API tools faq
paste
Advertisement
0x007b

Untitled

0x007b
Sep 14th, 2018
233
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 151.07 KB | None | 0 0
raw download clone embed print report
  1. Could not find log4j2 configuration at path /usr/share/logstash/config/log4j2.properties. Using default config which logs errors to the console
  2. [DEBUG] 2018-09-14 10:38:59.888 [main] scaffold - Found module {:module_name=>"fb_apache", :directory=>"/usr/share/logstash/modules/fb_apache/configuration"}
  3. [DEBUG] 2018-09-14 10:38:59.893 [main] registry - Adding plugin to the registry {:name=>"fb_apache", :type=>:modules, :class=>#<LogStash::Modules::Scaffold:0x36e7e60f @directory="/usr/share/logstash/modules/fb_apache/configuration", @module_name="fb_apache", @kibana_version_parts=["6", "0", "0"]>}
  4. [DEBUG] 2018-09-14 10:38:59.894 [main] scaffold - Found module {:module_name=>"netflow", :directory=>"/usr/share/logstash/modules/netflow/configuration"}
  5. [DEBUG] 2018-09-14 10:38:59.894 [main] registry - Adding plugin to the registry {:name=>"netflow", :type=>:modules, :class=>#<LogStash::Modules::Scaffold:0x107a673e @directory="/usr/share/logstash/modules/netflow/configuration", @module_name="netflow", @kibana_version_parts=["6", "0", "0"]>}
  6. [INFO ] 2018-09-14 10:38:59.905 [main] writabledirectory - Creating directory {:setting=>"path.queue", :path=>"/usr/share/logstash/data/queue"}
  7. [INFO ] 2018-09-14 10:38:59.905 [main] writabledirectory - Creating directory {:setting=>"path.dead_letter_queue", :path=>"/usr/share/logstash/data/dead_letter_queue"}
  8. [DEBUG] 2018-09-14 10:39:00.093 [LogStash::Runner] runner - -------- Logstash Settings (* means modified) ---------
  9. [DEBUG] 2018-09-14 10:39:00.093 [LogStash::Runner] runner - node.name: "ba1dad67b4ed"
  10. [DEBUG] 2018-09-14 10:39:00.093 [LogStash::Runner] runner - *path.config: "/usr/share/logstash/config/pipeline/*.conf"
  11. [DEBUG] 2018-09-14 10:39:00.094 [LogStash::Runner] runner - path.data: "/usr/share/logstash/data"
  12. [DEBUG] 2018-09-14 10:39:00.094 [LogStash::Runner] runner - modules.cli: []
  13. [DEBUG] 2018-09-14 10:39:00.094 [LogStash::Runner] runner - modules: []
  14. [DEBUG] 2018-09-14 10:39:00.094 [LogStash::Runner] runner - modules_list: []
  15. [DEBUG] 2018-09-14 10:39:00.094 [LogStash::Runner] runner - modules_variable_list: []
  16. [DEBUG] 2018-09-14 10:39:00.094 [LogStash::Runner] runner - modules_setup: false
  17. [DEBUG] 2018-09-14 10:39:00.094 [LogStash::Runner] runner - config.test_and_exit: false
  18. [DEBUG] 2018-09-14 10:39:00.094 [LogStash::Runner] runner - config.reload.automatic: false
  19. [DEBUG] 2018-09-14 10:39:00.094 [LogStash::Runner] runner - config.reload.interval: 3000000000
  20. [DEBUG] 2018-09-14 10:39:00.094 [LogStash::Runner] runner - config.support_escapes: false
  21. [DEBUG] 2018-09-14 10:39:00.094 [LogStash::Runner] runner - config.field_reference.parser: "COMPAT"
  22. [DEBUG] 2018-09-14 10:39:00.094 [LogStash::Runner] runner - metric.collect: true
  23. [DEBUG] 2018-09-14 10:39:00.094 [LogStash::Runner] runner - pipeline.id: "main"
  24. [DEBUG] 2018-09-14 10:39:00.094 [LogStash::Runner] runner - pipeline.system: false
  25. [DEBUG] 2018-09-14 10:39:00.094 [LogStash::Runner] runner - pipeline.workers: 8
  26. [DEBUG] 2018-09-14 10:39:00.094 [LogStash::Runner] runner - pipeline.output.workers: 1
  27. [DEBUG] 2018-09-14 10:39:00.094 [LogStash::Runner] runner - pipeline.batch.size: 125
  28. [DEBUG] 2018-09-14 10:39:00.094 [LogStash::Runner] runner - pipeline.batch.delay: 50
  29. [DEBUG] 2018-09-14 10:39:00.095 [LogStash::Runner] runner - pipeline.unsafe_shutdown: false
  30. [DEBUG] 2018-09-14 10:39:00.095 [LogStash::Runner] runner - pipeline.java_execution: false
  31. [DEBUG] 2018-09-14 10:39:00.095 [LogStash::Runner] runner - pipeline.reloadable: true
  32. [DEBUG] 2018-09-14 10:39:00.095 [LogStash::Runner] runner - path.plugins: []
  33. [DEBUG] 2018-09-14 10:39:00.095 [LogStash::Runner] runner - config.debug: false
  34. [DEBUG] 2018-09-14 10:39:00.095 [LogStash::Runner] runner - *log.level: "debug" (default: "info")
  35. [DEBUG] 2018-09-14 10:39:00.095 [LogStash::Runner] runner - version: false
  36. [DEBUG] 2018-09-14 10:39:00.095 [LogStash::Runner] runner - help: false
  37. [DEBUG] 2018-09-14 10:39:00.095 [LogStash::Runner] runner - log.format: "plain"
  38. [DEBUG] 2018-09-14 10:39:00.095 [LogStash::Runner] runner - *http.host: "0.0.0.0" (default: "127.0.0.1")
  39. [DEBUG] 2018-09-14 10:39:00.095 [LogStash::Runner] runner - http.port: 9600..9700
  40. [DEBUG] 2018-09-14 10:39:00.095 [LogStash::Runner] runner - http.environment: "production"
  41. [DEBUG] 2018-09-14 10:39:00.095 [LogStash::Runner] runner - queue.type: "memory"
  42. [DEBUG] 2018-09-14 10:39:00.095 [LogStash::Runner] runner - queue.drain: false
  43. [DEBUG] 2018-09-14 10:39:00.095 [LogStash::Runner] runner - queue.page_capacity: 67108864
  44. [DEBUG] 2018-09-14 10:39:00.095 [LogStash::Runner] runner - queue.max_bytes: 1073741824
  45. [DEBUG] 2018-09-14 10:39:00.095 [LogStash::Runner] runner - queue.max_events: 0
  46. [DEBUG] 2018-09-14 10:39:00.095 [LogStash::Runner] runner - queue.checkpoint.acks: 1024
  47. [DEBUG] 2018-09-14 10:39:00.095 [LogStash::Runner] runner - queue.checkpoint.writes: 1024
  48. [DEBUG] 2018-09-14 10:39:00.096 [LogStash::Runner] runner - queue.checkpoint.interval: 1000
  49. [DEBUG] 2018-09-14 10:39:00.096 [LogStash::Runner] runner - dead_letter_queue.enable: false
  50. [DEBUG] 2018-09-14 10:39:00.096 [LogStash::Runner] runner - dead_letter_queue.max_bytes: 1073741824
  51. [DEBUG] 2018-09-14 10:39:00.096 [LogStash::Runner] runner - slowlog.threshold.warn: -1
  52. [DEBUG] 2018-09-14 10:39:00.096 [LogStash::Runner] runner - slowlog.threshold.info: -1
  53. [DEBUG] 2018-09-14 10:39:00.096 [LogStash::Runner] runner - slowlog.threshold.debug: -1
  54. [DEBUG] 2018-09-14 10:39:00.096 [LogStash::Runner] runner - slowlog.threshold.trace: -1
  55. [DEBUG] 2018-09-14 10:39:00.096 [LogStash::Runner] runner - keystore.classname: "org.logstash.secret.store.backend.JavaKeyStore"
  56. [DEBUG] 2018-09-14 10:39:00.096 [LogStash::Runner] runner - keystore.file: "/usr/share/logstash/config/logstash.keystore"
  57. [DEBUG] 2018-09-14 10:39:00.096 [LogStash::Runner] runner - path.queue: "/usr/share/logstash/data/queue"
  58. [DEBUG] 2018-09-14 10:39:00.096 [LogStash::Runner] runner - path.dead_letter_queue: "/usr/share/logstash/data/dead_letter_queue"
  59. [DEBUG] 2018-09-14 10:39:00.096 [LogStash::Runner] runner - path.settings: "/usr/share/logstash/config"
  60. [DEBUG] 2018-09-14 10:39:00.096 [LogStash::Runner] runner - path.logs: "/usr/share/logstash/logs"
  61. [DEBUG] 2018-09-14 10:39:00.096 [LogStash::Runner] runner - xpack.management.enabled: false
  62. [DEBUG] 2018-09-14 10:39:00.096 [LogStash::Runner] runner - xpack.management.logstash.poll_interval: 5000000000
  63. [DEBUG] 2018-09-14 10:39:00.096 [LogStash::Runner] runner - xpack.management.pipeline.id: ["main"]
  64. [DEBUG] 2018-09-14 10:39:00.096 [LogStash::Runner] runner - xpack.management.elasticsearch.username: "logstash_system"
  65. [DEBUG] 2018-09-14 10:39:00.096 [LogStash::Runner] runner - xpack.management.elasticsearch.url: ["https://localhost:9200"]
  66. [DEBUG] 2018-09-14 10:39:00.097 [LogStash::Runner] runner - xpack.management.elasticsearch.sniffing: false
  67. [DEBUG] 2018-09-14 10:39:00.097 [LogStash::Runner] runner - xpack.monitoring.enabled: false
  68. [DEBUG] 2018-09-14 10:39:00.097 [LogStash::Runner] runner - xpack.monitoring.elasticsearch.url: ["http://localhost:9200"]
  69. [DEBUG] 2018-09-14 10:39:00.097 [LogStash::Runner] runner - xpack.monitoring.collection.interval: 10000000000
  70. [DEBUG] 2018-09-14 10:39:00.097 [LogStash::Runner] runner - xpack.monitoring.collection.timeout_interval: 600000000000
  71. [DEBUG] 2018-09-14 10:39:00.097 [LogStash::Runner] runner - xpack.monitoring.elasticsearch.username: "logstash_system"
  72. [DEBUG] 2018-09-14 10:39:00.097 [LogStash::Runner] runner - xpack.monitoring.elasticsearch.ssl.verification_mode: "certificate"
  73. [DEBUG] 2018-09-14 10:39:00.097 [LogStash::Runner] runner - xpack.monitoring.elasticsearch.sniffing: false
  74. [DEBUG] 2018-09-14 10:39:00.097 [LogStash::Runner] runner - xpack.monitoring.collection.pipeline.details.enabled: true
  75. [DEBUG] 2018-09-14 10:39:00.097 [LogStash::Runner] runner - xpack.monitoring.collection.config.enabled: true
  76. [DEBUG] 2018-09-14 10:39:00.097 [LogStash::Runner] runner - node.uuid: ""
  77. [DEBUG] 2018-09-14 10:39:00.097 [LogStash::Runner] runner - --------------- Logstash Settings -------------------
  78. [WARN ] 2018-09-14 10:39:00.099 [LogStash::Runner] multilocal - Ignoring the 'pipelines.yml' file because modules or command line options are specified
  79. [INFO ] 2018-09-14 10:39:00.109 [LogStash::Runner] agent - No persistent UUID file found. Generating new UUID {:uuid=>"c6643d02-e223-4fdb-bd54-087f7f23a19b", :path=>"/usr/share/logstash/data/uuid"}
  80. [DEBUG] 2018-09-14 10:39:00.114 [LogStash::Runner] agent - Setting global FieldReference parsing mode: COMPAT
  81. [DEBUG] 2018-09-14 10:39:00.123 [LogStash::Runner] agent - Setting up metric collection
  82. [DEBUG] 2018-09-14 10:39:00.130 [LogStash::Runner] os - Starting {:polling_interval=>5, :polling_timeout=>120}
  83. [DEBUG] 2018-09-14 10:39:00.134 [LogStash::Runner] cgroup - Error, cannot retrieve cgroups information {:exception=>"Errno::ENOENT", :message=>"No such file or directory - /sys/fs/cgroup/cpuacct/docker/ba1dad67b4edbfe7ac8c399262755bc33d4121f0ae0beb0d78d576f7afbde307/cpuacct.usage"}
  84. [DEBUG] 2018-09-14 10:39:00.156 [LogStash::Runner] jvm - Starting {:polling_interval=>5, :polling_timeout=>120}
  85. [DEBUG] 2018-09-14 10:39:00.195 [LogStash::Runner] jvm - collector name {:name=>"PS Scavenge"}
  86. [DEBUG] 2018-09-14 10:39:00.196 [LogStash::Runner] jvm - collector name {:name=>"PS MarkSweep"}
  87. [DEBUG] 2018-09-14 10:39:00.203 [LogStash::Runner] persistentqueue - Starting {:polling_interval=>5, :polling_timeout=>120}
  88. [DEBUG] 2018-09-14 10:39:00.204 [LogStash::Runner] deadletterqueue - Starting {:polling_interval=>5, :polling_timeout=>120}
  89. [INFO ] 2018-09-14 10:39:00.210 [LogStash::Runner] runner - Starting Logstash {"logstash.version"=>"6.4.0"}
  90. [DEBUG] 2018-09-14 10:39:00.214 [Ruby-0-Thread-1: /usr/share/logstash/vendor/bundle/jruby/2.3.0/gems/stud-0.0.23/lib/stud/task.rb:22] agent - Starting agent
  91. [DEBUG] 2018-09-14 10:39:00.233 [Ruby-0-Thread-1: /usr/share/logstash/vendor/bundle/jruby/2.3.0/gems/stud-0.0.23/lib/stud/task.rb:22] configpathloader - Skipping the following files while reading config since they don't match the specified glob pattern {:files=>[]}
  92. [DEBUG] 2018-09-14 10:39:00.234 [Ruby-0-Thread-1: /usr/share/logstash/vendor/bundle/jruby/2.3.0/gems/stud-0.0.23/lib/stud/task.rb:22] configpathloader - Reading config file {:config_file=>"/usr/share/logstash/config/pipeline/logstash.conf"}
  93. [DEBUG] 2018-09-14 10:39:00.250 [Ruby-0-Thread-1: /usr/share/logstash/vendor/bundle/jruby/2.3.0/gems/stud-0.0.23/lib/stud/task.rb:22] agent - Converging pipelines state {:actions_count=>1}
  94. [DEBUG] 2018-09-14 10:39:00.252 [Converge PipelineAction::Create<main>] agent - Executing action {:action=>LogStash::PipelineAction::Create/pipeline_id:main}
  95. [DEBUG] 2018-09-14 10:39:00.441 [Converge PipelineAction::Create<main>] registry - On demand adding plugin to the registry {:name=>"udp", :type=>"input", :class=>LogStash::Inputs::Udp}
  96. [DEBUG] 2018-09-14 10:39:00.472 [Converge PipelineAction::Create<main>] registry - On demand adding plugin to the registry {:name=>"netflow", :type=>"codec", :class=>LogStash::Codecs::Netflow}
  97. [DEBUG] 2018-09-14 10:39:00.479 [Converge PipelineAction::Create<main>] netflow - config LogStash::Codecs::Netflow/@id = "netflow_a40e95a2-575d-47e3-8e87-2b37db2d062a"
  98. [DEBUG] 2018-09-14 10:39:00.479 [Converge PipelineAction::Create<main>] netflow - config LogStash::Codecs::Netflow/@enable_metric = true
  99. [DEBUG] 2018-09-14 10:39:00.479 [Converge PipelineAction::Create<main>] netflow - config LogStash::Codecs::Netflow/@cache_ttl = 4000
  100. [DEBUG] 2018-09-14 10:39:00.479 [Converge PipelineAction::Create<main>] netflow - config LogStash::Codecs::Netflow/@target = "netflow"
