593, "etime": 1727400385600593, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50118, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400367021924, "etime": 1727400367021924, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50096, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400378431086, "etime": 1727400378431086, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50110, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400359271969, "etime": 1727400359271969, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50090, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400349334947, "etime": 1727400349334947, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50082, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400351381297, "etime": 1727400351381297, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50084, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400364974688, "etime": 1727400364974688, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50094, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400368039538, "etime": 1727400368039538, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50097, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400363964866, "etime": 1727400363964866, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50093, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400372256510, "etime": 1727400372256510, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50103, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400390893698, "etime": 1727400390893698, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50126, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400344194672, "etime": 1727400344194672, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50076, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400355209239, "etime": 1727400355209239, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50086, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400380474890, "etime": 1727400380474890, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50112, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400386740733, "etime": 1727400386740733, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50120, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400340125152, "etime": 1727400340125152, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50072, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400373271874, "etime": 1727400373271874, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50104, "dest_port": 8900, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:47:08.376] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:47:08.376] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24729 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID44-httpCS4.8_windowsserver2016_ubuntu_openjdk_domain2.1727402473.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID44-httpCS4.8_windowsserver2016_ubuntu_openjdk_domain2.1727402473.jsonl?X-Amz-Signature=7de1b8715e2868c4ee90777a1dd0140f886120cb4c44112e91cdf7977dc7573b&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T124705Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host"}
[2025-12-09 20:47:08.376] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:47:08.376] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:47:08.376] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:47:08.377] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:47:08.377] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:47:08.377] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:47:11.391] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID44-httpCS4.8_windowsserver2016_ubuntu_openjdk_domain2.1727402473.jsonl|result:{"code": 0, "total_count": 72, "abnormal_count": 0, "normal_count": 72, "alert_count": 0, "timestamp": 1765313231389, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727402533104660, "etime": 1727402533104660, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50694, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402556557774, "etime": 1727402556557774, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50721, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402569004428, "etime": 1727402569004428, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50737, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402581369762, "etime": 1727402581369762, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50751, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402533042051, "etime": 1727402533042051, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50693, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402584494568, "etime": 1727402584494568, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50755, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402589667921, "etime": 1727402589667921, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50762, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402580356238, "etime": 1727402580356238, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50750, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402570010494, "etime": 1727402570010494, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50738, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402559738502, "etime": 1727402559738502, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50725, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402575135679, "etime": 1727402575135679, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50744, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402577166993, "etime": 1727402577166993, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50746, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402544527518, "etime": 1727402544527518, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50709, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402545541625, "etime": 1727402545541625, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50710, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402537307280, "etime": 1727402537307280, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50699, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402536298537, "etime": 1727402536298537, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50698, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402571081997, "etime": 1727402571081997, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50740, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402571026431, "etime": 1727402571026431, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50739, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402561797828, "etime": 1727402561797828, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50728, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402553465366, "etime": 1727402553465366, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50717, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402544479447, "etime": 1727402544479447, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50708, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402588637858, "etime": 1727402588637858, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50760, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402583432300, "etime": 1727402583432300, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50753, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402558589152, "etime": 1727402558589152, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50723, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402568963961, "etime": 1727402568963961, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50736, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402589651033, "etime": 1727402589651033, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50761, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402572088866, "etime": 1727402572088866, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50741, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402473031146, "etime": 1727402473031146, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50692, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402542416324, "etime": 1727402542416324, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50705, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402583482788, "etime": 1727402583482788, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50754, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402543463756, "etime": 1727402543463756, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50707, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402582402073, "etime": 1727402582402073, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50752, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402536151541, "etime": 1727402536151541, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50697, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402566869723, "etime": 1727402566869723, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50733, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402576150822, "etime": 1727402576150822, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50745, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402554525123, "etime": 1727402554525123, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50719, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402586612128, "etime": 1727402586612128, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50758, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402555541407, "etime": 1727402555541407, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50720, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402548589057, "etime": 1727402548589057, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50713, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402552406943, "etime": 1727402552406943, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50715, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402586541708, "etime": 1727402586541708, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50757, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402538324756, "etime": 1727402538324756, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50700, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402573104193, "etime": 1727402573104193, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50742, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402560744615, "etime": 1727402560744615, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50726, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402567947745, "etime": 1727402567947745, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50735, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402539380504, "etime": 1727402539380504, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50702, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402565854667, "etime": 1727402565854667, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50732, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402562807508, "etime": 1727402562807508, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50729, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402587620473, "etime": 1727402587620473, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50759, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402539338355, "etime": 1727402539338355, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50701, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402473015962, "etime": 1727402473015962, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50691, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402553416684, "etime": 1727402553416684, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50716, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402554479517, "etime": 1727402554479517, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50718, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402546557312, "etime": 1727402546557312, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50711, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402578182727, "etime": 1727402578182727, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50747, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402564838635, "etime": 1727402564838635, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50731, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402557572990, "etime": 1727402557572990, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50722, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402541402731, "etime": 1727402541402731, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50704, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402534120451, "etime": 1727402534120451, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50695, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402574120210, "etime": 1727402574120210, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50743, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402549604057, "etime": 1727402549604057, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50714, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402561760503, "etime": 1727402561760503, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50727, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402542458930, "etime": 1727402542458930, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50706, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402563823241, "etime": 1727402563823241, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50730, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402579338859, "etime": 1727402579338859, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50749, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402585526232, "etime": 1727402585526232, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50756, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402566926778, "etime": 1727402566926778, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50734, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402535137162, "etime": 1727402535137162, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50696, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402547572917, "etime": 1727402547572917, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50712, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402540385340, "etime": 1727402540385340, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50703, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402559604142, "etime": 1727402559604142, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50724, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402578313602, "etime": 1727402578313602, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50748, "dest_port": 8070, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:47:11.391] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:47:11.391] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24730 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai4zwlkhflow1zwrkh.1726643552.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai4zwlkhflow1zwrkh.1726643552.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=9035e77bd46684d576185450dbb8a54440ddec1bdd4ae5b9858762d924f249c2&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T124708Z"}
[2025-12-09 20:47:11.391] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:47:11.391] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:47:11.391] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:47:11.391] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:47:11.391] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:47:11.391] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:47:11.437] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai4zwlkhflow1zwrkh.1726643552.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765313231436, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726643552226862, "etime": 1726643552226862, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49296, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:47:11.437] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:47:11.437] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:47:11.437] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:47:11.977] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24303 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai4zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49296.1726643552.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai4zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49296.1726643552.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=49edcdabc69d08c4f3affb7ba1ac2b96aefcb282eaef727da11b1635355346cb&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Date=20251209T124711Z&X-Amz-SignedHeaders=host"}
