{ "timestamp": "2016-05-24T17:27:01.960780-0600", "flow_id": 15684738590988,

1. {
2. "timestamp": "2016-05-24T17:27:01.960780-0600",
3. "flow_id": 15684738590988,
4. "pcap_cnt": 1,
5. "event_type": "dns",
6. "src_ip": "10.16.1.11",
7. "src_port": 53679,
8. "dest_ip": "10.16.1.1",
9. "dest_port": 53,
10. "proto": "UDP",
11. "dns": {
12. "type": "query",
13. "id": 39339,
14. "query": {
15. "rrname": "client-cf.dropbox.com",
16. "rrtype": "A"
17. },
18. "tx_id": 0
19. }
20. }
21. {
22. "timestamp": "2016-05-24T17:27:02.832606-0600",
23. "flow_id": 542660046009438,
24. "pcap_cnt": 3,
25. "event_type": "dns",
26. "src_ip": "10.16.1.11",
27. "src_port": 49697,
28. "dest_ip": "10.16.1.1",
29. "dest_port": 53,
30. "proto": "UDP",
31. "dns": {
32. "type": "query",
33. "id": 3407,
34. "query": {
35. "rrname": "block.dropbox.com",
36. "rrtype": "A"
37. },
38. "tx_id": 0
39. }
40. }
41. {
42. "timestamp": "2016-05-24T17:27:03.085375-0600",
43. "flow_id": 1585332076629375,
44. "pcap_cnt": 4,
45. "event_type": "dns",
46. "src_ip": "10.16.1.11",
47. "src_port": 33458,
48. "dest_ip": "10.16.1.1",
49. "dest_port": 53,
50. "proto": "UDP",
51. "dns": {
52. "type": "query",
53. "id": 44779,
54. "query": {
55. "rrname": "codemonkey.net",
56. "rrtype": "A"
57. },
58. "tx_id": 0
59. }
60. }
61. {
62. "timestamp": "2016-05-24T17:27:02.333141-0600",
63. "flow_id": 15684738590988,
64. "pcap_cnt": 2,
65. "event_type": "dns",
66. "src_ip": "10.16.1.11",
67. "src_port": 53679,
68. "dest_ip": "10.16.1.1",
69. "dest_port": 53,
70. "proto": "UDP",
71. "dns": {
72. "type": "answer",
73. "id": 39339,
74. "rcode": "NOERROR",
75. "answer": [
76. {
77. "rrname": "client-cf.dropbox.com",
78. "rrtype": "A",
79. "ttl": 47,
80. "rdata": "52.85.112.21"
81. }
82. ],
83. "tx_id": 0
84. }
85. }
86. {
87. "timestamp": "2016-05-24T17:27:03.213624-0600",
88. "flow_id": 542660046009438,
89. "pcap_cnt": 5,
90. "event_type": "dns",
91. "src_ip": "10.16.1.11",
92. "src_port": 49697,
93. "dest_ip": "10.16.1.1",
94. "dest_port": 53,
95. "proto": "UDP",
96. "dns": {
97. "type": "answer",
98. "id": 3407,
99. "rcode": "NOERROR",
100. "answer": [
101. {
102. "rrname": "block.dropbox.com",
103. "rrtype": "CNAME",
104. "ttl": 9,
105. "rdata": "block.g1.dropbox.com"
106. },
107. {
108. "rrname": "block.g1.dropbox.com",
109. "rrtype": "A",
110. "ttl": 8,
111. "rdata": "45.58.70.33"
112. }
113. ],
114. "tx_id": 0
115. }
116. }
117. {
118. "timestamp": "2016-05-24T17:27:03.493333-0600",
119. "flow_id": 1585332076629375,
120. "pcap_cnt": 6,
121. "event_type": "dns",
122. "src_ip": "10.16.1.11",
123. "src_port": 33458,
124. "dest_ip": "10.16.1.1",
125. "dest_port": 53,
126. "proto": "UDP",
127. "dns": {
128. "type": "answer",
129. "id": 44779,
130. "rcode": "NOERROR",
131. "answer": [
132. {
133. "rrname": "codemonkey.net",
134. "rrtype": "A",
135. "ttl": 435,
136. "rdata": "104.131.202.103"
137. }
138. ],
139. "tx_id": 0
140. }
141. }
142. {
143. "timestamp": "2016-05-24T17:27:04.653864-0600",
144. "flow_id": 848126710184488,
145. "pcap_cnt": 7,
146. "event_type": "dns",
147. "src_ip": "10.16.1.11",
148. "src_port": 57634,
149. "dest_ip": "10.16.1.1",
150. "dest_port": 53,
151. "proto": "UDP",
152. "dns": {
153. "type": "query",
154. "id": 14681,
155. "query": {
156. "rrname": "client-cf.dropbox.com",
157. "rrtype": "A"
158. },
159. "tx_id": 0
160. }
161. }
162. {
163. "timestamp": "2016-05-24T17:27:04.654238-0600",
164. "flow_id": 848126710184488,
165. "pcap_cnt": 8,
166. "event_type": "dns",
167. "src_ip": "10.16.1.11",
168. "src_port": 57634,
169. "dest_ip": "10.16.1.1",
170. "dest_port": 53,
171. "proto": "UDP",
172. "dns": {
173. "type": "answer",
174. "id": 14681,
175. "rcode": "NOERROR",
176. "answer": [
177. {
178. "rrname": "client-cf.dropbox.com",
179. "rrtype": "A",
180. "ttl": 45,
181. "rdata": "52.85.112.21"
182. }
183. ],
184. "tx_id": 0
185. }
186. }