  101. [DEBUG] 2018-09-14 10:39:00.479 [Converge PipelineAction::Create<main>] netflow - config LogStash::Codecs::Netflow/@include_flowset_id = false
  102. [DEBUG] 2018-09-14 10:39:00.479 [Converge PipelineAction::Create<main>] netflow - config LogStash::Codecs::Netflow/@versions = [5, 9, 10]
  103. [DEBUG] 2018-09-14 10:39:01.004 [Converge PipelineAction::Create<main>] udp - config LogStash::Inputs::Udp/@codec = <LogStash::Codecs::Netflow id=>"netflow_a40e95a2-575d-47e3-8e87-2b37db2d062a", enable_metric=>true, cache_ttl=>4000, target=>"netflow", include_flowset_id=>false, versions=>[5, 9, 10]>
  104. [DEBUG] 2018-09-14 10:39:01.004 [Converge PipelineAction::Create<main>] udp - config LogStash::Inputs::Udp/@id = "19e763a654667bd6c6270de98b418ddcc934ea03413fc50baba5fec777cca223"
  105. [DEBUG] 2018-09-14 10:39:01.004 [Converge PipelineAction::Create<main>] udp - config LogStash::Inputs::Udp/@type = "netflow"
  106. [DEBUG] 2018-09-14 10:39:01.004 [Converge PipelineAction::Create<main>] udp - config LogStash::Inputs::Udp/@port = 9995
  107. [DEBUG] 2018-09-14 10:39:01.004 [Converge PipelineAction::Create<main>] udp - config LogStash::Inputs::Udp/@enable_metric = true
  108. [DEBUG] 2018-09-14 10:39:01.004 [Converge PipelineAction::Create<main>] udp - config LogStash::Inputs::Udp/@add_field = {}
  109. [DEBUG] 2018-09-14 10:39:01.005 [Converge PipelineAction::Create<main>] udp - config LogStash::Inputs::Udp/@host = "0.0.0.0"
  110. [DEBUG] 2018-09-14 10:39:01.005 [Converge PipelineAction::Create<main>] udp - config LogStash::Inputs::Udp/@buffer_size = 65536
  111. [DEBUG] 2018-09-14 10:39:01.005 [Converge PipelineAction::Create<main>] udp - config LogStash::Inputs::Udp/@workers = 2
  112. [DEBUG] 2018-09-14 10:39:01.005 [Converge PipelineAction::Create<main>] udp - config LogStash::Inputs::Udp/@queue_size = 2000
  113. [DEBUG] 2018-09-14 10:39:01.007 [Converge PipelineAction::Create<main>] registry - On demand adding plugin to the registry {:name=>"elasticsearch", :type=>"output", :class=>LogStash::Outputs::ElasticSearch}
  114. [DEBUG] 2018-09-14 10:39:01.023 [Converge PipelineAction::Create<main>] registry - On demand adding plugin to the registry {:name=>"plain", :type=>"codec", :class=>LogStash::Codecs::Plain}
  115. [DEBUG] 2018-09-14 10:39:01.027 [Converge PipelineAction::Create<main>] plain - config LogStash::Codecs::Plain/@id = "plain_9a3e4b10-3635-418c-9ca6-585bb30a851a"
  116. [DEBUG] 2018-09-14 10:39:01.027 [Converge PipelineAction::Create<main>] plain - config LogStash::Codecs::Plain/@enable_metric = true
  117. [DEBUG] 2018-09-14 10:39:01.027 [Converge PipelineAction::Create<main>] plain - config LogStash::Codecs::Plain/@charset = "UTF-8"
  118. [DEBUG] 2018-09-14 10:39:01.034 [Converge PipelineAction::Create<main>] elasticsearch - config LogStash::Outputs::ElasticSearch/@index = "netflow-%{+YYYY.MM.dd}"
  119. [DEBUG] 2018-09-14 10:39:01.034 [Converge PipelineAction::Create<main>] elasticsearch - config LogStash::Outputs::ElasticSearch/@hosts = [http://elasticsearch:9200]
  120. [DEBUG] 2018-09-14 10:39:01.035 [Converge PipelineAction::Create<main>] elasticsearch - config LogStash::Outputs::ElasticSearch/@id = "a0da5f25abdd1371da528dfb0bd928f0c511837d99681531cfeb137539316214"
  121. [DEBUG] 2018-09-14 10:39:01.035 [Converge PipelineAction::Create<main>] elasticsearch - config LogStash::Outputs::ElasticSearch/@enable_metric = true
  122. [DEBUG] 2018-09-14 10:39:01.035 [Converge PipelineAction::Create<main>] elasticsearch - config LogStash::Outputs::ElasticSearch/@codec = <LogStash::Codecs::Plain id=>"plain_9a3e4b10-3635-418c-9ca6-585bb30a851a", enable_metric=>true, charset=>"UTF-8">
  123. [DEBUG] 2018-09-14 10:39:01.035 [Converge PipelineAction::Create<main>] elasticsearch - config LogStash::Outputs::ElasticSearch/@workers = 1
  124. [DEBUG] 2018-09-14 10:39:01.035 [Converge PipelineAction::Create<main>] elasticsearch - config LogStash::Outputs::ElasticSearch/@manage_template = true
  125. [DEBUG] 2018-09-14 10:39:01.035 [Converge PipelineAction::Create<main>] elasticsearch - config LogStash::Outputs::ElasticSearch/@template_name = "logstash"
  126. [DEBUG] 2018-09-14 10:39:01.035 [Converge PipelineAction::Create<main>] elasticsearch - config LogStash::Outputs::ElasticSearch/@template_overwrite = false
  127. [DEBUG] 2018-09-14 10:39:01.035 [Converge PipelineAction::Create<main>] elasticsearch - config LogStash::Outputs::ElasticSearch/@parent = nil
  128. [DEBUG] 2018-09-14 10:39:01.035 [Converge PipelineAction::Create<main>] elasticsearch - config LogStash::Outputs::ElasticSearch/@join_field = nil
  129. [DEBUG] 2018-09-14 10:39:01.035 [Converge PipelineAction::Create<main>] elasticsearch - config LogStash::Outputs::ElasticSearch/@upsert = ""
  130. [DEBUG] 2018-09-14 10:39:01.036 [Converge PipelineAction::Create<main>] elasticsearch - config LogStash::Outputs::ElasticSearch/@doc_as_upsert = false
  131. [DEBUG] 2018-09-14 10:39:01.036 [Converge PipelineAction::Create<main>] elasticsearch - config LogStash::Outputs::ElasticSearch/@script = ""
  132. [DEBUG] 2018-09-14 10:39:01.036 [Converge PipelineAction::Create<main>] elasticsearch - config LogStash::Outputs::ElasticSearch/@script_type = "inline"
  133. [DEBUG] 2018-09-14 10:39:01.036 [Converge PipelineAction::Create<main>] elasticsearch - config LogStash::Outputs::ElasticSearch/@script_lang = "painless"
  134. [DEBUG] 2018-09-14 10:39:01.036 [Converge PipelineAction::Create<main>] elasticsearch - config LogStash::Outputs::ElasticSearch/@script_var_name = "event"
  135. [DEBUG] 2018-09-14 10:39:01.036 [Converge PipelineAction::Create<main>] elasticsearch - config LogStash::Outputs::ElasticSearch/@scripted_upsert = false
  136. [DEBUG] 2018-09-14 10:39:01.036 [Converge PipelineAction::Create<main>] elasticsearch - config LogStash::Outputs::ElasticSearch/@retry_initial_interval = 2
  137. [DEBUG] 2018-09-14 10:39:01.036 [Converge PipelineAction::Create<main>] elasticsearch - config LogStash::Outputs::ElasticSearch/@retry_max_interval = 64
  138. [DEBUG] 2018-09-14 10:39:01.036 [Converge PipelineAction::Create<main>] elasticsearch - config LogStash::Outputs::ElasticSearch/@retry_on_conflict = 1
  139. [DEBUG] 2018-09-14 10:39:01.036 [Converge PipelineAction::Create<main>] elasticsearch - config LogStash::Outputs::ElasticSearch/@pipeline = nil
  140. [DEBUG] 2018-09-14 10:39:01.036 [Converge PipelineAction::Create<main>] elasticsearch - config LogStash::Outputs::ElasticSearch/@action = "index"
  141. [DEBUG] 2018-09-14 10:39:01.036 [Converge PipelineAction::Create<main>] elasticsearch - config LogStash::Outputs::ElasticSearch/@ssl_certificate_verification = true
  142. [DEBUG] 2018-09-14 10:39:01.037 [Converge PipelineAction::Create<main>] elasticsearch - config LogStash::Outputs::ElasticSearch/@sniffing = false
  143. [DEBUG] 2018-09-14 10:39:01.037 [Converge PipelineAction::Create<main>] elasticsearch - config LogStash::Outputs::ElasticSearch/@sniffing_delay = 5
  144. [DEBUG] 2018-09-14 10:39:01.037 [Converge PipelineAction::Create<main>] elasticsearch - config LogStash::Outputs::ElasticSearch/@timeout = 60
  145. [DEBUG] 2018-09-14 10:39:01.037 [Converge PipelineAction::Create<main>] elasticsearch - config LogStash::Outputs::ElasticSearch/@failure_type_logging_whitelist = []
  146. [DEBUG] 2018-09-14 10:39:01.037 [Converge PipelineAction::Create<main>] elasticsearch - config LogStash::Outputs::ElasticSearch/@pool_max = 1000
  147. [DEBUG] 2018-09-14 10:39:01.037 [Converge PipelineAction::Create<main>] elasticsearch - config LogStash::Outputs::ElasticSearch/@pool_max_per_route = 100
  148. [DEBUG] 2018-09-14 10:39:01.037 [Converge PipelineAction::Create<main>] elasticsearch - config LogStash::Outputs::ElasticSearch/@resurrect_delay = 5
  149. [DEBUG] 2018-09-14 10:39:01.037 [Converge PipelineAction::Create<main>] elasticsearch - config LogStash::Outputs::ElasticSearch/@validate_after_inactivity = 10000
  150. [DEBUG] 2018-09-14 10:39:01.037 [Converge PipelineAction::Create<main>] elasticsearch - config LogStash::Outputs::ElasticSearch/@http_compression = false
  151. [DEBUG] 2018-09-14 10:39:01.038 [Converge PipelineAction::Create<main>] elasticsearch - config LogStash::Outputs::ElasticSearch/@custom_headers = {}
  152. [DEBUG] 2018-09-14 10:39:01.043 [Converge PipelineAction::Create<main>] registry - On demand adding plugin to the registry {:name=>"stdout", :type=>"output", :class=>LogStash::Outputs::Stdout}
  153. [DEBUG] 2018-09-14 10:39:01.066 [Converge PipelineAction::Create<main>] registry - On demand adding plugin to the registry {:name=>"rubydebug", :type=>"codec", :class=>LogStash::Codecs::RubyDebug}
  154. [DEBUG] 2018-09-14 10:39:01.069 [Converge PipelineAction::Create<main>] rubydebug - config LogStash::Codecs::RubyDebug/@id = "rubydebug_e591b0fc-7ec0-47af-b395-eaaf5c119fde"
  155. [DEBUG] 2018-09-14 10:39:01.069 [Converge PipelineAction::Create<main>] rubydebug - config LogStash::Codecs::RubyDebug/@enable_metric = true
  156. [DEBUG] 2018-09-14 10:39:01.069 [Converge PipelineAction::Create<main>] rubydebug - config LogStash::Codecs::RubyDebug/@metadata = false
  157. [DEBUG] 2018-09-14 10:39:01.147 [Converge PipelineAction::Create<main>] stdout - config LogStash::Outputs::Stdout/@id = "0e120629eab5ab9560d2f23539e1af5ae233683c531d895e717dd8a8ffb61a0f"
  158. [DEBUG] 2018-09-14 10:39:01.147 [Converge PipelineAction::Create<main>] stdout - config LogStash::Outputs::Stdout/@enable_metric = true
  159. [DEBUG] 2018-09-14 10:39:01.148 [Converge PipelineAction::Create<main>] stdout - config LogStash::Outputs::Stdout/@codec = <LogStash::Codecs::RubyDebug id=>"rubydebug_e591b0fc-7ec0-47af-b395-eaaf5c119fde", enable_metric=>true, metadata=>false>
  160. [DEBUG] 2018-09-14 10:39:01.148 [Converge PipelineAction::Create<main>] stdout - config LogStash::Outputs::Stdout/@workers = 1
  161. [INFO ] 2018-09-14 10:39:01.155 [Converge PipelineAction::Create<main>] pipeline - Starting pipeline {:pipeline_id=>"main", "pipeline.workers"=>8, "pipeline.batch.size"=>125, "pipeline.batch.delay"=>50}
  162. [DEBUG] 2018-09-14 10:39:01.169 [[main]-pipeline-manager] elasticsearch - Normalizing http path {:path=>nil, :normalized=>nil}
  163. [INFO ] 2018-09-14 10:39:01.406 [[main]-pipeline-manager] elasticsearch - Elasticsearch pool URLs updated {:changes=>{:removed=>[], :added=>[http://elasticsearch:9200/]}}
  164. [INFO ] 2018-09-14 10:39:01.409 [[main]-pipeline-manager] elasticsearch - Running health check to see if an Elasticsearch connection is working {:healthcheck_url=>http://elasticsearch:9200/, :path=>"/"}
  165. [WARN ] 2018-09-14 10:39:01.511 [[main]-pipeline-manager] elasticsearch - Restored connection to ES instance {:url=>"http://elasticsearch:9200/"}
  166. [INFO ] 2018-09-14 10:39:01.665 [[main]-pipeline-manager] elasticsearch - ES Output version determined {:es_version=>6}
  167. [WARN ] 2018-09-14 10:39:01.665 [[main]-pipeline-manager] elasticsearch - Detected a 6.x and above cluster: the `type` event field won't be used to determine the document _type {:es_version=>6}
  168. [INFO ] 2018-09-14 10:39:01.667 [[main]-pipeline-manager] elasticsearch - New Elasticsearch output {:class=>"LogStash::Outputs::ElasticSearch", :hosts=>["http://elasticsearch:9200"]}
  169. [INFO ] 2018-09-14 10:39:01.671 [Ruby-0-Thread-5: /usr/share/logstash/vendor/bundle/jruby/2.3.0/gems/logstash-output-elasticsearch-9.2.0-java/lib/logstash/outputs/elasticsearch/common.rb:42] elasticsearch - Using mapping template from {:path=>nil}
  170. [INFO ] 2018-09-14 10:39:01.679 [Ruby-0-Thread-5: /usr/share/logstash/vendor/bundle/jruby/2.3.0/gems/logstash-output-elasticsearch-9.2.0-java/lib/logstash/outputs/elasticsearch/common.rb:42] elasticsearch - Attempting to install template {:manage_template=>{"template"=>"logstash-*", "version"=>60001, "settings"=>{"index.refresh_interval"=>"5s"}, "mappings"=>{"_default_"=>{"dynamic_templates"=>[{"message_field"=>{"path_match"=>"message", "match_mapping_type"=>"string", "mapping"=>{"type"=>"text", "norms"=>false}}}, {"string_fields"=>{"match"=>"*", "match_mapping_type"=>"string", "mapping"=>{"type"=>"text", "norms"=>false, "fields"=>{"keyword"=>{"type"=>"keyword", "ignore_above"=>256}}}}}], "properties"=>{"@timestamp"=>{"type"=>"date"}, "@version"=>{"type"=>"keyword"}, "geoip"=>{"dynamic"=>true, "properties"=>{"ip"=>{"type"=>"ip"}, "location"=>{"type"=>"geo_point"}, "latitude"=>{"type"=>"half_float"}, "longitude"=>{"type"=>"half_float"}}}}}}}}