[2025-12-09 20:47:11.977] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:47:11.977] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:47:11.977] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:47:11.977] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:47:11.977] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:47:11.978] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:47:12.033] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID20-tls1.3CS4.8_win7_ubuntu_openjdk_IP_mogai4zwlkhflow1zwrkh.pcap.TCP_192-168-88-24_50050_192-168-88-30_49296.1726643552.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765313232032, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726643552226862, "etime": 1726643552226862, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.24", "src_port": 49296, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:47:12.033] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:47:12.033] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:47:12.033] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:47:15.124] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24731 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID44-httpCS4.8_windowsserver2016_ubuntu_openjdk_domain3.1727402643.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID44-httpCS4.8_windowsserver2016_ubuntu_openjdk_domain3.1727402643.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T124714Z&X-Amz-Expires=604800&X-Amz-Signature=a05bc0ac90551b0561fb66baf31be49a5bd984b1eb7330d21c9f77b109e57e27"}
[2025-12-09 20:47:15.124] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:47:15.124] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:47:15.124] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:47:15.124] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:47:15.124] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:47:15.125] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:47:18.313] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID44-httpCS4.8_windowsserver2016_ubuntu_openjdk_domain3.1727402643.jsonl|result:{"code": 0, "total_count": 67, "abnormal_count": 0, "normal_count": 67, "alert_count": 0, "timestamp": 1765313238312, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727402751683172, "etime": 1727402751683172, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50819, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402719526579, "etime": 1727402719526579, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50786, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402728402053, "etime": 1727402728402053, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50793, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402703901421, "etime": 1727402703901421, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50765, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402734542825, "etime": 1727402734542825, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50800, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402735558179, "etime": 1727402735558179, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50801, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402742839052, "etime": 1727402742839052, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50810, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402761500086, "etime": 1727402761500086, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50829, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402716338949, "etime": 1727402716338949, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50782, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402752698487, "etime": 1727402752698487, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50820, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402761495639, "etime": 1727402761495639, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50828, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402747585594, "etime": 1727402747585594, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50814, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402749604444, "etime": 1727402749604444, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50816, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402754729835, "etime": 1727402754729835, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50822, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402757388958, "etime": 1727402757388958, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50823, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402743854711, "etime": 1727402743854711, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50811, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402722573439, "etime": 1727402722573439, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50789, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402715323410, "etime": 1727402715323410, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50781, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402728452329, "etime": 1727402728452329, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50794, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402733526233, "etime": 1727402733526233, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50799, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402712237560, "etime": 1727402712237560, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50777, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402739792438, "etime": 1727402739792438, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50807, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402759463890, "etime": 1727402759463890, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50826, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402750620405, "etime": 1727402750620405, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50817, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402708103603, "etime": 1727402708103603, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50772, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402643889802, "etime": 1727402643889802, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50764, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402711151528, "etime": 1727402711151528, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50775, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402718510976, "etime": 1727402718510976, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50785, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402758401558, "etime": 1727402758401558, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50824, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402727385887, "etime": 1727402727385887, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50792, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402725357905, "etime": 1727402725357905, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50790, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402707027360, "etime": 1727402707027360, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50770, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402721557668, "etime": 1727402721557668, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50788, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402747526366, "etime": 1727402747526366, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50813, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402753713951, "etime": 1727402753713951, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50821, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402732510526, "etime": 1727402732510526, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50798, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402717494498, "etime": 1727402717494498, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50784, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402738651529, "etime": 1727402738651529, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50805, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402705004952, "etime": 1727402705004952, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50768, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402708042174, "etime": 1727402708042174, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50771, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402735610327, "etime": 1727402735610327, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50802, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402740807927, "etime": 1727402740807927, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50808, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402758455170, "etime": 1727402758455170, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50825, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402714307533, "etime": 1727402714307533, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50780, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402704963757, "etime": 1727402704963757, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50767, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402726370049, "etime": 1727402726370049, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50791, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402746519125, "etime": 1727402746519125, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50812, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402713290619, "etime": 1727402713290619, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50779, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402703950040, "etime": 1727402703950040, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50766, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402717354640, "etime": 1727402717354640, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50783, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402730479383, "etime": 1727402730479383, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50796, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402737638106, "etime": 1727402737638106, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50804, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402731495613, "etime": 1727402731495613, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50797, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402710135939, "etime": 1727402710135939, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50774, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402720542146, "etime": 1727402720542146, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50787, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402736619856, "etime": 1727402736619856, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50803, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402709119928, "etime": 1727402709119928, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50773, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402748588623, "etime": 1727402748588623, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50815, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402713245420, "etime": 1727402713245420, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50778, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402760481533, "etime": 1727402760481533, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50827, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402741823424, "etime": 1727402741823424, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50809, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402712167656, "etime": 1727402712167656, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50776, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402706010395, "etime": 1727402706010395, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50769, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402750663392, "etime": 1727402750663392, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50818, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402643873517, "etime": 1727402643873517, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50763, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402738784352, "etime": 1727402738784352, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50806, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727402729464158, "etime": 1727402729464158, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50795, "dest_port": 8070, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:47:18.313] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:47:18.313] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24732 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID36-httpCS4.8_windowsserver2008_ubuntu_openjdk_domain2.1727407090.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID36-httpCS4.8_windowsserver2008_ubuntu_openjdk_domain2.1727407090.jsonl?X-Amz-SignedHeaders=host&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T124717Z&X-Amz-Expires=604800&X-Amz-Signature=7ba01f5a2281c27d335e9f6a900e4310c65ce916f06505b6fd01431a07e0100d"}
[2025-12-09 20:47:18.313] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:47:18.313] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:47:18.313] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:47:18.313] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:47:18.313] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:47:18.314] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:47:21.544] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID36-httpCS4.8_windowsserver2008_ubuntu_openjdk_domain2.1727407090.jsonl|result:{"code": 0, "total_count": 72, "abnormal_count": 0, "normal_count": 72, "alert_count": 0, "timestamp": 1765313241543, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727407155760881, "etime": 1727407155760881, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49634, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407160924766, "etime": 1727407160924766, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49641, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407209815132, "etime": 1727407209815132, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49693, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407183824734, "etime": 1727407183824734, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49664, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407176695862, "etime": 1727407176695862, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49655, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407196055616, "etime": 1727407196055616, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49680, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407202670148, "etime": 1727407202670148, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49684, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407159894226, "etime": 1727407159894226, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49639, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407157865206, "etime": 1727407157865206, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49637, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407175685837, "etime": 1727407175685837, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49654, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407180784708, "etime": 1727407180784708, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49661, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407167023391, "etime": 1727407167023391, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49648, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407170065859, "etime": 1727407170065859, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49651, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407151673161, "etime": 1727407151673161, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49629, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407176722908, "etime": 1727407176722908, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49656, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407183848750, "etime": 1727407183848750, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49665, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407192004525, "etime": 1727407192004525, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49675, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407152726054, "etime": 1727407152726054, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49631, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407203683663, "etime": 1727407203683663, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49685, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407204697634, "etime": 1727407204697634, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49686, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407204715230, "etime": 1727407204715230, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49687, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407161952339, "etime": 1727407161952339, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49643, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407158881123, "etime": 1727407158881123, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49638, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407090630446, "etime": 1727407090630446, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49626, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407168037906, "etime": 1727407168037906, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49649, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407194027942, "etime": 1727407194027942, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49677, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407211842743, "etime": 