  171. [INFO ] 2018-09-14 10:39:01.707 [Converge PipelineAction::Create<main>] pipeline - Pipeline started successfully {:pipeline_id=>"main", :thread=>"#<Thread:0x680322c4@/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:156 sleep>"}
  172. [DEBUG] 2018-09-14 10:39:01.707 [Ruby-0-Thread-5: /usr/share/logstash/vendor/bundle/jruby/2.3.0/gems/logstash-output-elasticsearch-9.2.0-java/lib/logstash/outputs/elasticsearch/common.rb:42] elasticsearch - Found existing Elasticsearch template. Skipping template management {:name=>"logstash"}
  173. [INFO ] 2018-09-14 10:39:01.716 [[main]<udp] udp - Starting UDP listener {:address=>"0.0.0.0:9995"}
  174. [INFO ] 2018-09-14 10:39:01.724 [Ruby-0-Thread-1: /usr/share/logstash/vendor/bundle/jruby/2.3.0/gems/stud-0.0.23/lib/stud/task.rb:22] agent - Pipelines running {:count=>1, :running_pipelines=>[:main], :non_running_pipelines=>[]}
  175. [DEBUG] 2018-09-14 10:39:01.732 [Api Webserver] agent - Starting puma
  176. [DEBUG] 2018-09-14 10:39:01.734 [Api Webserver] agent - Trying to start WebServer {:port=>9600}
  177. [INFO ] 2018-09-14 10:39:01.743 [[main]<udp] udp - UDP listener started {:address=>"0.0.0.0:9995", :receive_buffer_bytes=>"106496", :queue_size=>"2000"}
  178. [DEBUG] 2018-09-14 10:39:01.746 [Api Webserver] service - [api-service] start
  179. [DEBUG] 2018-09-14 10:39:01.749 [[main]<udp] udp - Starting UDP worker thread {:worker=>0}
  180. [DEBUG] 2018-09-14 10:39:01.750 [[main]<udp] udp - Starting UDP worker thread {:worker=>1}
  181. [INFO ] 2018-09-14 10:39:01.776 [Api Webserver] agent - Successfully started Logstash API endpoint {:port=>9600}
  182. [DEBUG] 2018-09-14 10:39:05.159 [pool-2-thread-1] cgroup - Error, cannot retrieve cgroups information {:exception=>"Errno::ENOENT", :message=>"No such file or directory - /sys/fs/cgroup/cpuacct/docker/ba1dad67b4edbfe7ac8c399262755bc33d4121f0ae0beb0d78d576f7afbde307/cpuacct.usage"}
  183. [DEBUG] 2018-09-14 10:39:05.221 [pool-2-thread-2] jvm - collector name {:name=>"PS Scavenge"}
  184. [DEBUG] 2018-09-14 10:39:05.225 [pool-2-thread-2] jvm - collector name {:name=>"PS MarkSweep"}
  185. [DEBUG] 2018-09-14 10:39:06.706 [Ruby-0-Thread-15: /usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:506] pipeline - Pushing flush onto pipeline {:pipeline_id=>"main", :thread=>"#<Thread:0x680322c4@/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:156 sleep>"}
  186. [DEBUG] 2018-09-14 10:39:10.166 [pool-2-thread-6] cgroup - Error, cannot retrieve cgroups information {:exception=>"Errno::ENOENT", :message=>"No such file or directory - /sys/fs/cgroup/cpuacct/docker/ba1dad67b4edbfe7ac8c399262755bc33d4121f0ae0beb0d78d576f7afbde307/cpuacct.usage"}
  187. [DEBUG] 2018-09-14 10:39:10.233 [pool-2-thread-2] jvm - collector name {:name=>"PS Scavenge"}
  188. [DEBUG] 2018-09-14 10:39:10.233 [pool-2-thread-2] jvm - collector name {:name=>"PS MarkSweep"}
  189. [DEBUG] 2018-09-14 10:39:11.706 [Ruby-0-Thread-15: /usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:506] pipeline - Pushing flush onto pipeline {:pipeline_id=>"main", :thread=>"#<Thread:0x680322c4@/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:156 sleep>"}
  190. [DEBUG] 2018-09-14 10:39:15.170 [pool-2-thread-6] cgroup - Error, cannot retrieve cgroups information {:exception=>"Errno::ENOENT", :message=>"No such file or directory - /sys/fs/cgroup/cpuacct/docker/ba1dad67b4edbfe7ac8c399262755bc33d4121f0ae0beb0d78d576f7afbde307/cpuacct.usage"}
  191. [DEBUG] 2018-09-14 10:39:15.241 [pool-2-thread-2] jvm - collector name {:name=>"PS Scavenge"}
  192. [DEBUG] 2018-09-14 10:39:15.242 [pool-2-thread-2] jvm - collector name {:name=>"PS MarkSweep"}
  193. [DEBUG] 2018-09-14 10:39:16.707 [Ruby-0-Thread-15: /usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:506] pipeline - Pushing flush onto pipeline {:pipeline_id=>"main", :thread=>"#<Thread:0x680322c4@/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:156 sleep>"}
  194. [DEBUG] 2018-09-14 10:39:20.173 [pool-2-thread-6] cgroup - Error, cannot retrieve cgroups information {:exception=>"Errno::ENOENT", :message=>"No such file or directory - /sys/fs/cgroup/cpuacct/docker/ba1dad67b4edbfe7ac8c399262755bc33d4121f0ae0beb0d78d576f7afbde307/cpuacct.usage"}
  195. [DEBUG] 2018-09-14 10:39:20.249 [pool-2-thread-2] jvm - collector name {:name=>"PS Scavenge"}
  196. [DEBUG] 2018-09-14 10:39:20.249 [pool-2-thread-2] jvm - collector name {:name=>"PS MarkSweep"}
  197. [DEBUG] 2018-09-14 10:39:21.707 [Ruby-0-Thread-15: /usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:506] pipeline - Pushing flush onto pipeline {:pipeline_id=>"main", :thread=>"#<Thread:0x680322c4@/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:156 sleep>"}
  198. [DEBUG] 2018-09-14 10:39:25.182 [pool-2-thread-6] cgroup - Error, cannot retrieve cgroups information {:exception=>"Errno::ENOENT", :message=>"No such file or directory - /sys/fs/cgroup/cpuacct/docker/ba1dad67b4edbfe7ac8c399262755bc33d4121f0ae0beb0d78d576f7afbde307/cpuacct.usage"}
  199. [DEBUG] 2018-09-14 10:39:25.254 [pool-2-thread-2] jvm - collector name {:name=>"PS Scavenge"}
  200. [DEBUG] 2018-09-14 10:39:25.254 [pool-2-thread-2] jvm - collector name {:name=>"PS MarkSweep"}
  201. [DEBUG] 2018-09-14 10:39:26.708 [Ruby-0-Thread-15: /usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:506] pipeline - Pushing flush onto pipeline {:pipeline_id=>"main", :thread=>"#<Thread:0x680322c4@/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:156 sleep>"}
  202. [DEBUG] 2018-09-14 10:39:30.187 [pool-2-thread-6] cgroup - Error, cannot retrieve cgroups information {:exception=>"Errno::ENOENT", :message=>"No such file or directory - /sys/fs/cgroup/cpuacct/docker/ba1dad67b4edbfe7ac8c399262755bc33d4121f0ae0beb0d78d576f7afbde307/cpuacct.usage"}
  203. [DEBUG] 2018-09-14 10:39:30.259 [pool-2-thread-2] jvm - collector name {:name=>"PS Scavenge"}
  204. [DEBUG] 2018-09-14 10:39:30.260 [pool-2-thread-2] jvm - collector name {:name=>"PS MarkSweep"}
  205. [DEBUG] 2018-09-14 10:39:31.708 [Ruby-0-Thread-15: /usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:506] pipeline - Pushing flush onto pipeline {:pipeline_id=>"main", :thread=>"#<Thread:0x680322c4@/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:156 sleep>"}
  206. [DEBUG] 2018-09-14 10:39:35.202 [pool-2-thread-6] cgroup - Error, cannot retrieve cgroups information {:exception=>"Errno::ENOENT", :message=>"No such file or directory - /sys/fs/cgroup/cpuacct/docker/ba1dad67b4edbfe7ac8c399262755bc33d4121f0ae0beb0d78d576f7afbde307/cpuacct.usage"}
  207. [DEBUG] 2018-09-14 10:39:35.269 [pool-2-thread-2] jvm - collector name {:name=>"PS Scavenge"}
  208. [DEBUG] 2018-09-14 10:39:35.270 [pool-2-thread-2] jvm - collector name {:name=>"PS MarkSweep"}
  209. [DEBUG] 2018-09-14 10:39:36.709 [Ruby-0-Thread-15: /usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:506] pipeline - Pushing flush onto pipeline {:pipeline_id=>"main", :thread=>"#<Thread:0x680322c4@/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:156 sleep>"}
  210. [DEBUG] 2018-09-14 10:39:40.206 [pool-2-thread-6] cgroup - Error, cannot retrieve cgroups information {:exception=>"Errno::ENOENT", :message=>"No such file or directory - /sys/fs/cgroup/cpuacct/docker/ba1dad67b4edbfe7ac8c399262755bc33d4121f0ae0beb0d78d576f7afbde307/cpuacct.usage"}
  211. [DEBUG] 2018-09-14 10:39:40.275 [pool-2-thread-2] jvm - collector name {:name=>"PS Scavenge"}
  212. [DEBUG] 2018-09-14 10:39:40.275 [pool-2-thread-2] jvm - collector name {:name=>"PS MarkSweep"}
  213. [DEBUG] 2018-09-14 10:39:41.709 [Ruby-0-Thread-15: /usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:506] pipeline - Pushing flush onto pipeline {:pipeline_id=>"main", :thread=>"#<Thread:0x680322c4@/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:156 sleep>"}
  214. [DEBUG] 2018-09-14 10:39:45.212 [pool-2-thread-6] cgroup - Error, cannot retrieve cgroups information {:exception=>"Errno::ENOENT", :message=>"No such file or directory - /sys/fs/cgroup/cpuacct/docker/ba1dad67b4edbfe7ac8c399262755bc33d4121f0ae0beb0d78d576f7afbde307/cpuacct.usage"}
  215. [DEBUG] 2018-09-14 10:39:45.283 [pool-2-thread-2] jvm - collector name {:name=>"PS Scavenge"}
  216. [DEBUG] 2018-09-14 10:39:45.283 [pool-2-thread-2] jvm - collector name {:name=>"PS MarkSweep"}
  217. [DEBUG] 2018-09-14 10:39:46.710 [Ruby-0-Thread-15: /usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:506] pipeline - Pushing flush onto pipeline {:pipeline_id=>"main", :thread=>"#<Thread:0x680322c4@/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:156 sleep>"}
  218. [DEBUG] 2018-09-14 10:39:50.215 [pool-2-thread-6] cgroup - Error, cannot retrieve cgroups information {:exception=>"Errno::ENOENT", :message=>"No such file or directory - /sys/fs/cgroup/cpuacct/docker/ba1dad67b4edbfe7ac8c399262755bc33d4121f0ae0beb0d78d576f7afbde307/cpuacct.usage"}
  219. [DEBUG] 2018-09-14 10:39:50.290 [pool-2-thread-2] jvm - collector name {:name=>"PS Scavenge"}
  220. [DEBUG] 2018-09-14 10:39:50.291 [pool-2-thread-2] jvm - collector name {:name=>"PS MarkSweep"}
  221. [DEBUG] 2018-09-14 10:39:51.710 [Ruby-0-Thread-15: /usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:506] pipeline - Pushing flush onto pipeline {:pipeline_id=>"main", :thread=>"#<Thread:0x680322c4@/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:156 sleep>"}
  222. [DEBUG] 2018-09-14 10:39:55.220 [pool-2-thread-6] cgroup - Error, cannot retrieve cgroups information {:exception=>"Errno::ENOENT", :message=>"No such file or directory - /sys/fs/cgroup/cpuacct/docker/ba1dad67b4edbfe7ac8c399262755bc33d4121f0ae0beb0d78d576f7afbde307/cpuacct.usage"}
  223. [DEBUG] 2018-09-14 10:39:55.303 [pool-2-thread-2] jvm - collector name {:name=>"PS Scavenge"}
  224. [DEBUG] 2018-09-14 10:39:55.303 [pool-2-thread-2] jvm - collector name {:name=>"PS MarkSweep"}
  225. [DEBUG] 2018-09-14 10:39:56.710 [Ruby-0-Thread-15: /usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:506] pipeline - Pushing flush onto pipeline {:pipeline_id=>"main", :thread=>"#<Thread:0x680322c4@/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:156 sleep>"}
  226. [DEBUG] 2018-09-14 10:40:00.227 [pool-2-thread-6] cgroup - Error, cannot retrieve cgroups information {:exception=>"Errno::ENOENT", :message=>"No such file or directory - /sys/fs/cgroup/cpuacct/docker/ba1dad67b4edbfe7ac8c399262755bc33d4121f0ae0beb0d78d576f7afbde307/cpuacct.usage"}
  227. [DEBUG] 2018-09-14 10:40:00.309 [pool-2-thread-2] jvm - collector name {:name=>"PS Scavenge"}
  228. [DEBUG] 2018-09-14 10:40:00.309 [pool-2-thread-2] jvm - collector name {:name=>"PS MarkSweep"}
  229. [DEBUG] 2018-09-14 10:40:01.710 [Ruby-0-Thread-15: /usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:506] pipeline - Pushing flush onto pipeline {:pipeline_id=>"main", :thread=>"#<Thread:0x680322c4@/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:156 sleep>"}
  230. [DEBUG] 2018-09-14 10:40:05.233 [pool-2-thread-6] cgroup - Error, cannot retrieve cgroups information {:exception=>"Errno::ENOENT", :message=>"No such file or directory - /sys/fs/cgroup/cpuacct/docker/ba1dad67b4edbfe7ac8c399262755bc33d4121f0ae0beb0d78d576f7afbde307/cpuacct.usage"}
  231. [DEBUG] 2018-09-14 10:40:05.314 [pool-2-thread-2] jvm - collector name {:name=>"PS Scavenge"}
  232. [DEBUG] 2018-09-14 10:40:05.314 [pool-2-thread-2] jvm - collector name {:name=>"PS MarkSweep"}
  233. [DEBUG] 2018-09-14 10:40:06.711 [Ruby-0-Thread-15: /usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:506] pipeline - Pushing flush onto pipeline {:pipeline_id=>"main", :thread=>"#<Thread:0x680322c4@/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:156 sleep>"}
  234. [DEBUG] 2018-09-14 10:40:10.240 [pool-2-thread-6] cgroup - Error, cannot retrieve cgroups information {:exception=>"Errno::ENOENT", :message=>"No such file or directory - /sys/fs/cgroup/cpuacct/docker/ba1dad67b4edbfe7ac8c399262755bc33d4121f0ae0beb0d78d576f7afbde307/cpuacct.usage"}
  235. [DEBUG] 2018-09-14 10:40:10.324 [pool-2-thread-2] jvm - collector name {:name=>"PS Scavenge"}
  236. [DEBUG] 2018-09-14 10:40:10.325 [pool-2-thread-2] jvm - collector name {:name=>"PS MarkSweep"}
  237. [DEBUG] 2018-09-14 10:40:11.711 [Ruby-0-Thread-15: /usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:506] pipeline - Pushing flush onto pipeline {:pipeline_id=>"main", :thread=>"#<Thread:0x680322c4@/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:156 sleep>"}
  238. [DEBUG] 2018-09-14 10:40:15.246 [pool-2-thread-6] cgroup - Error, cannot retrieve cgroups information {:exception=>"Errno::ENOENT", :message=>"No such file or directory - /sys/fs/cgroup/cpuacct/docker/ba1dad67b4edbfe7ac8c399262755bc33d4121f0ae0beb0d78d576f7afbde307/cpuacct.usage"}
  239. [DEBUG] 2018-09-14 10:40:15.335 [pool-2-thread-2] jvm - collector name {:name=>"PS Scavenge"}
  240. [DEBUG] 2018-09-14 10:40:15.336 [pool-2-thread-2] jvm - collector name {:name=>"PS MarkSweep"}
  241. [DEBUG] 2018-09-14 10:40:16.712 [Ruby-0-Thread-15: /usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:506] pipeline - Pushing flush onto pipeline {:pipeline_id=>"main", :thread=>"#<Thread:0x680322c4@/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:156 sleep>"}
  242. [DEBUG] 2018-09-14 10:40:20.248 [pool-2-thread-6] cgroup - Error, cannot retrieve cgroups information {:exception=>"Errno::ENOENT", :message=>"No such file or directory - /sys/fs/cgroup/cpuacct/docker/ba1dad67b4edbfe7ac8c399262755bc33d4121f0ae0beb0d78d576f7afbde307/cpuacct.usage"}
  243. [DEBUG] 2018-09-14 10:40:20.339 [pool-2-thread-2] jvm - collector name {:name=>"PS Scavenge"}
  244. [DEBUG] 2018-09-14 10:40:20.340 [pool-2-thread-2] jvm - collector name {:name=>"PS MarkSweep"}
  245. [DEBUG] 2018-09-14 10:40:21.712 [Ruby-0-Thread-15: /usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:506] pipeline - Pushing flush onto pipeline {:pipeline_id=>"main", :thread=>"#<Thread:0x680322c4@/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:156 sleep>"}
  246. [DEBUG] 2018-09-14 10:40:25.254 [pool-2-thread-3] cgroup - Error, cannot retrieve cgroups information {:exception=>"Errno::ENOENT", :message=>"No such file or directory - /sys/fs/cgroup/cpuacct/docker/ba1dad67b4edbfe7ac8c399262755bc33d4121f0ae0beb0d78d576f7afbde307/cpuacct.usage"}
  247. [DEBUG] 2018-09-14 10:40:25.348 [pool-2-thread-2] jvm - collector name {:name=>"PS Scavenge"}
  248. [DEBUG] 2018-09-14 10:40:25.348 [pool-2-thread-2] jvm - collector name {:name=>"PS MarkSweep"}
  249. [DEBUG] 2018-09-14 10:40:26.713 [Ruby-0-Thread-15: /usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:506] pipeline - Pushing flush onto pipeline {:pipeline_id=>"main", :thread=>"#<Thread:0x680322c4@/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:156 sleep>"}
  250. [DEBUG] 2018-09-14 10:40:30.260 [pool-2-thread-3] cgroup - Error, cannot retrieve cgroups information {:exception=>"Errno::ENOENT", :message=>"No such file or directory - /sys/fs/cgroup/cpuacct/docker/ba1dad67b4edbfe7ac8c399262755bc33d4121f0ae0beb0d78d576f7afbde307/cpuacct.usage"}
  251. [DEBUG] 2018-09-14 10:40:30.356 [pool-2-thread-2] jvm - collector name {:name=>"PS Scavenge"}
  252. [DEBUG] 2018-09-14 10:40:30.356 [pool-2-thread-2] jvm - collector name {:name=>"PS MarkSweep"}
  253. [DEBUG] 2018-09-14 10:40:31.714 [Ruby-0-Thread-15: /usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:506] pipeline - Pushing flush onto pipeline {:pipeline_id=>"main", :thread=>"#<Thread:0x680322c4@/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:156 sleep>"}
  254. [DEBUG] 2018-09-14 10:40:35.263 [pool-2-thread-3] cgroup - Error, cannot retrieve cgroups information {:exception=>"Errno::ENOENT", :message=>"No such file or directory - /sys/fs/cgroup/cpuacct/docker/ba1dad67b4edbfe7ac8c399262755bc33d4121f0ae0beb0d78d576f7afbde307/cpuacct.usage"}
  255. [DEBUG] 2018-09-14 10:40:35.365 [pool-2-thread-2] jvm - collector name {:name=>"PS Scavenge"}
  256. [DEBUG] 2018-09-14 10:40:35.366 [pool-2-thread-2] jvm - collector name {:name=>"PS MarkSweep"}
  257. [DEBUG] 2018-09-14 10:40:35.994 [<udp.1] netflow - Start processing template
  258. [DEBUG] 2018-09-14 10:40:35.995 [<udp.0] netflow - Start processing template
  259. [DEBUG] 2018-09-14 10:40:35.998 [<udp.0] netflow - Field definition complete for template 256 {:field=>[:uint32, :conn_id]}
  260. [DEBUG] 2018-09-14 10:40:35.998 [<udp.1] netflow - Field definition complete for template 272 {:field=>[:uint32, :conn_id]}
  261. [DEBUG] 2018-09-14 10:40:35.998 [<udp.1] netflow - Field definition complete for template 272 {:field=>[:ip6_addr, :ipv6_src_addr]}
  262. [DEBUG] 2018-09-14 10:40:35.998 [<udp.0] netflow - Field definition complete for template 256 {:field=>[:ip4_addr, :ipv4_src_addr]}
  263. [DEBUG] 2018-09-14 10:40:35.999 [<udp.1] netflow - Field definition complete for template 272 {:field=>[:uint16, :l4_src_port]}
  264. [DEBUG] 2018-09-14 10:40:35.999 [<udp.0] netflow - Field definition complete for template 256 {:field=>[:uint16, :l4_src_port]}
  265. [DEBUG] 2018-09-14 10:40:35.999 [<udp.1] netflow - Field definition complete for template 272 {:field=>[:uint16, :input_snmp]}
  266. [DEBUG] 2018-09-14 10:40:35.999 [<udp.0] netflow - Field definition complete for template 256 {:field=>[:uint16, :input_snmp]}
  267. [DEBUG] 2018-09-14 10:40:35.999 [<udp.1] netflow - Field definition complete for template 272 {:field=>[:ip6_addr, :ipv6_dst_addr]}
  268. [DEBUG] 2018-09-14 10:40:36.000 [<udp.0] netflow - Field definition complete for template 256 {:field=>[:ip4_addr, :ipv4_dst_addr]}
  269. [DEBUG] 2018-09-14 10:40:36.000 [<udp.1] netflow - Field definition complete for template 272 {:field=>[:uint16, :l4_dst_port]}
  270. [DEBUG] 2018-09-14 10:40:36.000 [<udp.0] netflow - Field definition complete for template 256 {:field=>[:uint16, :l4_dst_port]}
  271. [DEBUG] 2018-09-14 10:40:36.000 [<udp.1] netflow - Field definition complete for template 272 {:field=>[:uint16, :output_snmp]}
  272. [DEBUG] 2018-09-14 10:40:36.000 [<udp.0] netflow - Field definition complete for template 256 {:field=>[:uint16, :output_snmp]}
  273. [DEBUG] 2018-09-14 10:40:36.000 [<udp.1] netflow - Field definition complete for template 272 {:field=>[:uint8, :protocol]}
  274. [DEBUG] 2018-09-14 10:40:36.000 [<udp.0] netflow - Field definition complete for template 256 {:field=>[:uint8, :protocol]}
  275. [DEBUG] 2018-09-14 10:40:36.000 [<udp.1] netflow - Field definition complete for template 272 {:field=>[:uint8, :icmp_type_ipv6]}
  276. [DEBUG] 2018-09-14 10:40:36.001 [<udp.1] netflow - Field definition complete for template 272 {:field=>[:uint8, :icmp_code_ipv6]}
  277. [DEBUG] 2018-09-14 10:40:36.001 [<udp.0] netflow - Field definition complete for template 256 {:field=>[:uint8, :icmp_type]}
  278. [DEBUG] 2018-09-14 10:40:36.001 [<udp.0] netflow - Field definition complete for template 256 {:field=>[:uint8, :icmp_code]}
  279. [DEBUG] 2018-09-14 10:40:36.002 [<udp.0] netflow - Field definition complete for template 256 {:field=>[:ip4_addr, :xlate_src_addr_ipv4]}
  280. [DEBUG] 2018-09-14 10:40:36.002 [<udp.0] netflow - Field definition complete for template 256 {:field=>[:ip4_addr, :xlate_dst_addr_ipv4]}
  281. [DEBUG] 2018-09-14 10:40:36.002 [<udp.1] netflow - Field definition complete for template 272 {:field=>[:ip4_addr, :xlate_src_addr_ipv4]}
  282. [DEBUG] 2018-09-14 10:40:36.002 [<udp.1] netflow - Field definition complete for template 272 {:field=>[:ip4_addr, :xlate_dst_addr_ipv4]}
  283. [DEBUG] 2018-09-14 10:40:36.002 [<udp.0] netflow - Field definition complete for template 256 {:field=>[:uint16, :xlate_src_port]}
  284. [DEBUG] 2018-09-14 10:40:36.003 [<udp.1] netflow - Field definition complete for template 272 {:field=>[:uint16, :xlate_src_port]}
  285. [DEBUG] 2018-09-14 10:40:36.003 [<udp.0] netflow - Field definition complete for template 256 {:field=>[:uint16, :xlate_dst_port]}
  286. [DEBUG] 2018-09-14 10:40:36.003 [<udp.0] netflow - Field definition complete for template 256 {:field=>[:uint8, :fw_event]}
  287. [DEBUG] 2018-09-14 10:40:36.003 [<udp.1] netflow - Field definition complete for template 272 {:field=>[:uint16, :xlate_dst_port]}
  288. [DEBUG] 2018-09-14 10:40:36.004 [<udp.1] netflow - Field definition complete for template 272 {:field=>[:uint8, :fw_event]}
  289. [DEBUG] 2018-09-14 10:40:36.004 [<udp.1] netflow - Field definition complete for template 272 {:field=>[:uint16, :fw_ext_event]}
  290. [DEBUG] 2018-09-14 10:40:36.005 [<udp.1] netflow - Field definition complete for template 272 {:field=>[:uint64, :event_time_msec]}
  291. [DEBUG] 2018-09-14 10:40:36.005 [<udp.1] netflow - Field definition complete for template 272 {:field=>[:uint64, :flow_start_msec]}
  292. [DEBUG] 2018-09-14 10:40:36.005 [<udp.1] netflow - Field definition complete for template 272 {:field=>[:acl_id_asa, :ingress_acl_id]}
  293. [DEBUG] 2018-09-14 10:40:36.005 [<udp.1] netflow - Field definition complete for template 272 {:field=>[:acl_id_asa, "egress_acl_id"]}
  294. [DEBUG] 2018-09-14 10:40:36.006 [<udp.1] netflow - Field definition complete for template 272 {:field=>[:string, :username, {:length=>65, :trim_padding=>true}]}
  295. [DEBUG] 2018-09-14 10:40:36.010 [<udp.0] netflow - Field definition complete for template 256 {:field=>[:uint16, :fw_ext_event]}
  296. [DEBUG] 2018-09-14 10:40:36.012 [<udp.0] netflow - Field definition complete for template 256 {:field=>[:uint64, :event_time_msec]}
  297. [DEBUG] 2018-09-14 10:40:36.012 [<udp.0] netflow - Field definition complete for template 256 {:field=>[:uint64, :flow_start_msec]}
  298. [DEBUG] 2018-09-14 10:40:36.012 [<udp.0] netflow - Field definition complete for template 256 {:field=>[:acl_id_asa, :ingress_acl_id]}
  299. [DEBUG] 2018-09-14 10:40:36.012 [<udp.0] netflow - Field definition complete for template 256 {:field=>[:acl_id_asa, "egress_acl_id"]}
  300. [DEBUG] 2018-09-14 10:40:36.013 [<udp.0] netflow - Field definition complete for template 256 {:field=>[:string, :username, {:length=>20, :trim_padding=>true}]}
  301. [DEBUG] 2018-09-14 10:40:36.020 [<udp.1] netflow - Received template 272 with fields [[:uint32, :conn_id], [:ip6_addr, :ipv6_src_addr], [:uint16, :l4_src_port], [:uint16, :input_snmp], [:ip6_addr, :ipv6_dst_addr], [:uint16, :l4_dst_port], [:uint16, :output_snmp], [:uint8, :protocol], [:uint8, :icmp_type_ipv6], [:uint8, :icmp_code_ipv6], [:ip4_addr, :xlate_src_addr_ipv4], [:ip4_addr, :xlate_dst_addr_ipv4], [:uint16, :xlate_src_port], [:uint16, :xlate_dst_port], [:uint8, :fw_event], [:uint16, :fw_ext_event], [:uint64, :event_time_msec], [:uint64, :flow_start_msec], [:acl_id_asa, :ingress_acl_id], [:acl_id_asa, "egress_acl_id"], [:string, :username, {:length=>65, :trim_padding=>true}]]
  302. [DEBUG] 2018-09-14 10:40:36.059 [<udp.1] netflow - Received template 272 of size 167 bytes. Representing in 167 BinData bytes
  303. [DEBUG] 2018-09-14 10:40:36.066 [<udp.1] netflow - Start processing template
  304. [DEBUG] 2018-09-14 10:40:36.067 [<udp.1] netflow - Field definition complete for template 273 {:field=>[:ip6_addr, :ipv6_src_addr]}
  305. [DEBUG] 2018-09-14 10:40:36.067 [<udp.1] netflow - Field definition complete for template 273 {:field=>[:uint16, :l4_src_port]}
  306. [DEBUG] 2018-09-14 10:40:36.067 [<udp.1] netflow - Field definition complete for template 273 {:field=>[:uint16, :input_snmp]}
  307. [DEBUG] 2018-09-14 10:40:36.068 [<udp.1] netflow - Field definition complete for template 273 {:field=>[:ip6_addr, :ipv6_dst_addr]}
  308. [DEBUG] 2018-09-14 10:40:36.068 [<udp.1] netflow - Field definition complete for template 273 {:field=>[:uint16, :l4_dst_port]}
  309. [DEBUG] 2018-09-14 10:40:36.068 [<udp.1] netflow - Field definition complete for template 273 {:field=>[:uint16, :output_snmp]}
  310. [DEBUG] 2018-09-14 10:40:36.068 [<udp.1] netflow - Field definition complete for template 273 {:field=>[:uint8, :protocol]}
  311. [DEBUG] 2018-09-14 10:40:36.069 [<udp.1] netflow - Field definition complete for template 273 {:field=>[:uint8, :icmp_type_ipv6]}
  312. [DEBUG] 2018-09-14 10:40:36.069 [<udp.1] netflow - Field definition complete for template 273 {:field=>[:uint8, :icmp_code_ipv6]}
  313. [DEBUG] 2018-09-14 10:40:36.070 [<udp.1] netflow - Field definition complete for template 273 {:field=>[:ip6_addr, :xlate_src_addr_ipv6]}
  314. [DEBUG] 2018-09-14 10:40:36.070 [<udp.1] netflow - Field definition complete for template 273 {:field=>[:ip6_addr, :xlate_dst_addr_ipv6]}
  315. [DEBUG] 2018-09-14 10:40:36.070 [<udp.1] netflow - Field definition complete for template 273 {:field=>[:uint16, :xlate_src_port]}
  316. [DEBUG] 2018-09-14 10:40:36.070 [<udp.1] netflow - Field definition complete for template 273 {:field=>[:uint16, :xlate_dst_port]}
  317. [DEBUG] 2018-09-14 10:40:36.071 [<udp.1] netflow - Field definition complete for template 273 {:field=>[:uint8, :fw_event]}
  318. [DEBUG] 2018-09-14 10:40:36.071 [<udp.1] netflow - Field definition complete for template 273 {:field=>[:uint16, :fw_ext_event]}