1727407211842743, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49695, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407184854477, "etime": 1727407184854477, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49666, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407179753572, "etime": 1727407179753572, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49659, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407181796918, "etime": 1727407181796918, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49662, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407210828919, "etime": 1727407210828919, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49694, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407185868517, "etime": 1727407185868517, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49667, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407182810685, "etime": 1727407182810685, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49663, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407205727245, "etime": 1727407205727245, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49688, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407164996026, "etime": 1727407164996026, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49646, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407195041142, "etime": 1727407195041142, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49679, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407163981700, "etime": 1727407163981700, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49645, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407154746637, "etime": 1727407154746637, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49633, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407208770807, "etime": 1727407208770807, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49691, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407207755248, "etime": 1727407207755248, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49690, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407206741668, "etime": 1727407206741668, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49689, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407179765529, "etime": 1727407179765529, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49660, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407201658106, "etime": 1727407201658106, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49683, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407090650853, "etime": 1727407090650853, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49627, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407193013219, "etime": 1727407193013219, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49676, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407189956036, "etime": 1727407189956036, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49672, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407162967913, "etime": 1727407162967913, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49644, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407190970033, "etime": 1727407190970033, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49673, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407212862872, "etime": 1727407212862872, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49697, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407188941393, "etime": 1727407188941393, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49671, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407169051788, "etime": 1727407169051788, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49650, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407172093930, "etime": 1727407172093930, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49653, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407156790188, "etime": 1727407156790188, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49635, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407157804031, "etime": 1727407157804031, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49636, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407150659310, "etime": 1727407150659310, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49628, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407166010106, "etime": 1727407166010106, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49647, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407177725513, "etime": 1727407177725513, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49657, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407186882598, "etime": 1727407186882598, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49668, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407197069447, "etime": 1727407197069447, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49681, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407187936964, "etime": 1727407187936964, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49670, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407152687490, "etime": 1727407152687490, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49630, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407159911343, "etime": 1727407159911343, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49640, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407208803397, "etime": 1727407208803397, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49692, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407194040809, "etime": 1727407194040809, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49678, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407178739276, "etime": 1727407178739276, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49658, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407191983951, "etime": 1727407191983951, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49674, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407171079776, "etime": 1727407171079776, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49652, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407212856905, "etime": 1727407212856905, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49696, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407153732994, "etime": 1727407153732994, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49632, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407161937970, "etime": 1727407161937970, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49642, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407187896480, "etime": 1727407187896480, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49669, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727407198083282, "etime": 1727407198083282, "src_ip": "192.168.37.129", "dest_ip": "192.168.37.136", "src_port": 49682, "dest_port": 8070, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:47:21.544] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:47:21.544] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25975 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID43-httpCS4.8_windowsserver2016_ubuntu_jdk_domain2.1727400094.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID43-httpCS4.8_windowsserver2016_ubuntu_jdk_domain2.1727400094.jsonl?X-Amz-SignedHeaders=host&X-Amz-Date=20251209T124720Z&X-Amz-Signature=8c064dbdfca53c14bd3311a603df782d096fd3c43c057135e4149419fc35c195&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-Algorithm=AWS4-HMAC-SHA256"}
[2025-12-09 20:47:21.544] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:47:21.544] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:47:21.544] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:47:21.544] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:47:21.544] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:47:21.544] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:47:24.611] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID43-httpCS4.8_windowsserver2016_ubuntu_jdk_domain2.1727400094.jsonl|result:{"code": 0, "total_count": 73, "abnormal_count": 0, "normal_count": 73, "alert_count": 0, "timestamp": 1765313244610, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727400170021335, "etime": 1727400170021335, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50011, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400181428970, "etime": 1727400181428970, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50025, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400182446920, "etime": 1727400182446920, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50026, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400194708764, "etime": 1727400194708764, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50038, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400205709644, "etime": 1727400205709644, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50050, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400181381094, "etime": 1727400181381094, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50024, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400173068318, "etime": 1727400173068318, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50014, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400197363469, "etime": 1727400197363469, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50039, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400204661758, "etime": 1727400204661758, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50048, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400207740287, "etime": 1727400207740287, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50052, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400210787399, "etime": 1727400210787399, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50055, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400210844826, "etime": 1727400210844826, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50056, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400159757737, "etime": 1727400159757737, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49999, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400160771471, "etime": 1727400160771471, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50000, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400202640070, "etime": 1727400202640070, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50046, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400184491350, "etime": 1727400184491350, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50028, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400167943835, "etime": 1727400167943835, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50008, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400169013514, "etime": 1727400169013514, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50010, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400165912152, "etime": 1727400165912152, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50006, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400202585345, "etime": 1727400202585345, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50045, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400162818369, "etime": 1727400162818369, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50002, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400186537584, "etime": 1727400186537584, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50030, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400178286690, "etime": 1727400178286690, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50020, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400164896344, "etime": 1727400164896344, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50005, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400175234948, "etime": 1727400175234948, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50017, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400179304495, "etime": 1727400179304495, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50021, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400215976022, "etime": 1727400215976022, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50062, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400189599786, "etime": 1727400189599786, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50033, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400213880688, "etime": 1727400213880688, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50059, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400175099773, "etime": 1727400175099773, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50016, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400214969047, "etime": 1727400214969047, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50061, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400183458709, "etime": 1727400183458709, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50027, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400094902779, "etime": 1727400094902779, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49994, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400190631713, "etime": 1727400190631713, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50034, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400214913337, "etime": 1727400214913337, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50060, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400180364973, "etime": 1727400180364973, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50023, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400163884295, "etime": 1727400163884295, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50004, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400199412101, "etime": 1727400199412101, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50041, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400200555393, "etime": 1727400200555393, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50043, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400203646825, "etime": 1727400203646825, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50047, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400168958840, "etime": 1727400168958840, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50009, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400163834704, "etime": 1727400163834704, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50003, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400216993899, "etime": 1727400216993899, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50063, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400211849781, "etime": 1727400211849781, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50057, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400191646235, "etime": 1727400191646235, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50035, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400158740138, "etime": 1727400158740138, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49998, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400206724540, "etime": 1727400206724540, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50051, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400212868656, "etime": 1727400212868656, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50058, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400179349999, "etime": 1727400179349999, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50022, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400154943985, "etime": 1727400154943985, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49996, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400166927247, "etime": 1727400166927247, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50007, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400208755749, "etime": 1727400208755749, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50053, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400209771314, "etime": 1727400209771314, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50054, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400172052491, "etime": 1727400172052491, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50013, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400174084142, "etime": 1727400174084142, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50015, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400094921892, "etime": 1727400094921892, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49995, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400192679455, "etime": 1727400192679455, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50036, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400177272153, "etime": 1727400177272153, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50019, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400188584360, "etime": 1727400188584360, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50032, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400200427377, "etime": 1727400200427377, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50042, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400218006046, "etime": 1727400218006046, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50064, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400219038623, "etime": 1727400219038623, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50065, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400198381273, "etime": 1727400198381273, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50040, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400157733206, "etime": 1727400157733206, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 49997, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400219043205, "etime": 1727400219043205, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50066, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400176240243, "etime": 1727400176240243, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50018, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400185505803, "etime": 1727400185505803, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50029, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400201568438, "etime": 1727400201568438, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50044, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400204700309, "etime": 1727400204700309, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50049, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400187552678, "etime": 1727400187552678, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50031, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400161804771, "etime": 1727400161804771, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50001, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400171037514, "etime": 1727400171037514, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50012, "dest_port": 8900, "protocol": "tls", "result": "Normal"}, {"stime": 1727400193693380, "etime": 1727400193693380, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.136", "src_port": 50037, "dest_port": 8900, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:47:24.611] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:47:24.611] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25976 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID41-httpCS4.8_windowsserver2016_kali_jdk_domain1.1727337172.