  319. [DEBUG] 2018-09-14 10:40:36.071 [<udp.1] netflow - Field definition complete for template 273 {:field=>[:uint64, :event_time_msec]}
  320. [DEBUG] 2018-09-14 10:40:36.072 [<udp.1] netflow - Field definition complete for template 273 {:field=>[:acl_id_asa, :ingress_acl_id]}
  321. [DEBUG] 2018-09-14 10:40:36.072 [<udp.1] netflow - Field definition complete for template 273 {:field=>[:acl_id_asa, "egress_acl_id"]}
  322. [DEBUG] 2018-09-14 10:40:36.074 [<udp.0] netflow - Received template 256 with fields [[:uint32, :conn_id], [:ip4_addr, :ipv4_src_addr], [:uint16, :l4_src_port], [:uint16, :input_snmp], [:ip4_addr, :ipv4_dst_addr], [:uint16, :l4_dst_port], [:uint16, :output_snmp], [:uint8, :protocol], [:uint8, :icmp_type], [:uint8, :icmp_code], [:ip4_addr, :xlate_src_addr_ipv4], [:ip4_addr, :xlate_dst_addr_ipv4], [:uint16, :xlate_src_port], [:uint16, :xlate_dst_port], [:uint8, :fw_event], [:uint16, :fw_ext_event], [:uint64, :event_time_msec], [:uint64, :flow_start_msec], [:acl_id_asa, :ingress_acl_id], [:acl_id_asa, "egress_acl_id"], [:string, :username, {:length=>20, :trim_padding=>true}]]
  323. [DEBUG] 2018-09-14 10:40:36.083 [<udp.0] netflow - Received template 256 of size 98 bytes. Representing in 98 BinData bytes
  324. [DEBUG] 2018-09-14 10:40:36.088 [<udp.0] netflow - Start processing template
  325. [DEBUG] 2018-09-14 10:40:36.090 [<udp.0] netflow - Field definition complete for template 257 {:field=>[:uint32, :conn_id]}
  326. [DEBUG] 2018-09-14 10:40:36.091 [<udp.0] netflow - Field definition complete for template 257 {:field=>[:ip4_addr, :ipv4_src_addr]}
  327. [DEBUG] 2018-09-14 10:40:36.091 [<udp.0] netflow - Field definition complete for template 257 {:field=>[:uint16, :l4_src_port]}
  328. [DEBUG] 2018-09-14 10:40:36.092 [<udp.0] netflow - Field definition complete for template 257 {:field=>[:uint16, :input_snmp]}
  329. [DEBUG] 2018-09-14 10:40:36.092 [<udp.0] netflow - Field definition complete for template 257 {:field=>[:ip4_addr, :ipv4_dst_addr]}
  330. [DEBUG] 2018-09-14 10:40:36.092 [<udp.0] netflow - Field definition complete for template 257 {:field=>[:uint16, :l4_dst_port]}
  331. [DEBUG] 2018-09-14 10:40:36.092 [<udp.0] netflow - Field definition complete for template 257 {:field=>[:uint16, :output_snmp]}
  332. [DEBUG] 2018-09-14 10:40:36.093 [<udp.0] netflow - Field definition complete for template 257 {:field=>[:uint8, :protocol]}
  333. [DEBUG] 2018-09-14 10:40:36.093 [<udp.0] netflow - Field definition complete for template 257 {:field=>[:uint8, :icmp_type]}
  334. [DEBUG] 2018-09-14 10:40:36.093 [<udp.0] netflow - Field definition complete for template 257 {:field=>[:uint8, :icmp_code]}
  335. [DEBUG] 2018-09-14 10:40:36.093 [<udp.0] netflow - Field definition complete for template 257 {:field=>[:ip4_addr, :xlate_src_addr_ipv4]}
  336. [DEBUG] 2018-09-14 10:40:36.094 [<udp.0] netflow - Field definition complete for template 257 {:field=>[:ip4_addr, :xlate_dst_addr_ipv4]}
  337. [DEBUG] 2018-09-14 10:40:36.094 [<udp.0] netflow - Field definition complete for template 257 {:field=>[:uint16, :xlate_src_port]}
  338. [DEBUG] 2018-09-14 10:40:36.094 [<udp.0] netflow - Field definition complete for template 257 {:field=>[:uint16, :xlate_dst_port]}
  339. [DEBUG] 2018-09-14 10:40:36.094 [<udp.0] netflow - Field definition complete for template 257 {:field=>[:uint8, :fw_event]}
  340. [DEBUG] 2018-09-14 10:40:36.095 [<udp.0] netflow - Field definition complete for template 257 {:field=>[:uint16, :fw_ext_event]}
  341. [DEBUG] 2018-09-14 10:40:36.095 [<udp.1] netflow - Received template 273 with fields [[:ip6_addr, :ipv6_src_addr], [:uint16, :l4_src_port], [:uint16, :input_snmp], [:ip6_addr, :ipv6_dst_addr], [:uint16, :l4_dst_port], [:uint16, :output_snmp], [:uint8, :protocol], [:uint8, :icmp_type_ipv6], [:uint8, :icmp_code_ipv6], [:ip6_addr, :xlate_src_addr_ipv6], [:ip6_addr, :xlate_dst_addr_ipv6], [:uint16, :xlate_src_port], [:uint16, :xlate_dst_port], [:uint8, :fw_event], [:uint16, :fw_ext_event], [:uint64, :event_time_msec], [:acl_id_asa, :ingress_acl_id], [:acl_id_asa, "egress_acl_id"]]
  342. [DEBUG] 2018-09-14 10:40:36.095 [<udp.0] netflow - Field definition complete for template 257 {:field=>[:uint64, :event_time_msec]}
  343. [DEBUG] 2018-09-14 10:40:36.095 [<udp.0] netflow - Field definition complete for template 257 {:field=>[:uint64, :flow_start_msec]}
  344. [DEBUG] 2018-09-14 10:40:36.096 [<udp.0] netflow - Field definition complete for template 257 {:field=>[:acl_id_asa, :ingress_acl_id]}
  345. [DEBUG] 2018-09-14 10:40:36.096 [<udp.0] netflow - Field definition complete for template 257 {:field=>[:acl_id_asa, "egress_acl_id"]}
  346. [DEBUG] 2018-09-14 10:40:36.096 [<udp.0] netflow - Field definition complete for template 257 {:field=>[:string, :username, {:length=>65, :trim_padding=>true}]}
  347. [DEBUG] 2018-09-14 10:40:36.107 [<udp.1] netflow - Received template 273 of size 114 bytes. Representing in 114 BinData bytes
  348. [DEBUG] 2018-09-14 10:40:36.116 [<udp.1] netflow - Start processing template
  349. [DEBUG] 2018-09-14 10:40:36.116 [<udp.1] netflow - Field definition complete for template 274 {:field=>[:ip4_addr, :ipv4_src_addr]}
  350. [DEBUG] 2018-09-14 10:40:36.116 [<udp.1] netflow - Field definition complete for template 274 {:field=>[:uint16, :l4_src_port]}
  351. [DEBUG] 2018-09-14 10:40:36.117 [<udp.1] netflow - Field definition complete for template 274 {:field=>[:uint16, :input_snmp]}
  352. [DEBUG] 2018-09-14 10:40:36.117 [<udp.1] netflow - Field definition complete for template 274 {:field=>[:ip4_addr, :ipv4_dst_addr]}
  353. [DEBUG] 2018-09-14 10:40:36.117 [<udp.1] netflow - Field definition complete for template 274 {:field=>[:uint16, :l4_dst_port]}
  354. [DEBUG] 2018-09-14 10:40:36.117 [<udp.1] netflow - Field definition complete for template 274 {:field=>[:uint16, :output_snmp]}
  355. [DEBUG] 2018-09-14 10:40:36.117 [<udp.1] netflow - Field definition complete for template 274 {:field=>[:uint8, :protocol]}
  356. [DEBUG] 2018-09-14 10:40:36.117 [<udp.1] netflow - Field definition complete for template 274 {:field=>[:uint8, :icmp_type]}
  357. [DEBUG] 2018-09-14 10:40:36.118 [<udp.1] netflow - Field definition complete for template 274 {:field=>[:uint8, :icmp_code]}
  358. [DEBUG] 2018-09-14 10:40:36.118 [<udp.1] netflow - Field definition complete for template 274 {:field=>[:ip6_addr, :xlate_src_addr_ipv6]}
  359. [DEBUG] 2018-09-14 10:40:36.118 [<udp.1] netflow - Field definition complete for template 274 {:field=>[:ip6_addr, :xlate_dst_addr_ipv6]}
  360. [DEBUG] 2018-09-14 10:40:36.118 [<udp.1] netflow - Field definition complete for template 274 {:field=>[:uint16, :xlate_src_port]}
  361. [DEBUG] 2018-09-14 10:40:36.118 [<udp.1] netflow - Field definition complete for template 274 {:field=>[:uint16, :xlate_dst_port]}
  362. [DEBUG] 2018-09-14 10:40:36.119 [<udp.1] netflow - Field definition complete for template 274 {:field=>[:uint8, :fw_event]}
  363. [DEBUG] 2018-09-14 10:40:36.119 [<udp.1] netflow - Field definition complete for template 274 {:field=>[:uint16, :fw_ext_event]}
  364. [DEBUG] 2018-09-14 10:40:36.119 [<udp.1] netflow - Field definition complete for template 274 {:field=>[:uint64, :event_time_msec]}
  365. [DEBUG] 2018-09-14 10:40:36.119 [<udp.1] netflow - Field definition complete for template 274 {:field=>[:acl_id_asa, :ingress_acl_id]}
  366. [DEBUG] 2018-09-14 10:40:36.119 [<udp.1] netflow - Field definition complete for template 274 {:field=>[:acl_id_asa, "egress_acl_id"]}
  367. [DEBUG] 2018-09-14 10:40:36.124 [<udp.0] netflow - Received template 257 with fields [[:uint32, :conn_id], [:ip4_addr, :ipv4_src_addr], [:uint16, :l4_src_port], [:uint16, :input_snmp], [:ip4_addr, :ipv4_dst_addr], [:uint16, :l4_dst_port], [:uint16, :output_snmp], [:uint8, :protocol], [:uint8, :icmp_type], [:uint8, :icmp_code], [:ip4_addr, :xlate_src_addr_ipv4], [:ip4_addr, :xlate_dst_addr_ipv4], [:uint16, :xlate_src_port], [:uint16, :xlate_dst_port], [:uint8, :fw_event], [:uint16, :fw_ext_event], [:uint64, :event_time_msec], [:uint64, :flow_start_msec], [:acl_id_asa, :ingress_acl_id], [:acl_id_asa, "egress_acl_id"], [:string, :username, {:length=>65, :trim_padding=>true}]]
  368. [DEBUG] 2018-09-14 10:40:36.129 [<udp.0] netflow - Received template 257 of size 143 bytes. Representing in 143 BinData bytes
  369. [DEBUG] 2018-09-14 10:40:36.133 [<udp.0] netflow - Start processing template
  370. [DEBUG] 2018-09-14 10:40:36.133 [<udp.0] netflow - Field definition complete for template 258 {:field=>[:uint32, :conn_id]}
  371. [DEBUG] 2018-09-14 10:40:36.133 [<udp.0] netflow - Field definition complete for template 258 {:field=>[:ip6_addr, :ipv6_src_addr]}
  372. [DEBUG] 2018-09-14 10:40:36.133 [<udp.0] netflow - Field definition complete for template 258 {:field=>[:uint16, :l4_src_port]}
  373. [DEBUG] 2018-09-14 10:40:36.134 [<udp.0] netflow - Field definition complete for template 258 {:field=>[:uint16, :input_snmp]}
  374. [DEBUG] 2018-09-14 10:40:36.134 [<udp.0] netflow - Field definition complete for template 258 {:field=>[:ip6_addr, :ipv6_dst_addr]}
  375. [DEBUG] 2018-09-14 10:40:36.134 [<udp.0] netflow - Field definition complete for template 258 {:field=>[:uint16, :l4_dst_port]}
  376. [DEBUG] 2018-09-14 10:40:36.134 [<udp.0] netflow - Field definition complete for template 258 {:field=>[:uint16, :output_snmp]}
  377. [DEBUG] 2018-09-14 10:40:36.134 [<udp.0] netflow - Field definition complete for template 258 {:field=>[:uint8, :protocol]}
  378. [DEBUG] 2018-09-14 10:40:36.135 [<udp.0] netflow - Field definition complete for template 258 {:field=>[:uint8, :icmp_type_ipv6]}
  379. [DEBUG] 2018-09-14 10:40:36.135 [<udp.0] netflow - Field definition complete for template 258 {:field=>[:uint8, :icmp_code_ipv6]}
  380. [DEBUG] 2018-09-14 10:40:36.135 [<udp.0] netflow - Field definition complete for template 258 {:field=>[:ip6_addr, :xlate_src_addr_ipv6]}
  381. [DEBUG] 2018-09-14 10:40:36.135 [<udp.0] netflow - Field definition complete for template 258 {:field=>[:ip6_addr, :xlate_dst_addr_ipv6]}
  382. [DEBUG] 2018-09-14 10:40:36.135 [<udp.0] netflow - Field definition complete for template 258 {:field=>[:uint16, :xlate_src_port]}
  383. [DEBUG] 2018-09-14 10:40:36.136 [<udp.0] netflow - Field definition complete for template 258 {:field=>[:uint16, :xlate_dst_port]}
  384. [DEBUG] 2018-09-14 10:40:36.136 [<udp.0] netflow - Field definition complete for template 258 {:field=>[:uint8, :fw_event]}
  385. [DEBUG] 2018-09-14 10:40:36.136 [<udp.0] netflow - Field definition complete for template 258 {:field=>[:uint16, :fw_ext_event]}
  386. [DEBUG] 2018-09-14 10:40:36.137 [<udp.0] netflow - Field definition complete for template 258 {:field=>[:uint64, :event_time_msec]}
  387. [DEBUG] 2018-09-14 10:40:36.137 [<udp.0] netflow - Field definition complete for template 258 {:field=>[:uint64, :flow_start_msec]}
  388. [DEBUG] 2018-09-14 10:40:36.137 [<udp.0] netflow - Field definition complete for template 258 {:field=>[:acl_id_asa, :ingress_acl_id]}
  389. [DEBUG] 2018-09-14 10:40:36.137 [<udp.0] netflow - Field definition complete for template 258 {:field=>[:acl_id_asa, "egress_acl_id"]}
  390. [DEBUG] 2018-09-14 10:40:36.138 [<udp.0] netflow - Field definition complete for template 258 {:field=>[:string, :username, {:length=>20, :trim_padding=>true}]}
  391. [DEBUG] 2018-09-14 10:40:36.143 [<udp.1] netflow - Received template 274 with fields [[:ip4_addr, :ipv4_src_addr], [:uint16, :l4_src_port], [:uint16, :input_snmp], [:ip4_addr, :ipv4_dst_addr], [:uint16, :l4_dst_port], [:uint16, :output_snmp], [:uint8, :protocol], [:uint8, :icmp_type], [:uint8, :icmp_code], [:ip6_addr, :xlate_src_addr_ipv6], [:ip6_addr, :xlate_dst_addr_ipv6], [:uint16, :xlate_src_port], [:uint16, :xlate_dst_port], [:uint8, :fw_event], [:uint16, :fw_ext_event], [:uint64, :event_time_msec], [:acl_id_asa, :ingress_acl_id], [:acl_id_asa, "egress_acl_id"]]
  392. [DEBUG] 2018-09-14 10:40:36.154 [<udp.1] netflow - Received template 274 of size 90 bytes. Representing in 90 BinData bytes
  393. [DEBUG] 2018-09-14 10:40:36.159 [<udp.1] netflow - Start processing template
  394. [DEBUG] 2018-09-14 10:40:36.159 [<udp.1] netflow - Field definition complete for template 275 {:field=>[:ip4_addr, :ipv4_src_addr]}
  395. [DEBUG] 2018-09-14 10:40:36.159 [<udp.1] netflow - Field definition complete for template 275 {:field=>[:uint16, :l4_src_port]}
  396. [DEBUG] 2018-09-14 10:40:36.159 [<udp.1] netflow - Field definition complete for template 275 {:field=>[:uint16, :input_snmp]}
  397. [DEBUG] 2018-09-14 10:40:36.159 [<udp.1] netflow - Field definition complete for template 275 {:field=>[:ip4_addr, :ipv4_dst_addr]}
  398. [DEBUG] 2018-09-14 10:40:36.160 [<udp.1] netflow - Field definition complete for template 275 {:field=>[:uint16, :l4_dst_port]}
  399. [DEBUG] 2018-09-14 10:40:36.160 [<udp.1] netflow - Field definition complete for template 275 {:field=>[:uint16, :output_snmp]}
  400. [DEBUG] 2018-09-14 10:40:36.160 [<udp.1] netflow - Field definition complete for template 275 {:field=>[:uint8, :protocol]}
  401. [DEBUG] 2018-09-14 10:40:36.160 [<udp.1] netflow - Field definition complete for template 275 {:field=>[:uint8, :icmp_type]}
  402. [DEBUG] 2018-09-14 10:40:36.160 [<udp.1] netflow - Field definition complete for template 275 {:field=>[:uint8, :icmp_code]}
  403. [DEBUG] 2018-09-14 10:40:36.160 [<udp.1] netflow - Field definition complete for template 275 {:field=>[:ip4_addr, :xlate_src_addr_ipv4]}
  404. [DEBUG] 2018-09-14 10:40:36.160 [<udp.1] netflow - Field definition complete for template 275 {:field=>[:ip6_addr, :xlate_dst_addr_ipv6]}
  405. [DEBUG] 2018-09-14 10:40:36.160 [<udp.1] netflow - Field definition complete for template 275 {:field=>[:uint16, :xlate_src_port]}
  406. [DEBUG] 2018-09-14 10:40:36.161 [<udp.1] netflow - Field definition complete for template 275 {:field=>[:uint16, :xlate_dst_port]}
  407. [DEBUG] 2018-09-14 10:40:36.161 [<udp.1] netflow - Field definition complete for template 275 {:field=>[:uint8, :fw_event]}
  408. [DEBUG] 2018-09-14 10:40:36.161 [<udp.1] netflow - Field definition complete for template 275 {:field=>[:uint16, :fw_ext_event]}
  409. [DEBUG] 2018-09-14 10:40:36.161 [<udp.1] netflow - Field definition complete for template 275 {:field=>[:uint64, :event_time_msec]}
  410. [DEBUG] 2018-09-14 10:40:36.161 [<udp.1] netflow - Field definition complete for template 275 {:field=>[:acl_id_asa, :ingress_acl_id]}
  411. [DEBUG] 2018-09-14 10:40:36.161 [<udp.1] netflow - Field definition complete for template 275 {:field=>[:acl_id_asa, "egress_acl_id"]}
  412. [DEBUG] 2018-09-14 10:40:36.164 [<udp.0] netflow - Received template 258 with fields [[:uint32, :conn_id], [:ip6_addr, :ipv6_src_addr], [:uint16, :l4_src_port], [:uint16, :input_snmp], [:ip6_addr, :ipv6_dst_addr], [:uint16, :l4_dst_port], [:uint16, :output_snmp], [:uint8, :protocol], [:uint8, :icmp_type_ipv6], [:uint8, :icmp_code_ipv6], [:ip6_addr, :xlate_src_addr_ipv6], [:ip6_addr, :xlate_dst_addr_ipv6], [:uint16, :xlate_src_port], [:uint16, :xlate_dst_port], [:uint8, :fw_event], [:uint16, :fw_ext_event], [:uint64, :event_time_msec], [:uint64, :flow_start_msec], [:acl_id_asa, :ingress_acl_id], [:acl_id_asa, "egress_acl_id"], [:string, :username, {:length=>20, :trim_padding=>true}]]
  413. [DEBUG] 2018-09-14 10:40:36.171 [<udp.0] netflow - Received template 258 of size 146 bytes. Representing in 146 BinData bytes
  414. [DEBUG] 2018-09-14 10:40:36.178 [<udp.0] netflow - Start processing template
  415. [DEBUG] 2018-09-14 10:40:36.178 [<udp.0] netflow - Field definition complete for template 259 {:field=>[:uint32, :conn_id]}
  416. [DEBUG] 2018-09-14 10:40:36.178 [<udp.0] netflow - Field definition complete for template 259 {:field=>[:ip6_addr, :ipv6_src_addr]}
  417. [DEBUG] 2018-09-14 10:40:36.178 [<udp.0] netflow - Field definition complete for template 259 {:field=>[:uint16, :l4_src_port]}
  418. [DEBUG] 2018-09-14 10:40:36.179 [<udp.0] netflow - Field definition complete for template 259 {:field=>[:uint16, :input_snmp]}
  419. [DEBUG] 2018-09-14 10:40:36.179 [<udp.0] netflow - Field definition complete for template 259 {:field=>[:ip6_addr, :ipv6_dst_addr]}
  420. [DEBUG] 2018-09-14 10:40:36.179 [<udp.0] netflow - Field definition complete for template 259 {:field=>[:uint16, :l4_dst_port]}
  421. [DEBUG] 2018-09-14 10:40:36.179 [<udp.0] netflow - Field definition complete for template 259 {:field=>[:uint16, :output_snmp]}
  422. [DEBUG] 2018-09-14 10:40:36.179 [<udp.0] netflow - Field definition complete for template 259 {:field=>[:uint8, :protocol]}
  423. [DEBUG] 2018-09-14 10:40:36.179 [<udp.0] netflow - Field definition complete for template 259 {:field=>[:uint8, :icmp_type_ipv6]}
  424. [DEBUG] 2018-09-14 10:40:36.179 [<udp.0] netflow - Field definition complete for template 259 {:field=>[:uint8, :icmp_code_ipv6]}
  425. [DEBUG] 2018-09-14 10:40:36.179 [<udp.0] netflow - Field definition complete for template 259 {:field=>[:ip6_addr, :xlate_src_addr_ipv6]}
  426. [DEBUG] 2018-09-14 10:40:36.179 [<udp.0] netflow - Field definition complete for template 259 {:field=>[:ip6_addr, :xlate_dst_addr_ipv6]}
  427. [DEBUG] 2018-09-14 10:40:36.180 [<udp.0] netflow - Field definition complete for template 259 {:field=>[:uint16, :xlate_src_port]}
  428. [DEBUG] 2018-09-14 10:40:36.180 [<udp.0] netflow - Field definition complete for template 259 {:field=>[:uint16, :xlate_dst_port]}
  429. [DEBUG] 2018-09-14 10:40:36.180 [<udp.0] netflow - Field definition complete for template 259 {:field=>[:uint8, :fw_event]}
  430. [DEBUG] 2018-09-14 10:40:36.180 [<udp.0] netflow - Field definition complete for template 259 {:field=>[:uint16, :fw_ext_event]}
  431. [DEBUG] 2018-09-14 10:40:36.180 [<udp.0] netflow - Field definition complete for template 259 {:field=>[:uint64, :event_time_msec]}
  432. [DEBUG] 2018-09-14 10:40:36.181 [<udp.0] netflow - Field definition complete for template 259 {:field=>[:uint64, :flow_start_msec]}
  433. [DEBUG] 2018-09-14 10:40:36.181 [<udp.0] netflow - Field definition complete for template 259 {:field=>[:acl_id_asa, :ingress_acl_id]}
  434. [DEBUG] 2018-09-14 10:40:36.181 [<udp.0] netflow - Field definition complete for template 259 {:field=>[:acl_id_asa, "egress_acl_id"]}
  435. [DEBUG] 2018-09-14 10:40:36.181 [<udp.0] netflow - Field definition complete for template 259 {:field=>[:string, :username, {:length=>65, :trim_padding=>true}]}
  436. [DEBUG] 2018-09-14 10:40:36.182 [<udp.1] netflow - Received template 275 with fields [[:ip4_addr, :ipv4_src_addr], [:uint16, :l4_src_port], [:uint16, :input_snmp], [:ip4_addr, :ipv4_dst_addr], [:uint16, :l4_dst_port], [:uint16, :output_snmp], [:uint8, :protocol], [:uint8, :icmp_type], [:uint8, :icmp_code], [:ip4_addr, :xlate_src_addr_ipv4], [:ip6_addr, :xlate_dst_addr_ipv6], [:uint16, :xlate_src_port], [:uint16, :xlate_dst_port], [:uint8, :fw_event], [:uint16, :fw_ext_event], [:uint64, :event_time_msec], [:acl_id_asa, :ingress_acl_id], [:acl_id_asa, "egress_acl_id"]]
  437. [DEBUG] 2018-09-14 10:40:36.189 [<udp.1] netflow - Received template 275 of size 78 bytes. Representing in 78 BinData bytes
  438. [DEBUG] 2018-09-14 10:40:36.197 [<udp.1] netflow - Start processing template
  439. [DEBUG] 2018-09-14 10:40:36.197 [<udp.1] netflow - Field definition complete for template 276 {:field=>[:ip6_addr, :ipv6_src_addr]}
  440. [DEBUG] 2018-09-14 10:40:36.197 [<udp.1] netflow - Field definition complete for template 276 {:field=>[:uint16, :l4_src_port]}
  441. [DEBUG] 2018-09-14 10:40:36.197 [<udp.1] netflow - Field definition complete for template 276 {:field=>[:uint16, :input_snmp]}
  442. [DEBUG] 2018-09-14 10:40:36.197 [<udp.1] netflow - Field definition complete for template 276 {:field=>[:ip6_addr, :ipv6_dst_addr]}
  443. [DEBUG] 2018-09-14 10:40:36.198 [<udp.1] netflow - Field definition complete for template 276 {:field=>[:uint16, :l4_dst_port]}
  444. [DEBUG] 2018-09-14 10:40:36.198 [<udp.1] netflow - Field definition complete for template 276 {:field=>[:uint16, :output_snmp]}
  445. [DEBUG] 2018-09-14 10:40:36.198 [<udp.1] netflow - Field definition complete for template 276 {:field=>[:uint8, :protocol]}
  446. [DEBUG] 2018-09-14 10:40:36.198 [<udp.1] netflow - Field definition complete for template 276 {:field=>[:uint8, :icmp_type_ipv6]}
  447. [DEBUG] 2018-09-14 10:40:36.198 [<udp.1] netflow - Field definition complete for template 276 {:field=>[:uint8, :icmp_code_ipv6]}
  448. [DEBUG] 2018-09-14 10:40:36.199 [<udp.1] netflow - Field definition complete for template 276 {:field=>[:ip4_addr, :xlate_src_addr_ipv4]}
  449. [DEBUG] 2018-09-14 10:40:36.199 [<udp.1] netflow - Field definition complete for template 276 {:field=>[:ip4_addr, :xlate_dst_addr_ipv4]}
  450. [DEBUG] 2018-09-14 10:40:36.199 [<udp.1] netflow - Field definition complete for template 276 {:field=>[:uint16, :xlate_src_port]}
  451. [DEBUG] 2018-09-14 10:40:36.199 [<udp.1] netflow - Field definition complete for template 276 {:field=>[:uint16, :xlate_dst_port]}
  452. [DEBUG] 2018-09-14 10:40:36.199 [<udp.1] netflow - Field definition complete for template 276 {:field=>[:uint8, :fw_event]}
  453. [DEBUG] 2018-09-14 10:40:36.199 [<udp.1] netflow - Field definition complete for template 276 {:field=>[:uint16, :fw_ext_event]}
  454. [DEBUG] 2018-09-14 10:40:36.200 [<udp.1] netflow - Field definition complete for template 276 {:field=>[:uint64, :event_time_msec]}
  455. [DEBUG] 2018-09-14 10:40:36.200 [<udp.1] netflow - Field definition complete for template 276 {:field=>[:acl_id_asa, :ingress_acl_id]}
  456. [DEBUG] 2018-09-14 10:40:36.200 [<udp.1] netflow - Field definition complete for template 276 {:field=>[:acl_id_asa, "egress_acl_id"]}
  457. [DEBUG] 2018-09-14 10:40:36.203 [<udp.0] netflow - Received template 259 with fields [[:uint32, :conn_id], [:ip6_addr, :ipv6_src_addr], [:uint16, :l4_src_port], [:uint16, :input_snmp], [:ip6_addr, :ipv6_dst_addr], [:uint16, :l4_dst_port], [:uint16, :output_snmp], [:uint8, :protocol], [:uint8, :icmp_type_ipv6], [:uint8, :icmp_code_ipv6], [:ip6_addr, :xlate_src_addr_ipv6], [:ip6_addr, :xlate_dst_addr_ipv6], [:uint16, :xlate_src_port], [:uint16, :xlate_dst_port], [:uint8, :fw_event], [:uint16, :fw_ext_event], [:uint64, :event_time_msec], [:uint64, :flow_start_msec], [:acl_id_asa, :ingress_acl_id], [:acl_id_asa, "egress_acl_id"], [:string, :username, {:length=>65, :trim_padding=>true}]]
  458. [DEBUG] 2018-09-14 10:40:36.212 [<udp.0] netflow - Received template 259 of size 191 bytes. Representing in 191 BinData bytes
  459. [DEBUG] 2018-09-14 10:40:36.217 [<udp.0] netflow - Start processing template
  460. [DEBUG] 2018-09-14 10:40:36.217 [<udp.0] netflow - Field definition complete for template 260 {:field=>[:ip4_addr, :ipv4_src_addr]}
  461. [DEBUG] 2018-09-14 10:40:36.217 [<udp.0] netflow - Field definition complete for template 260 {:field=>[:uint16, :l4_src_port]}
  462. [DEBUG] 2018-09-14 10:40:36.217 [<udp.0] netflow - Field definition complete for template 260 {:field=>[:uint16, :input_snmp]}
  463. [DEBUG] 2018-09-14 10:40:36.218 [<udp.0] netflow - Field definition complete for template 260 {:field=>[:ip4_addr, :ipv4_dst_addr]}
  464. [DEBUG] 2018-09-14 10:40:36.218 [<udp.0] netflow - Field definition complete for template 260 {:field=>[:uint16, :l4_dst_port]}
  465. [DEBUG] 2018-09-14 10:40:36.218 [<udp.0] netflow - Field definition complete for template 260 {:field=>[:uint16, :output_snmp]}
  466. [DEBUG] 2018-09-14 10:40:36.218 [<udp.0] netflow - Field definition complete for template 260 {:field=>[:uint8, :protocol]}
  467. [DEBUG] 2018-09-14 10:40:36.218 [<udp.0] netflow - Field definition complete for template 260 {:field=>[:uint8, :icmp_type]}
  468. [DEBUG] 2018-09-14 10:40:36.218 [<udp.0] netflow - Field definition complete for template 260 {:field=>[:uint8, :icmp_code]}
  469. [DEBUG] 2018-09-14 10:40:36.219 [<udp.0] netflow - Field definition complete for template 260 {:field=>[:ip4_addr, :xlate_src_addr_ipv4]}
  470. [DEBUG] 2018-09-14 10:40:36.219 [<udp.0] netflow - Field definition complete for template 260 {:field=>[:ip4_addr, :xlate_dst_addr_ipv4]}
  471. [DEBUG] 2018-09-14 10:40:36.220 [<udp.0] netflow - Field definition complete for template 260 {:field=>[:uint16, :xlate_src_port]}
  472. [DEBUG] 2018-09-14 10:40:36.220 [<udp.0] netflow - Field definition complete for template 260 {:field=>[:uint16, :xlate_dst_port]}
  473. [DEBUG] 2018-09-14 10:40:36.220 [<udp.0] netflow - Field definition complete for template 260 {:field=>[:uint8, :fw_event]}
  474. [DEBUG] 2018-09-14 10:40:36.220 [<udp.0] netflow - Field definition complete for template 260 {:field=>[:uint16, :fw_ext_event]}
  475. [DEBUG] 2018-09-14 10:40:36.220 [<udp.0] netflow - Field definition complete for template 260 {:field=>[:uint64, :event_time_msec]}