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID41-httpCS4.8_windowsserver2016_kali_jdk_domain1.1727337172.jsonl?X-Amz-Expires=604800&X-Amz-Signature=736f68e3cc23b4b03a97c238734c1935e4caf0b4c6abc470198c6d1fe08da826&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T124724Z&X-Amz-SignedHeaders=host"}
[2025-12-09 20:47:24.611] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:47:24.611] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:47:24.611] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:47:24.611] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:47:24.611] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:47:24.612] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:47:27.915] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID41-httpCS4.8_windowsserver2016_kali_jdk_domain1.1727337172.jsonl|result:{"code": 0, "total_count": 79, "abnormal_count": 0, "normal_count": 79, "alert_count": 0, "timestamp": 1765313247913, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727337298403046, "etime": 1727337298403046, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51947, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337297344578, "etime": 1727337297344578, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51945, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337259547879, "etime": 1727337259547879, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51905, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337255453838, "etime": 1727337255453838, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51901, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337266657233, "etime": 1727337266657233, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51912, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337293251734, "etime": 1727337293251734, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51940, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337298360155, "etime": 1727337298360155, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51946, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337262595659, "etime": 1727337262595659, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51908, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337305535748, "etime": 1727337305535748, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51956, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337275938205, "etime": 1727337275938205, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51922, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337295315597, "etime": 1727337295315597, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51943, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337271875984, "etime": 1727337271875984, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51918, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337294266475, "etime": 1727337294266475, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51941, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337296329338, "etime": 1727337296329338, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51944, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337272891615, "etime": 1727337272891615, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51919, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337303500977, "etime": 1727337303500977, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51953, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337301481504, "etime": 1727337301481504, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51951, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337305532162, "etime": 1727337305532162, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51955, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337242251059, "etime": 1727337242251059, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51888, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337300423156, "etime": 1727337300423156, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51949, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337304516442, "etime": 1727337304516442, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51954, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337270861316, "etime": 1727337270861316, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51917, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337281016394, "etime": 1727337281016394, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51927, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337260563455, "etime": 1727337260563455, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51906, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337237175081, "etime": 1727337237175081, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51883, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337273907288, "etime": 1727337273907288, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51920, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337269844804, "etime": 1727337269844804, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51916, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337239203809, "etime": 1727337239203809, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51885, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337267690324, "etime": 1727337267690324, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51913, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337247329223, "etime": 1727337247329223, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51893, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337284063244, "etime": 1727337284063244, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51930, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337285079344, "etime": 1727337285079344, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51931, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337286094609, "etime": 1727337286094609, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51932, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337261579160, "etime": 1727337261579160, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51907, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337265643006, "etime": 1727337265643006, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51911, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337280001957, "etime": 1727337280001957, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51926, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337288125723, "etime": 1727337288125723, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51934, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337243266949, "etime": 1727337243266949, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51889, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337258516791, "etime": 1727337258516791, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51904, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337257485770, "etime": 1727337257485770, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51903, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337238189065, "etime": 1727337238189065, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51884, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337301438713, "etime": 1727337301438713, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51950, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337268704296, "etime": 1727337268704296, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51914, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337172030785, "etime": 1727337172030785, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51878, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337268839814, "etime": 1727337268839814, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51915, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337282032129, "etime": 1727337282032129, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51928, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337302486537, "etime": 1727337302486537, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51952, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337274922656, "etime": 1727337274922656, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51921, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337291220930, "etime": 1727337291220930, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51938, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337292235191, "etime": 1727337292235191, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51939, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337240219861, "etime": 1727337240219861, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51886, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337277969821, "etime": 1727337277969821, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51924, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337246313398, "etime": 1727337246313398, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51892, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337249360585, "etime": 1727337249360585, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51895, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337244281877, "etime": 1727337244281877, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51890, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337245297624, "etime": 1727337245297624, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51891, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337248344413, "etime": 1727337248344413, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51894, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337291172793, "etime": 1727337291172793, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51937, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337251391639, "etime": 1727337251391639, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51897, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337276954287, "etime": 1727337276954287, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51923, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337290157454, "etime": 1727337290157454, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51936, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337295284357, "etime": 1727337295284357, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51942, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337256469437, "etime": 1727337256469437, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51902, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337250376254, "etime": 1727337250376254, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51896, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337287110391, "etime": 1727337287110391, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51933, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337234094423, "etime": 1727337234094423, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51882, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337254438581, "etime": 1727337254438581, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51900, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337264625901, "etime": 1727337264625901, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51910, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337289141645, "etime": 1727337289141645, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51935, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337172049728, "etime": 1727337172049728, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51879, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337241235334, "etime": 1727337241235334, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51887, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337283048014, "etime": 1727337283048014, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51929, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337232063887, "etime": 1727337232063887, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51880, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337252407480, "etime": 1727337252407480, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51898, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337263606586, "etime": 1727337263606586, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51909, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337278984986, "etime": 1727337278984986, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51925, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337299407439, "etime": 1727337299407439, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51948, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337253422615, "etime": 1727337253422615, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51899, "dest_port": 8070, "protocol": "tls", "result": "Normal"}, {"stime": 1727337233079124, "etime": 1727337233079124, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 51881, "dest_port": 8070, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:47:27.915] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:47:27.915] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24304 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID42-httpCS4.8_windowsserver2016_kali_openjdk_domain3.1727340077.