  476. [DEBUG] 2018-09-14 10:40:36.220 [<udp.0] netflow - Field definition complete for template 260 {:field=>[:acl_id_asa, :ingress_acl_id]}
  477. [DEBUG] 2018-09-14 10:40:36.221 [<udp.0] netflow - Field definition complete for template 260 {:field=>[:acl_id_asa, "egress_acl_id"]}
  478. [DEBUG] 2018-09-14 10:40:36.222 [<udp.1] netflow - Received template 276 with fields [[:ip6_addr, :ipv6_src_addr], [:uint16, :l4_src_port], [:uint16, :input_snmp], [:ip6_addr, :ipv6_dst_addr], [:uint16, :l4_dst_port], [:uint16, :output_snmp], [:uint8, :protocol], [:uint8, :icmp_type_ipv6], [:uint8, :icmp_code_ipv6], [:ip4_addr, :xlate_src_addr_ipv4], [:ip4_addr, :xlate_dst_addr_ipv4], [:uint16, :xlate_src_port], [:uint16, :xlate_dst_port], [:uint8, :fw_event], [:uint16, :fw_ext_event], [:uint64, :event_time_msec], [:acl_id_asa, :ingress_acl_id], [:acl_id_asa, "egress_acl_id"]]
  479. [DEBUG] 2018-09-14 10:40:36.229 [<udp.1] netflow - Received template 276 of size 90 bytes. Representing in 90 BinData bytes
  480. [DEBUG] 2018-09-14 10:40:36.234 [<udp.1] netflow - Start processing template
  481. [DEBUG] 2018-09-14 10:40:36.235 [<udp.1] netflow - Field definition complete for template 277 {:field=>[:ip6_addr, :ipv6_src_addr]}
  482. [DEBUG] 2018-09-14 10:40:36.235 [<udp.1] netflow - Field definition complete for template 277 {:field=>[:uint16, :l4_src_port]}
  483. [DEBUG] 2018-09-14 10:40:36.235 [<udp.1] netflow - Field definition complete for template 277 {:field=>[:uint16, :input_snmp]}
  484. [DEBUG] 2018-09-14 10:40:36.235 [<udp.1] netflow - Field definition complete for template 277 {:field=>[:ip6_addr, :ipv6_dst_addr]}
  485. [DEBUG] 2018-09-14 10:40:36.235 [<udp.1] netflow - Field definition complete for template 277 {:field=>[:uint16, :l4_dst_port]}
  486. [DEBUG] 2018-09-14 10:40:36.235 [<udp.1] netflow - Field definition complete for template 277 {:field=>[:uint16, :output_snmp]}
  487. [DEBUG] 2018-09-14 10:40:36.236 [<udp.1] netflow - Field definition complete for template 277 {:field=>[:uint8, :protocol]}
  488. [DEBUG] 2018-09-14 10:40:36.236 [<udp.1] netflow - Field definition complete for template 277 {:field=>[:uint8, :icmp_type_ipv6]}
  489. [DEBUG] 2018-09-14 10:40:36.236 [<udp.1] netflow - Field definition complete for template 277 {:field=>[:uint8, :icmp_code_ipv6]}
  490. [DEBUG] 2018-09-14 10:40:36.236 [<udp.1] netflow - Field definition complete for template 277 {:field=>[:ip6_addr, :xlate_src_addr_ipv6]}
  491. [DEBUG] 2018-09-14 10:40:36.236 [<udp.1] netflow - Field definition complete for template 277 {:field=>[:ip4_addr, :xlate_dst_addr_ipv4]}
  492. [DEBUG] 2018-09-14 10:40:36.236 [<udp.1] netflow - Field definition complete for template 277 {:field=>[:uint16, :xlate_src_port]}
  493. [DEBUG] 2018-09-14 10:40:36.236 [<udp.1] netflow - Field definition complete for template 277 {:field=>[:uint16, :xlate_dst_port]}
  494. [DEBUG] 2018-09-14 10:40:36.236 [<udp.1] netflow - Field definition complete for template 277 {:field=>[:uint8, :fw_event]}
  495. [DEBUG] 2018-09-14 10:40:36.236 [<udp.1] netflow - Field definition complete for template 277 {:field=>[:uint16, :fw_ext_event]}
  496. [DEBUG] 2018-09-14 10:40:36.237 [<udp.1] netflow - Field definition complete for template 277 {:field=>[:uint64, :event_time_msec]}
  497. [DEBUG] 2018-09-14 10:40:36.237 [<udp.1] netflow - Field definition complete for template 277 {:field=>[:acl_id_asa, :ingress_acl_id]}
  498. [DEBUG] 2018-09-14 10:40:36.237 [<udp.1] netflow - Field definition complete for template 277 {:field=>[:acl_id_asa, "egress_acl_id"]}
  499. [DEBUG] 2018-09-14 10:40:36.238 [<udp.0] netflow - Received template 260 with fields [[:ip4_addr, :ipv4_src_addr], [:uint16, :l4_src_port], [:uint16, :input_snmp], [:ip4_addr, :ipv4_dst_addr], [:uint16, :l4_dst_port], [:uint16, :output_snmp], [:uint8, :protocol], [:uint8, :icmp_type], [:uint8, :icmp_code], [:ip4_addr, :xlate_src_addr_ipv4], [:ip4_addr, :xlate_dst_addr_ipv4], [:uint16, :xlate_src_port], [:uint16, :xlate_dst_port], [:uint8, :fw_event], [:uint16, :fw_ext_event], [:uint64, :event_time_msec], [:acl_id_asa, :ingress_acl_id], [:acl_id_asa, "egress_acl_id"]]
  500. [DEBUG] 2018-09-14 10:40:36.244 [<udp.0] netflow - Received template 260 of size 66 bytes. Representing in 66 BinData bytes
  501. [DEBUG] 2018-09-14 10:40:36.247 [<udp.0] netflow - Start processing template
  502. [DEBUG] 2018-09-14 10:40:36.247 [<udp.0] netflow - Field definition complete for template 261 {:field=>[:ip4_addr, :ipv4_src_addr]}
  503. [DEBUG] 2018-09-14 10:40:36.248 [<udp.0] netflow - Field definition complete for template 261 {:field=>[:uint16, :l4_src_port]}
  504. [DEBUG] 2018-09-14 10:40:36.248 [<udp.0] netflow - Field definition complete for template 261 {:field=>[:uint16, :input_snmp]}
  505. [DEBUG] 2018-09-14 10:40:36.248 [<udp.0] netflow - Field definition complete for template 261 {:field=>[:ip4_addr, :ipv4_dst_addr]}
  506. [DEBUG] 2018-09-14 10:40:36.248 [<udp.0] netflow - Field definition complete for template 261 {:field=>[:uint16, :l4_dst_port]}
  507. [DEBUG] 2018-09-14 10:40:36.248 [<udp.0] netflow - Field definition complete for template 261 {:field=>[:uint16, :output_snmp]}
  508. [DEBUG] 2018-09-14 10:40:36.248 [<udp.0] netflow - Field definition complete for template 261 {:field=>[:uint8, :protocol]}
  509. [DEBUG] 2018-09-14 10:40:36.248 [<udp.0] netflow - Field definition complete for template 261 {:field=>[:uint8, :icmp_type]}
  510. [DEBUG] 2018-09-14 10:40:36.248 [<udp.0] netflow - Field definition complete for template 261 {:field=>[:uint8, :icmp_code]}
  511. [DEBUG] 2018-09-14 10:40:36.249 [<udp.0] netflow - Field definition complete for template 261 {:field=>[:uint8, :fw_event]}
  512. [DEBUG] 2018-09-14 10:40:36.249 [<udp.0] netflow - Field definition complete for template 261 {:field=>[:uint16, :fw_ext_event]}
  513. [DEBUG] 2018-09-14 10:40:36.249 [<udp.0] netflow - Field definition complete for template 261 {:field=>[:uint64, :event_time_msec]}
  514. [DEBUG] 2018-09-14 10:40:36.249 [<udp.0] netflow - Field definition complete for template 261 {:field=>[:acl_id_asa, :ingress_acl_id]}
  515. [DEBUG] 2018-09-14 10:40:36.249 [<udp.0] netflow - Field definition complete for template 261 {:field=>[:acl_id_asa, "egress_acl_id"]}
  516. [DEBUG] 2018-09-14 10:40:36.253 [<udp.1] netflow - Received template 277 with fields [[:ip6_addr, :ipv6_src_addr], [:uint16, :l4_src_port], [:uint16, :input_snmp], [:ip6_addr, :ipv6_dst_addr], [:uint16, :l4_dst_port], [:uint16, :output_snmp], [:uint8, :protocol], [:uint8, :icmp_type_ipv6], [:uint8, :icmp_code_ipv6], [:ip6_addr, :xlate_src_addr_ipv6], [:ip4_addr, :xlate_dst_addr_ipv4], [:uint16, :xlate_src_port], [:uint16, :xlate_dst_port], [:uint8, :fw_event], [:uint16, :fw_ext_event], [:uint64, :event_time_msec], [:acl_id_asa, :ingress_acl_id], [:acl_id_asa, "egress_acl_id"]]
  517. [DEBUG] 2018-09-14 10:40:36.259 [<udp.1] netflow - Received template 277 of size 102 bytes. Representing in 102 BinData bytes
  518. [DEBUG] 2018-09-14 10:40:36.263 [<udp.1] netflow - Start processing template
  519. [DEBUG] 2018-09-14 10:40:36.263 [<udp.1] netflow - Field definition complete for template 278 {:field=>[:uint32, :conn_id]}
  520. [DEBUG] 2018-09-14 10:40:36.263 [<udp.1] netflow - Field definition complete for template 278 {:field=>[:ip4_addr, :ipv4_src_addr]}
  521. [DEBUG] 2018-09-14 10:40:36.263 [<udp.1] netflow - Field definition complete for template 278 {:field=>[:uint16, :l4_src_port]}
  522. [DEBUG] 2018-09-14 10:40:36.264 [<udp.1] netflow - Field definition complete for template 278 {:field=>[:uint16, :input_snmp]}
  523. [DEBUG] 2018-09-14 10:40:36.264 [<udp.1] netflow - Field definition complete for template 278 {:field=>[:ip4_addr, :ipv4_dst_addr]}
  524. [DEBUG] 2018-09-14 10:40:36.264 [<udp.1] netflow - Field definition complete for template 278 {:field=>[:uint16, :l4_dst_port]}
  525. [DEBUG] 2018-09-14 10:40:36.264 [<udp.1] netflow - Field definition complete for template 278 {:field=>[:uint16, :output_snmp]}
  526. [DEBUG] 2018-09-14 10:40:36.264 [<udp.1] netflow - Field definition complete for template 278 {:field=>[:uint8, :protocol]}
  527. [DEBUG] 2018-09-14 10:40:36.264 [<udp.1] netflow - Field definition complete for template 278 {:field=>[:uint8, :icmp_type]}
  528. [DEBUG] 2018-09-14 10:40:36.264 [<udp.1] netflow - Field definition complete for template 278 {:field=>[:uint8, :icmp_code]}
  529. [DEBUG] 2018-09-14 10:40:36.264 [<udp.1] netflow - Field definition complete for template 278 {:field=>[:ip6_addr, :xlate_src_addr_ipv6]}
  530. [DEBUG] 2018-09-14 10:40:36.264 [<udp.1] netflow - Field definition complete for template 278 {:field=>[:ip6_addr, :xlate_dst_addr_ipv6]}
  531. [DEBUG] 2018-09-14 10:40:36.265 [<udp.1] netflow - Field definition complete for template 278 {:field=>[:uint16, :xlate_src_port]}
  532. [DEBUG] 2018-09-14 10:40:36.265 [<udp.1] netflow - Field definition complete for template 278 {:field=>[:uint16, :xlate_dst_port]}
  533. [DEBUG] 2018-09-14 10:40:36.265 [<udp.1] netflow - Field definition complete for template 278 {:field=>[:uint8, :fw_event]}
  534. [DEBUG] 2018-09-14 10:40:36.265 [<udp.1] netflow - Field definition complete for template 278 {:field=>[:uint16, :fw_ext_event]}
  535. [DEBUG] 2018-09-14 10:40:36.265 [<udp.1] netflow - Field definition complete for template 278 {:field=>[:uint64, :event_time_msec]}
  536. [DEBUG] 2018-09-14 10:40:36.265 [<udp.1] netflow - Field definition complete for template 278 {:field=>[:uint64, :fwd_flow_delta_bytes]}
  537. [DEBUG] 2018-09-14 10:40:36.266 [<udp.0] netflow - Received template 261 with fields [[:ip4_addr, :ipv4_src_addr], [:uint16, :l4_src_port], [:uint16, :input_snmp], [:ip4_addr, :ipv4_dst_addr], [:uint16, :l4_dst_port], [:uint16, :output_snmp], [:uint8, :protocol], [:uint8, :icmp_type], [:uint8, :icmp_code], [:uint8, :fw_event], [:uint16, :fw_ext_event], [:uint64, :event_time_msec], [:acl_id_asa, :ingress_acl_id], [:acl_id_asa, "egress_acl_id"]]
  538. [DEBUG] 2018-09-14 10:40:36.266 [<udp.1] netflow - Field definition complete for template 278 {:field=>[:uint64, :rev_flow_delta_bytes]}
  539. [DEBUG] 2018-09-14 10:40:36.266 [<udp.1] netflow - Field definition complete for template 278 {:field=>[:uint64, :initiatorPackets]}
  540. [DEBUG] 2018-09-14 10:40:36.266 [<udp.1] netflow - Field definition complete for template 278 {:field=>[:uint64, :responderPackets]}
  541. [DEBUG] 2018-09-14 10:40:36.266 [<udp.1] netflow - Field definition complete for template 278 {:field=>[:uint64, :flow_start_msec]}
  542. [DEBUG] 2018-09-14 10:40:36.269 [<udp.0] netflow - Received template 261 of size 54 bytes. Representing in 54 BinData bytes
  543. [DEBUG] 2018-09-14 10:40:36.272 [<udp.0] netflow - Start processing template
  544. [DEBUG] 2018-09-14 10:40:36.272 [<udp.0] netflow - Field definition complete for template 262 {:field=>[:ip6_addr, :ipv6_src_addr]}
  545. [DEBUG] 2018-09-14 10:40:36.272 [<udp.0] netflow - Field definition complete for template 262 {:field=>[:uint16, :l4_src_port]}
  546. [DEBUG] 2018-09-14 10:40:36.273 [<udp.0] netflow - Field definition complete for template 262 {:field=>[:uint16, :input_snmp]}
  547. [DEBUG] 2018-09-14 10:40:36.273 [<udp.0] netflow - Field definition complete for template 262 {:field=>[:ip6_addr, :ipv6_dst_addr]}
  548. [DEBUG] 2018-09-14 10:40:36.273 [<udp.0] netflow - Field definition complete for template 262 {:field=>[:uint16, :l4_dst_port]}
  549. [DEBUG] 2018-09-14 10:40:36.273 [<udp.0] netflow - Field definition complete for template 262 {:field=>[:uint16, :output_snmp]}
  550. [DEBUG] 2018-09-14 10:40:36.273 [<udp.0] netflow - Field definition complete for template 262 {:field=>[:uint8, :protocol]}
  551. [DEBUG] 2018-09-14 10:40:36.273 [<udp.0] netflow - Field definition complete for template 262 {:field=>[:uint8, :icmp_type_ipv6]}
  552. [DEBUG] 2018-09-14 10:40:36.273 [<udp.0] netflow - Field definition complete for template 262 {:field=>[:uint8, :icmp_code_ipv6]}
  553. [DEBUG] 2018-09-14 10:40:36.273 [<udp.0] netflow - Field definition complete for template 262 {:field=>[:uint8, :fw_event]}
  554. [DEBUG] 2018-09-14 10:40:36.273 [<udp.0] netflow - Field definition complete for template 262 {:field=>[:uint16, :fw_ext_event]}
  555. [DEBUG] 2018-09-14 10:40:36.273 [<udp.0] netflow - Field definition complete for template 262 {:field=>[:uint64, :event_time_msec]}
  556. [DEBUG] 2018-09-14 10:40:36.274 [<udp.0] netflow - Field definition complete for template 262 {:field=>[:acl_id_asa, :ingress_acl_id]}