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID42-httpCS4.8_windowsserver2016_kali_openjdk_domain3.1727340077.jsonl?X-Amz-Signature=a1ca289eb45292ca4d5a69052551781f22854baa2f2945be49cef59377a63af2&X-Amz-Date=20251209T124727Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:47:27.915] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:47:27.915] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:47:27.915] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:47:27.915] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:47:27.915] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:47:27.915] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:47:31.038] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID42-httpCS4.8_windowsserver2016_kali_openjdk_domain3.1727340077.jsonl|result:{"code": 0, "total_count": 75, "abnormal_count": 0, "normal_count": 75, "alert_count": 0, "timestamp": 1765313251036, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727340137960255, "etime": 1727340137960255, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54190, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340157539710, "etime": 1727340157539710, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54212, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340184866155, "etime": 1727340184866155, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54240, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340142053214, "etime": 1727340142053214, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54195, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340163631648, "etime": 1727340163631648, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54218, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340077931946, "etime": 1727340077931946, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54188, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340167454302, "etime": 1727340167454302, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54220, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340181819346, "etime": 1727340181819346, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54237, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340196193980, "etime": 1727340196193980, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54253, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340169492688, "etime": 1727340169492688, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54222, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340185990954, "etime": 1727340185990954, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54242, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340173600731, "etime": 1727340173600731, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54227, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340174618284, "etime": 1727340174618284, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54228, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340202350375, "etime": 1727340202350375, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54260, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340159569280, "etime": 1727340159569280, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54214, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340158553232, "etime": 1727340158553232, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54213, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340187008759, "etime": 1727340187008759, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54243, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340178773135, "etime": 1727340178773135, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54234, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340198225398, "etime": 1727340198225398, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54255, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340138975039, "etime": 1727340138975039, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54191, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340140020417, "etime": 1727340140020417, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54193, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340178726663, "etime": 1727340178726663, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54233, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340192084843, "etime": 1727340192084843, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54248, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340203370481, "etime": 1727340203370481, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54262, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340172584976, "etime": 1727340172584976, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54226, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340182834721, "etime": 1727340182834721, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54238, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340188022355, "etime": 1727340188022355, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54244, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340179787755, "etime": 1727340179787755, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54235, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340145100487, "etime": 1727340145100487, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54198, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340189038147, "etime": 1727340189038147, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54245, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340153459480, "etime": 1727340153459480, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54208, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340166407711, "etime": 1727340166407711, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54219, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340145142059, "etime": 1727340145142059, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54199, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340155506999, "etime": 1727340155506999, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54210, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340147164457, "etime": 1727340147164457, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54201, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340148178621, "etime": 1727340148178621, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54202, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340174649696, "etime": 1727340174649696, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54229, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340143070032, "etime": 1727340143070032, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54196, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340168459944, "etime": 1727340168459944, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54221, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340146147471, "etime": 1727340146147471, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54200, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340195131741, "etime": 1727340195131741, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54251, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340176680363, "etime": 1727340176680363, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54231, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340197209582, "etime": 1727340197209582, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54254, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340154475799, "etime": 1727340154475799, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54209, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340190053422, "etime": 1727340190053422, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54246, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340162616171, "etime": 1727340162616171, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54217, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340191069359, "etime": 1727340191069359, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54247, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340149229919, "etime": 1727340149229919, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54203, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340177694575, "etime": 1727340177694575, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54232, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340200303249, "etime": 1727340200303249, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54258, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340153319601, "etime": 1727340153319601, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54207, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340151274762, "etime": 1727340151274762, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54205, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340171573340, "etime": 1727340171573340, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54225, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340161600338, "etime": 1727340161600338, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54216, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340175663093, "etime": 1727340175663093, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54230, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340199286830, "etime": 1727340199286830, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54257, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340141037801, "etime": 1727340141037801, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54194, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340152287684, "etime": 1727340152287684, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54206, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340180803615, "etime": 1727340180803615, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54236, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340203366304, "etime": 1727340203366304, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54261, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340150241019, "etime": 1727340150241019, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54204, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340171539133, "etime": 1727340171539133, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54224, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340160585010, "etime": 1727340160585010, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54215, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340184982227, "etime": 1727340184982227, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54241, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340183850332, "etime": 1727340183850332, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54239, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340193100393, "etime": 1727340193100393, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54249, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340139990993, "etime": 1727340139990993, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54192, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340201335185, "etime": 1727340201335185, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54259, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340195177928, "etime": 1727340195177928, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54252, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340144084998, "etime": 1727340144084998, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54197, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340156522084, "etime": 1727340156522084, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54211, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340170506760, "etime": 1727340170506760, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54223, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340194115798, "etime": 1727340194115798, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54250, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340199241379, "etime": 1727340199241379, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54256, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727340077947554, "etime": 1727340077947554, "src_ip": "192.168.37.134", "dest_ip": "192.168.37.132", "src_port": 54189, "dest_port": 8090, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:47:31.038] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:47:31.038] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24733 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_domain_mogai4zwlkhflow1zwrkh.1726645853.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_domain_mogai4zwlkhflow1zwrkh.1726645853.jsonl?X-Amz-Date=20251209T124730Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Signature=aa55edde7e310c48843ef563e951e4d7aaabbb465a3ca7a6b97879da350b3c7b&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host"}
[2025-12-09 20:47:31.038] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:47:31.038] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:47:31.038] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:47:31.038] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:47:31.038] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:47:31.038] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:47:31.084] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_domain_mogai4zwlkhflow1zwrkh.1726645853.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765313251083, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726645853080072, "etime": 1726645853080072, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49305, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:47:31.084] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:47:31.084] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:47:31.084] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:47:34.047] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24305 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_domain_mogai4zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49305.1726645853.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_domain_mogai4zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49305.1726645853.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=8e7ea0a2f70e41a1784f44f50a0f11feebe405ccafcc91ca39bdc8a163dcd775&X-Amz-Date=20251209T124733Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request"}
[2025-12-09 20:47:34.047] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:47:34.047] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:47:34.047] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:47:34.047] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:47:34.047] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:47:34.048] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:47:34.117] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID18-tls1.3CS4.8_win7_kali_openjdk_domain_mogai4zwlkhflow1zwrkh.pcap.TCP_192-168-88-22_50050_192-168-88-30_49305.1726645853.jsonl|result:{"code": 1, "total_count": 1, "abnormal_count": 1, "normal_count": 0, "alert_count": 1, "timestamp": 1765313254117, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1726645853080072, "etime": 1726645853080072, "src_ip": "192.168.88.30", "dest_ip": "192.168.88.22", "src_port": 49305, "dest_port": 50050, "protocol": "tls", "result": "Behinder"}]}
[2025-12-09 20:47:34.117] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 1|max_alert: 1000
[2025-12-09 20:47:34.117] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:47:34.117] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:47:37.169] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25977 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID46-httpCS4.8_windowsserver2022_kali_openjdk_domain2.1727322878.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID46-httpCS4.8_windowsserver2022_kali_openjdk_domain2.1727322878.jsonl?X-Amz-Signature=a6ecc5df33cf7889b240499988daf7a8aa0110bd1838666603347b9473b9259a&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Date=20251209T124736Z"}
[2025-12-09 20:47:37.169] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:47:37.169] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:47:37.169] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:47:37.169] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:47:37.169] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:47:37.170] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:47:41.227] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID46-httpCS4.8_windowsserver2022_kali_openjdk_domain2.1727322878.jsonl|result:{"code": 0, "total_count": 76, "abnormal_count": 0, "normal_count": 76, "alert_count": 0, "timestamp": 1765313261226, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727322993373837, "etime": 1727322993373837, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51471, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727323004622476, "etime": 1727323004622476, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51483, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322975089373, "etime": 1727322975089373, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51453, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727323007667075, "etime": 1727323007667075, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51486, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322977120507, "etime": 1727322977120507, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51455, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322996417303, "etime": 1727322996417303, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51474, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322962105406, "etime": 1727322962105406, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51441, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322954886445, "etime": 1727322954886445, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51433, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322951839747, "etime": 1727322951839747, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51430, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322965151819, "etime": 1727322965151819, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51444, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322966167575, "etime": 1727322966167575, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51445, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322982198438, "etime": 1727322982198438, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51460, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322985247332, "etime": 1727322985247332, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51463, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322979151823, "etime": 1727322979151823, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51457, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727323003605432, "etime": 1727323003605432, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51482, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322950760952, "etime": 1727322950760952, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51428, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322957980318, "etime": 1727322957980318, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51436, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322997433636, "etime": 1727322997433636, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51475, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322959042522, "etime": 1727322959042522, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51438, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322974075436, "etime": 1727322974075436, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51452, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322989307935, "etime": 1727322989307935, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51467, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322971854681, "etime": 1727322971854681, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51449, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322955934088, "etime": 1727322955934088, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51434, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322995401829, "etime": 1727322995401829, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51473, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322945682947, "etime": 1727322945682947, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51423, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322999465397, "etime": 1727322999465397, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51477, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322939480718, "etime": 1727322939480718, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51416, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322978136673, "etime": 1727322978136673, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51456, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322981182975, "etime": 1727322981182975, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51459, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322941542728, "etime": 1727322941542728, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51418, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322987276716, "etime": 1727322987276716, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51465, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322990324140, "etime": 1727322990324140, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51468, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322994387763, "etime": 1727322994387763, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51472, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322972049423, "etime": 1727322972049423, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51450, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322963120354, "etime": 1727322963120354, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51442, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727323006652812, "etime": 1727323006652812, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51485, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322948730553, "etime": 1727322948730553, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51426, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322949745623, "etime": 1727322949745623, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51427, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322956948553, "etime": 1727322956948553, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51435, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322967199007, "etime": 1727322967199007, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51446, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322988292473, "etime": 1727322988292473, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51466, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322973058525, "etime": 1727322973058525, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51451, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322961090325, "etime": 1727322961090325, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51440, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322983215770, "etime": 1727322983215770, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51461, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322947714133, "etime": 1727322947714133, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51425, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322950830865, "etime": 1727322950830865, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51429, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322976105138, "etime": 1727322976105138, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51454, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322991339300, "etime": 1727322991339300, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51469, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322953870854, "etime": 1727322953870854, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51432, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322964136219, "etime": 1727322964136219, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51443, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322878383440, "etime": 1727322878383440, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51412, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322944671646, "etime": 1727322944671646, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51422, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727323001496073, "etime": 1727323001496073, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51479, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727323002511532, "etime": 1727323002511532, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51480, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322958035146, "etime": 1727322958035146, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51437, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322938417795, "etime": 1727322938417795, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51414, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322940527323, "etime": 1727322940527323, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51417, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322942573660, "etime": 1727322942573660, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51419, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322944605017, "etime": 1727322944605017, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51421, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322970848642, "etime": 1727322970848642, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51448, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322986261309, "etime": 1727322986261309, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51464, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322960074690, "etime": 1727322960074690, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51439, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727323005636479, "etime": 1727323005636479, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51484, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322980167841, "etime": 1727322980167841, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51458, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322943590400, "etime": 1727322943590400, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51420, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322878398341, "etime": 1727322878398341, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51413, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322946699277, "etime": 1727322946699277, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51424, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727323002586957, "etime": 1727323002586957, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51481, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322992355101, "etime": 1727322992355101, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51470, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322998448938, "etime": 1727322998448938, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51476, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322938471502, "etime": 1727322938471502, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51415, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322952854712, "etime": 1727322952854712, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51431, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727323007678235, "etime": 1727323007678235, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51487, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727323000479628, "etime": 1727323000479628, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51478, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322984230240, "etime": 1727322984230240, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51462, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727322968215495, "etime": 1727322968215495, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 51447, "dest_port": 8090, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:47:41.228] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:47:41.228] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[1] at offset 25978 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID3_CS4.8_win11_Ubuntu_jdk_IP_tls1.2.1727153080.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID3_CS4.8_win11_Ubuntu_jdk_IP_tls1.2.1727153080.jsonl?X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T124739Z&X-Amz-SignedHeaders=host&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=604800&X-Amz-Signature=9e31a6243ecb0bc045f4a80949c2479933c6caa946c0f7ca992a8dc857d2d657"}
[2025-12-09 20:47:41.228] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:47:41.228] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:47:41.228] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:47:41.228] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:47:41.228] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:47:41.228] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:47:43.126] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID3_CS4.8_win11_Ubuntu_jdk_IP_tls1.2.1727153080.jsonl|result:{"code": 1, "total_count": 38, "abnormal_count": 2, "normal_count": 36, "alert_count": 2, "timestamp": 1765313263125, "module": "anquanchu", "proto": "tls", "alerted": true, "details": [{"stime": 1727153163084978, "etime": 1727153163084978, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55709, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153180666712, "etime": 1727153180666712, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55725, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153146609375, "etime": 1727153146609375, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55693, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153156915259, "etime": 1727153156915259, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55703, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153165128390, "etime": 1727153165128390, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55711, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153173256450, "etime": 1727153173256450, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55716, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153174276898, "etime": 1727153174276898, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55717, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153176565608, "etime": 1727153176565608, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55720, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153177587039, "etime": 1727153177587039, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55721, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153164096916, "etime": 1727153164096916, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55710, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153082775216, "etime": 1727153082775216, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55684, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153151754059, "etime": 1727153151754059, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55698, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153162047286, "etime": 1727153162047286, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55708, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153144518185, "etime": 1727153144518185, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55691, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727153159993715, "etime": 1727153159993715, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55706, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153175547929, "etime": 1727153175547929, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55719, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153149696835, "etime": 1727153149696835, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55696, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153157936668, "etime": 1727153157936668, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55704, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153150731798, "etime": 1727153150731798, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55697, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153170153846, "etime": 1727153170153846, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55713, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153152791784, "etime": 1727153152791784, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55699, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153174535170, "etime": 1727153174535170, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55718, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153178617548, "etime": 1727153178617548, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55722, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153145560682, "etime": 1727153145560682, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55692, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153179642620, "etime": 1727153179642620, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55723, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153080149443, "etime": 1727153080149443, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55683, "dest_port": 80, "protocol": "tls", "result": "Normal"}, {"stime": 1727153172232469, "etime": 1727153172232469, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55715, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153155886578, "etime": 1727153155886578, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55702, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153161021303, "etime": 1727153161021303, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55707, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153180683870, "etime": 1727153180683870, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55726, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153153831494, "etime": 1727153153831494, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55700, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153154863030, "etime": 1727153154863030, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55701, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153171196701, "etime": 1727153171196701, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55714, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153158968182, "etime": 1727153158968182, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55705, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153147632337, "etime": 1727153147632337, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55694, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153148658667, "etime": 1727153148658667, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55695, "dest_port": 443, "protocol": "tls", "result": "Normal"}, {"stime": 1727153169129941, "etime": 1727153169129941, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55712, "dest_port": 443, "protocol": "tls", "result": "CobaltStrike"}, {"stime": 1727153142845007, "etime": 1727153142845007, "src_ip": "192.168.32.40", "dest_ip": "192.168.32.41", "src_port": 55690, "dest_port": 443, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:47:43.126] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 2|max_alert: 1000
[2025-12-09 20:47:43.126] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:296) 根据预测结果alert_count 判断上报文件到kafka.
[2025-12-09 20:47:43.126] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:308) 上报kafka.
[2025-12-09 20:47:43.420] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24734 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID45-httpCS4.8_windowsserver2022_kali_jdk_domain2.1727332783.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID45-httpCS4.8_windowsserver2022_kali_jdk_domain2.1727332783.jsonl?X-Amz-Signature=7fc835b8e505535db7bc69ddcb59a62229d2116e6670d74406a2e6fd73890c1c&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20251209T124742Z"}
[2025-12-09 20:47:43.420] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:47:43.420] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:47:43.420] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:47:43.420] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:47:43.420] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:47:43.420] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:47:46.975] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID45-httpCS4.8_windowsserver2022_kali_jdk_domain2.1727332783.jsonl|result:{"code": 0, "total_count": 76, "abnormal_count": 0, "normal_count": 76, "alert_count": 0, "timestamp": 1765313266973, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727332850487662, "etime": 1727332850487662, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52018, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332862737092, "etime": 1727332862737092, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52031, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332846346417, "etime": 1727332846346417, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52013, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332877065138, "etime": 1727332877065138, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52047, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332867816195, "etime": 1727332867816195, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52036, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332890534134, "etime": 1727332890534134, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52061, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332905362956, "etime": 1727332905362956, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52074, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332856649479, "etime": 1727332856649479, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52025, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332894597608, "etime": 1727332894597608, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52065, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332897248210, "etime": 1727332897248210, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52066, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332866799515, "etime": 1727332866799515, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52035, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332849471753, "etime": 1727332849471753, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52017, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332881353396, "etime": 1727332881353396, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52052, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332886471842, "etime": 1727332886471842, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52057, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332879112700, "etime": 1727332879112700, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52049, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332852534238, "etime": 1727332852534238, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52020, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332845330905, "etime": 1727332845330905, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52012, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332844315420, "etime": 1727332844315420, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52011, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332874987844, "etime": 1727332874987844, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52044, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332889518358, "etime": 1727332889518358, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52060, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332891550380, "etime": 1727332891550380, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52062, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332857659277, "etime": 1727332857659277, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52026, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332884393222, "etime": 1727332884393222, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52055, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332859690295, "etime": 1727332859690295, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52028, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332860706798, "etime": 1727332860706798, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52029, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332893580604, "etime": 1727332893580604, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52064, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332902314938, "etime": 1727332902314938, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52071, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332892564877, "etime": 1727332892564877, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52063, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332909502966, "etime": 1727332909502966, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52079, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332908496930, "etime": 1727332908496930, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52078, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332911534062, "etime": 1727332911534062, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52081, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332908409567, "etime": 1727332908409567, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52077, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332910519355, "etime": 1727332910519355, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52080, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332864768007, "etime": 1727332864768007, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52033, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332898253143, "etime": 1727332898253143, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52067, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332783286318, "etime": 1727332783286318, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52009, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332881143820, "etime": 1727332881143820, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52051, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332912558786, "etime": 1727332912558786, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52083, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332887486779, "etime": 1727332887486779, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52058, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332882362105, "etime": 1727332882362105, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52053, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332863752559, "etime": 1727332863752559, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52032, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332843300087, "etime": 1727332843300087, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52010, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332856596687, "etime": 1727332856596687, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52024, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332847444335, "etime": 1727332847444335, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52015, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332869846413, "etime": 1727332869846413, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52038, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332865784120, "etime": 1727332865784120, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52034, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332870861956, "etime": 1727332870861956, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52039, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332871940539, "etime": 1727332871940539, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52041, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332883377515, "etime": 1727332883377515, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52054, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332783270806, "etime": 1727332783270806, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52008, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332903331845, "etime": 1727332903331845, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52072, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332904346641, "etime": 1727332904346641, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52073, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332907393795, "etime": 1727332907393795, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52076, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332912550090, "etime": 1727332912550090, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52082, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332847362976, "etime": 1727332847362976, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52014, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332848455887, "etime": 1727332848455887, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52016, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332878096172, "etime": 1727332878096172, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52048, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332899268119, "etime": 1727332899268119, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52068, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332855580964, "etime": 1727332855580964, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52023, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332888502660, "etime": 1727332888502660, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52059, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332851519627, "etime": 1727332851519627, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52019, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332906377671, "etime": 1727332906377671, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52075, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332880127395, "etime": 1727332880127395, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52050, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332853550255, "etime": 1727332853550255, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52021, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332868830671, "etime": 1727332868830671, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52037, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332873971158, "etime": 1727332873971158, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52043, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332854566481, "etime": 1727332854566481, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52022, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332858675318, "etime": 1727332858675318, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52027, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332875043825, "etime": 1727332875043825, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52045, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332870936869, "etime": 1727332870936869, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52040, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332861721321, "etime": 1727332861721321, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52030, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332872956309, "etime": 1727332872956309, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52042, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332900283871, "etime": 1727332900283871, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52069, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332876049933, "etime": 1727332876049933, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52046, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332885456485, "etime": 1727332885456485, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52056, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332901299504, "etime": 1727332901299504, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52070, "dest_port": 8090, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:47:46.975] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:47:46.975] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[2] at offset 24306 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID48-httpCS4.8_windowsserver2022_ubuntu_openjdk_domain3.1727317421.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID48-httpCS4.8_windowsserver2022_ubuntu_openjdk_domain3.1727317421.jsonl?X-Amz-SignedHeaders=host&X-Amz-Expires=604800&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=1b815c11d45b6e0b794c4302013b04be686fdf2eff701bfe053725eb5f99c11a&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T124746Z"}
[2025-12-09 20:47:46.975] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:47:46.975] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:47:46.975] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:47:46.975] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:47:46.975] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:47:46.975] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:47:49.833] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID48-httpCS4.8_windowsserver2022_ubuntu_openjdk_domain3.1727317421.jsonl|result:{"code": 0, "total_count": 64, "abnormal_count": 0, "normal_count": 64, "alert_count": 0, "timestamp": 1765313269831, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727317509962139, "etime": 1727317509962139, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49892, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317498051196, "etime": 1727317498051196, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49881, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317489831728, "etime": 1727317489831728, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49872, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317497035560, "etime": 1727317497035560, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49880, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317520113688, "etime": 1727317520113688, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49902, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317525223764, "etime": 1727317525223764, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49907, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317528332930, "etime": 1727317528332930, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49911, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317490847867, "etime": 1727317490847867, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49873, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317523176018, "etime": 1727317523176018, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49905, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317485771727, "etime": 1727317485771727, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49868, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317500286797, "etime": 1727317500286797, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49884, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317503332949, "etime": 1727317503332949, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49887, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317516050621, "etime": 1727317516050621, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49898, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317535488845, "etime": 1727317535488845, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49919, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317521128762, "etime": 1727317521128762, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49903, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317532394821, "etime": 1727317532394821, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49915, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317491863137, "etime": 1727317491863137, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49874, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317482484882, "etime": 1727317482484882, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49863, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317496019402, "etime": 1727317496019402, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49879, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317517066840, "etime": 1727317517066840, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49899, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317529347741, "etime": 1727317529347741, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49912, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317533456841, "etime": 1727317533456841, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49917, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317527269388, "etime": 1727317527269388, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49909, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317492878820, "etime": 1727317492878820, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49875, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317507394605, "etime": 1727317507394605, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49891, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317526254284, "etime": 1727317526254284, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49908, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317536503759, "etime": 1727317536503759, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49920, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317538534793, "etime": 1727317538534793, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49922, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317481379991, "etime": 1727317481379991, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49862, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317499066510, "etime": 1727317499066510, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49882, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317514019727, "etime": 1727317514019727, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49896, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317515035473, "etime": 1727317515035473, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49897, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317486785204, "etime": 1727317486785204, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49869, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317484675843, "etime": 1727317484675843, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49866, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317534473726, "etime": 1727317534473726, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49918, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317518083050, "etime": 1727317518083050, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49900, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317487800832, "etime": 1727317487800832, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49870, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317532452185, "etime": 1727317532452185, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49916, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317530362815, "etime": 1727317530362815, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49913, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317505363098, "etime": 1727317505363098, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49889, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317493895675, "etime": 1727317493895675, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49876, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317522144492, "etime": 1727317522144492, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49904, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317504347813, "etime": 1727317504347813, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49888, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317511988679, "etime": 1727317511988679, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49894, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317538542884, "etime": 1727317538542884, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49923, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317513004877, "etime": 1727317513004877, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49895, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317483582260, "etime": 1727317483582260, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49864, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317493985619, "etime": 1727317493985619, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49877, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317502316248, "etime": 1727317502316248, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49886, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317501301598, "etime": 1727317501301598, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49885, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317499239567, "etime": 1727317499239567, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49883, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317510973579, "etime": 1727317510973579, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49893, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317531378513, "etime": 1727317531378513, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49914, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317421326802, "etime": 1727317421326802, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49860, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317421358328, "etime": 1727317421358328, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49861, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317483660790, "etime": 1727317483660790, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49865, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317488816912, "etime": 1727317488816912, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49871, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317495004265, "etime": 1727317495004265, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49878, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317506379479, "etime": 1727317506379479, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49890, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317485708258, "etime": 1727317485708258, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49867, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317524207751, "etime": 1727317524207751, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49906, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317527321304, "etime": 1727317527321304, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49910, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317519097324, "etime": 1727317519097324, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49901, "dest_port": 8990, "protocol": "tls", "result": "Normal"}, {"stime": 1727317537520041, "etime": 1727317537520041, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.136", "src_port": 49921, "dest_port": 8990, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:47:49.833] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000
[2025-12-09 20:47:49.833] [DEBUG] [tid:140062327686848] (KafkaConsumer.cpp:411)  Message in-> topic:analyzed_queue_cnn partition:[0] at offset 24735 key: NULL payload: {"bucket":"2025-12-09","object":"20/output/cnn/replay.pcap-ID45-httpCS4.8_windowsserver2022_kali_jdk_domain3.1727332979.jsonl","url":"http://111.32.12.11:9000/2025-12-09/20/output/cnn/replay.pcap-ID45-httpCS4.8_windowsserver2022_kali_jdk_domain3.1727332979.jsonl?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20251209T124749Z&X-Amz-Credential=UDM59PO2GGFR6AM8LSXP%2F20251209%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=f0b2431eb25c646e0615c21058e627b5a3eae5970c8a240af9bb977b07a5ee48"}
[2025-12-09 20:47:49.833] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:259) process model: 0
[2025-12-09 20:47:49.833] [INFO] [tid:140062327686848] (AiModule.cpp:10) load so_code_cnn.so lib
[2025-12-09 20:47:49.833] [INFO] [tid:140062327686848] (AiModule.cpp:12) load so module so_code_cnn
[2025-12-09 20:47:49.833] [INFO] [tid:140062327686848] (AiModule.cpp:20) get func load
[2025-12-09 20:47:49.833] [INFO] [tid:140062327686848] (AiModule.cpp:29) prepare args for load
[2025-12-09 20:47:49.833] [INFO] [tid:140062327686848] (AiModule.cpp:39) load result:0
[2025-12-09 20:47:52.785] [DEBUG] [tid:140062327686848] (AiModule.cpp:93) bucket:2025-12-09|object:20/output/cnn/replay.pcap-ID45-httpCS4.8_windowsserver2022_kali_jdk_domain3.1727332979.jsonl|result:{"code": 0, "total_count": 71, "abnormal_count": 0, "normal_count": 71, "alert_count": 0, "timestamp": 1765313272784, "module": "anquanchu", "proto": "tls", "alerted": false, "details": [{"stime": 1727333052019224, "etime": 1727333052019224, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52100, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333071456582, "etime": 1727333071456582, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52121, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332979580438, "etime": 1727332979580438, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52084, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333057160669, "etime": 1727333057160669, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52106, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333078565930, "etime": 1727333078565930, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52128, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333062317108, "etime": 1727333062317108, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52112, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333093962737, "etime": 1727333093962737, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52145, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333093878205, "etime": 1727333093878205, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52144, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333097003724, "etime": 1727333097003724, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52148, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333076534467, "etime": 1727333076534467, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52126, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333051003203, "etime": 1727333051003203, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52099, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333072472286, "etime": 1727333072472286, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52122, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333103137076, "etime": 1727333103137076, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52155, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333075519396, "etime": 1727333075519396, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52125, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333070440471, "etime": 1727333070440471, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52120, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333084659217, "etime": 1727333084659217, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52134, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333060221863, "etime": 1727333060221863, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52109, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333044909839, "etime": 1727333044909839, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52093, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333064346911, "etime": 1727333064346911, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52114, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333085675241, "etime": 1727333085675241, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52135, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333099034011, "etime": 1727333099034011, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52150, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333101097214, "etime": 1727333101097214, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52152, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333103128548, "etime": 1727333103128548, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52154, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333094971711, "etime": 1727333094971711, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52146, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333042862374, "etime": 1727333042862374, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52091, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333039612838, "etime": 1727333039612838, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52087, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333090800098, "etime": 1727333090800098, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52141, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333077550824, "etime": 1727333077550824, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52127, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333086737314, "etime": 1727333086737314, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52137, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333068409241, "etime": 1727333068409241, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52118, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333043897652, "etime": 1727333043897652, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52092, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333047956185, "etime": 1727333047956185, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52096, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333067394452, "etime": 1727333067394452, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52117, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333095988229, "etime": 1727333095988229, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52147, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333100082468, "etime": 1727333100082468, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52151, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333066378017, "etime": 1727333066378017, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52116, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333091848131, "etime": 1727333091848131, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52142, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333079582328, "etime": 1727333079582328, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52129, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333089784213, "etime": 1727333089784213, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52140, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333045925159, "etime": 1727333045925159, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52094, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333074503499, "etime": 1727333074503499, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52124, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333041847983, "etime": 1727333041847983, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52090, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333055138781, "etime": 1727333055138781, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52104, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333053034668, "etime": 1727333053034668, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52101, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333061298458, "etime": 1727333061298458, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52111, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333102112179, "etime": 1727333102112179, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52153, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333039817948, "etime": 1727333039817948, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52088, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333065362295, "etime": 1727333065362295, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52115, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333048971853, "etime": 1727333048971853, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52097, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333046940625, "etime": 1727333046940625, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52095, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333082628810, "etime": 1727333082628810, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52132, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333056143844, "etime": 1727333056143844, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52105, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333063330990, "etime": 1727333063330990, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52113, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333080597054, "etime": 1727333080597054, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52130, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333087753164, "etime": 1727333087753164, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52138, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333081613034, "etime": 1727333081613034, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52131, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727332979596685, "etime": 1727332979596685, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52085, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333059206948, "etime": 1727333059206948, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52108, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333098019664, "etime": 1727333098019664, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52149, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333073487584, "etime": 1727333073487584, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52123, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333055066337, "etime": 1727333055066337, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52103, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333058175760, "etime": 1727333058175760, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52107, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333088768575, "etime": 1727333088768575, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52139, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333085730085, "etime": 1727333085730085, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52136, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333092862513, "etime": 1727333092862513, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52143, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333040832501, "etime": 1727333040832501, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52089, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333054050763, "etime": 1727333054050763, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52102, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333061237730, "etime": 1727333061237730, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52110, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333069425701, "etime": 1727333069425701, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52119, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333083644094, "etime": 1727333083644094, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52133, "dest_port": 8090, "protocol": "tls", "result": "Normal"}, {"stime": 1727333049988045, "etime": 1727333049988045, "src_ip": "192.168.37.138", "dest_ip": "192.168.37.132", "src_port": 52098, "dest_port": 8090, "protocol": "tls", "result": "Normal"}]}
[2025-12-09 20:47:52.785] [INFO] [tid:140062327686848] (KafkaConsumer.cpp:267) cnn alert_count: 0|max_alert: 1000