  557. [DEBUG] 2018-09-14 10:40:36.274 [<udp.0] netflow - Field definition complete for template 262 {:field=>[:acl_id_asa, "egress_acl_id"]}
  558. [DEBUG] 2018-09-14 10:40:36.275 [<udp.1] netflow - Received template 278 with fields [[:uint32, :conn_id], [:ip4_addr, :ipv4_src_addr], [:uint16, :l4_src_port], [:uint16, :input_snmp], [:ip4_addr, :ipv4_dst_addr], [:uint16, :l4_dst_port], [:uint16, :output_snmp], [:uint8, :protocol], [:uint8, :icmp_type], [:uint8, :icmp_code], [:ip6_addr, :xlate_src_addr_ipv6], [:ip6_addr, :xlate_dst_addr_ipv6], [:uint16, :xlate_src_port], [:uint16, :xlate_dst_port], [:uint8, :fw_event], [:uint16, :fw_ext_event], [:uint64, :event_time_msec], [:uint64, :fwd_flow_delta_bytes], [:uint64, :rev_flow_delta_bytes], [:uint64, :initiatorPackets], [:uint64, :responderPackets], [:uint64, :flow_start_msec]]
  559. [DEBUG] 2018-09-14 10:40:36.281 [<udp.1] netflow - Received template 278 of size 110 bytes. Representing in 110 BinData bytes
  560. [DEBUG] 2018-09-14 10:40:36.285 [<udp.1] netflow - Start processing template
  561. [DEBUG] 2018-09-14 10:40:36.285 [<udp.1] netflow - Field definition complete for template 279 {:field=>[:uint32, :conn_id]}
  562. [DEBUG] 2018-09-14 10:40:36.285 [<udp.1] netflow - Field definition complete for template 279 {:field=>[:ip4_addr, :ipv4_src_addr]}
  563. [DEBUG] 2018-09-14 10:40:36.285 [<udp.1] netflow - Field definition complete for template 279 {:field=>[:uint16, :l4_src_port]}
  564. [DEBUG] 2018-09-14 10:40:36.285 [<udp.1] netflow - Field definition complete for template 279 {:field=>[:uint16, :input_snmp]}
  565. [DEBUG] 2018-09-14 10:40:36.285 [<udp.1] netflow - Field definition complete for template 279 {:field=>[:ip4_addr, :ipv4_dst_addr]}
  566. [DEBUG] 2018-09-14 10:40:36.285 [<udp.1] netflow - Field definition complete for template 279 {:field=>[:uint16, :l4_dst_port]}
  567. [DEBUG] 2018-09-14 10:40:36.286 [<udp.1] netflow - Field definition complete for template 279 {:field=>[:uint16, :output_snmp]}
  568. [DEBUG] 2018-09-14 10:40:36.286 [<udp.1] netflow - Field definition complete for template 279 {:field=>[:uint8, :protocol]}
  569. [DEBUG] 2018-09-14 10:40:36.286 [<udp.1] netflow - Field definition complete for template 279 {:field=>[:uint8, :icmp_type]}
  570. [DEBUG] 2018-09-14 10:40:36.286 [<udp.1] netflow - Field definition complete for template 279 {:field=>[:uint8, :icmp_code]}
  571. [DEBUG] 2018-09-14 10:40:36.286 [<udp.1] netflow - Field definition complete for template 279 {:field=>[:ip4_addr, :xlate_src_addr_ipv4]}
  572. [DEBUG] 2018-09-14 10:40:36.286 [<udp.1] netflow - Field definition complete for template 279 {:field=>[:ip6_addr, :xlate_dst_addr_ipv6]}
  573. [DEBUG] 2018-09-14 10:40:36.286 [<udp.1] netflow - Field definition complete for template 279 {:field=>[:uint16, :xlate_src_port]}
  574. [DEBUG] 2018-09-14 10:40:36.286 [<udp.1] netflow - Field definition complete for template 279 {:field=>[:uint16, :xlate_dst_port]}
  575. [DEBUG] 2018-09-14 10:40:36.287 [<udp.1] netflow - Field definition complete for template 279 {:field=>[:uint8, :fw_event]}
  576. [DEBUG] 2018-09-14 10:40:36.287 [<udp.1] netflow - Field definition complete for template 279 {:field=>[:uint16, :fw_ext_event]}
  577. [DEBUG] 2018-09-14 10:40:36.287 [<udp.1] netflow - Field definition complete for template 279 {:field=>[:uint64, :event_time_msec]}
  578. [DEBUG] 2018-09-14 10:40:36.287 [<udp.1] netflow - Field definition complete for template 279 {:field=>[:uint64, :fwd_flow_delta_bytes]}
  579. [DEBUG] 2018-09-14 10:40:36.287 [<udp.1] netflow - Field definition complete for template 279 {:field=>[:uint64, :rev_flow_delta_bytes]}
  580. [DEBUG] 2018-09-14 10:40:36.287 [<udp.1] netflow - Field definition complete for template 279 {:field=>[:uint64, :initiatorPackets]}
  581. [DEBUG] 2018-09-14 10:40:36.287 [<udp.1] netflow - Field definition complete for template 279 {:field=>[:uint64, :responderPackets]}
  582. [DEBUG] 2018-09-14 10:40:36.287 [<udp.1] netflow - Field definition complete for template 279 {:field=>[:uint64, :flow_start_msec]}
  583. [DEBUG] 2018-09-14 10:40:36.288 [<udp.0] netflow - Received template 262 with fields [[:ip6_addr, :ipv6_src_addr], [:uint16, :l4_src_port], [:uint16, :input_snmp], [:ip6_addr, :ipv6_dst_addr], [:uint16, :l4_dst_port], [:uint16, :output_snmp], [:uint8, :protocol], [:uint8, :icmp_type_ipv6], [:uint8, :icmp_code_ipv6], [:uint8, :fw_event], [:uint16, :fw_ext_event], [:uint64, :event_time_msec], [:acl_id_asa, :ingress_acl_id], [:acl_id_asa, "egress_acl_id"]]
  584. [DEBUG] 2018-09-14 10:40:36.292 [<udp.0] netflow - Received template 262 of size 78 bytes. Representing in 78 BinData bytes
  585. [DEBUG] 2018-09-14 10:40:36.298 [<udp.0] netflow - Start processing template
  586. [DEBUG] 2018-09-14 10:40:36.299 [<udp.0] netflow - Field definition complete for template 263 {:field=>[:uint32, :conn_id]}
  587. [DEBUG] 2018-09-14 10:40:36.299 [<udp.0] netflow - Field definition complete for template 263 {:field=>[:ip4_addr, :ipv4_src_addr]}
  588. [DEBUG] 2018-09-14 10:40:36.299 [<udp.0] netflow - Field definition complete for template 263 {:field=>[:uint16, :l4_src_port]}
  589. [DEBUG] 2018-09-14 10:40:36.299 [<udp.0] netflow - Field definition complete for template 263 {:field=>[:uint16, :input_snmp]}
  590. [DEBUG] 2018-09-14 10:40:36.299 [<udp.0] netflow - Field definition complete for template 263 {:field=>[:ip4_addr, :ipv4_dst_addr]}
  591. [DEBUG] 2018-09-14 10:40:36.300 [<udp.0] netflow - Field definition complete for template 263 {:field=>[:uint16, :l4_dst_port]}
  592. [DEBUG] 2018-09-14 10:40:36.300 [<udp.0] netflow - Field definition complete for template 263 {:field=>[:uint16, :output_snmp]}
  593. [DEBUG] 2018-09-14 10:40:36.300 [<udp.0] netflow - Field definition complete for template 263 {:field=>[:uint8, :protocol]}
  594. [DEBUG] 2018-09-14 10:40:36.300 [<udp.0] netflow - Field definition complete for template 263 {:field=>[:uint8, :icmp_type]}
  595. [DEBUG] 2018-09-14 10:40:36.301 [<udp.0] netflow - Field definition complete for template 263 {:field=>[:uint8, :icmp_code]}
  596. [DEBUG] 2018-09-14 10:40:36.301 [<udp.0] netflow - Field definition complete for template 263 {:field=>[:ip4_addr, :xlate_src_addr_ipv4]}
  597. [DEBUG] 2018-09-14 10:40:36.301 [<udp.0] netflow - Field definition complete for template 263 {:field=>[:ip4_addr, :xlate_dst_addr_ipv4]}
  598. [DEBUG] 2018-09-14 10:40:36.301 [<udp.0] netflow - Field definition complete for template 263 {:field=>[:uint16, :xlate_src_port]}
  599. [DEBUG] 2018-09-14 10:40:36.301 [<udp.0] netflow - Field definition complete for template 263 {:field=>[:uint16, :xlate_dst_port]}
  600. [DEBUG] 2018-09-14 10:40:36.302 [<udp.0] netflow - Field definition complete for template 263 {:field=>[:uint8, :fw_event]}
  601. [DEBUG] 2018-09-14 10:40:36.302 [<udp.0] netflow - Field definition complete for template 263 {:field=>[:uint16, :fw_ext_event]}
  602. [DEBUG] 2018-09-14 10:40:36.302 [<udp.0] netflow - Field definition complete for template 263 {:field=>[:uint64, :event_time_msec]}
  603. [DEBUG] 2018-09-14 10:40:36.302 [<udp.0] netflow - Field definition complete for template 263 {:field=>[:uint64, :fwd_flow_delta_bytes]}
  604. [DEBUG] 2018-09-14 10:40:36.302 [<udp.0] netflow - Field definition complete for template 263 {:field=>[:uint64, :rev_flow_delta_bytes]}
  605. [DEBUG] 2018-09-14 10:40:36.302 [<udp.0] netflow - Field definition complete for template 263 {:field=>[:uint64, :initiatorPackets]}
  606. [DEBUG] 2018-09-14 10:40:36.302 [<udp.0] netflow - Field definition complete for template 263 {:field=>[:uint64, :responderPackets]}
  607. [DEBUG] 2018-09-14 10:40:36.303 [<udp.0] netflow - Field definition complete for template 263 {:field=>[:uint64, :flow_start_msec]}
  608. [DEBUG] 2018-09-14 10:40:36.303 [<udp.1] netflow - Received template 279 with fields [[:uint32, :conn_id], [:ip4_addr, :ipv4_src_addr], [:uint16, :l4_src_port], [:uint16, :input_snmp], [:ip4_addr, :ipv4_dst_addr], [:uint16, :l4_dst_port], [:uint16, :output_snmp], [:uint8, :protocol], [:uint8, :icmp_type], [:uint8, :icmp_code], [:ip4_addr, :xlate_src_addr_ipv4], [:ip6_addr, :xlate_dst_addr_ipv6], [:uint16, :xlate_src_port], [:uint16, :xlate_dst_port], [:uint8, :fw_event], [:uint16, :fw_ext_event], [:uint64, :event_time_msec], [:uint64, :fwd_flow_delta_bytes], [:uint64, :rev_flow_delta_bytes], [:uint64, :initiatorPackets], [:uint64, :responderPackets], [:uint64, :flow_start_msec]]
  609. [DEBUG] 2018-09-14 10:40:36.311 [<udp.1] netflow - Received template 279 of size 98 bytes. Representing in 98 BinData bytes
  610. [DEBUG] 2018-09-14 10:40:36.315 [<udp.1] netflow - Start processing template
  611. [DEBUG] 2018-09-14 10:40:36.315 [<udp.1] netflow - Field definition complete for template 280 {:field=>[:uint32, :conn_id]}
  612. [DEBUG] 2018-09-14 10:40:36.316 [<udp.1] netflow - Field definition complete for template 280 {:field=>[:ip6_addr, :ipv6_src_addr]}
  613. [DEBUG] 2018-09-14 10:40:36.316 [<udp.1] netflow - Field definition complete for template 280 {:field=>[:uint16, :l4_src_port]}
  614. [DEBUG] 2018-09-14 10:40:36.316 [<udp.1] netflow - Field definition complete for template 280 {:field=>[:uint16, :input_snmp]}
  615. [DEBUG] 2018-09-14 10:40:36.316 [<udp.1] netflow - Field definition complete for template 280 {:field=>[:ip6_addr, :ipv6_dst_addr]}
  616. [DEBUG] 2018-09-14 10:40:36.316 [<udp.1] netflow - Field definition complete for template 280 {:field=>[:uint16, :l4_dst_port]}
  617. [DEBUG] 2018-09-14 10:40:36.316 [<udp.1] netflow - Field definition complete for template 280 {:field=>[:uint16, :output_snmp]}
  618. [DEBUG] 2018-09-14 10:40:36.316 [<udp.1] netflow - Field definition complete for template 280 {:field=>[:uint8, :protocol]}
  619. [DEBUG] 2018-09-14 10:40:36.316 [<udp.1] netflow - Field definition complete for template 280 {:field=>[:uint8, :icmp_type_ipv6]}
  620. [DEBUG] 2018-09-14 10:40:36.317 [<udp.1] netflow - Field definition complete for template 280 {:field=>[:uint8, :icmp_code_ipv6]}
  621. [DEBUG] 2018-09-14 10:40:36.317 [<udp.1] netflow - Field definition complete for template 280 {:field=>[:ip4_addr, :xlate_src_addr_ipv4]}
  622. [DEBUG] 2018-09-14 10:40:36.317 [<udp.1] netflow - Field definition complete for template 280 {:field=>[:ip4_addr, :xlate_dst_addr_ipv4]}
  623. [DEBUG] 2018-09-14 10:40:36.317 [<udp.1] netflow - Field definition complete for template 280 {:field=>[:uint16, :xlate_src_port]}
  624. [DEBUG] 2018-09-14 10:40:36.317 [<udp.1] netflow - Field definition complete for template 280 {:field=>[:uint16, :xlate_dst_port]}
  625. [DEBUG] 2018-09-14 10:40:36.317 [<udp.1] netflow - Field definition complete for template 280 {:field=>[:uint8, :fw_event]}
  626. [DEBUG] 2018-09-14 10:40:36.317 [<udp.1] netflow - Field definition complete for template 280 {:field=>[:uint16, :fw_ext_event]}
  627. [DEBUG] 2018-09-14 10:40:36.317 [<udp.1] netflow - Field definition complete for template 280 {:field=>[:uint64, :event_time_msec]}
  628. [DEBUG] 2018-09-14 10:40:36.317 [<udp.1] netflow - Field definition complete for template 280 {:field=>[:uint64, :fwd_flow_delta_bytes]}
  629. [DEBUG] 2018-09-14 10:40:36.317 [<udp.1] netflow - Field definition complete for template 280 {:field=>[:uint64, :rev_flow_delta_bytes]}
  630. [DEBUG] 2018-09-14 10:40:36.317 [<udp.1] netflow - Field definition complete for template 280 {:field=>[:uint64, :initiatorPackets]}
  631. [DEBUG] 2018-09-14 10:40:36.318 [<udp.1] netflow - Field definition complete for template 280 {:field=>[:uint64, :responderPackets]}
  632. [DEBUG] 2018-09-14 10:40:36.318 [<udp.1] netflow - Field definition complete for template 280 {:field=>[:uint64, :flow_start_msec]}
  633. [DEBUG] 2018-09-14 10:40:36.320 [<udp.1] netflow - Received template 280 with fields [[:uint32, :conn_id], [:ip6_addr, :ipv6_src_addr], [:uint16, :l4_src_port], [:uint16, :input_snmp], [:ip6_addr, :ipv6_dst_addr], [:uint16, :l4_dst_port], [:uint16, :output_snmp], [:uint8, :protocol], [:uint8, :icmp_type_ipv6], [:uint8, :icmp_code_ipv6], [:ip4_addr, :xlate_src_addr_ipv4], [:ip4_addr, :xlate_dst_addr_ipv4], [:uint16, :xlate_src_port], [:uint16, :xlate_dst_port], [:uint8, :fw_event], [:uint16, :fw_ext_event], [:uint64, :event_time_msec], [:uint64, :fwd_flow_delta_bytes], [:uint64, :rev_flow_delta_bytes], [:uint64, :initiatorPackets], [:uint64, :responderPackets], [:uint64, :flow_start_msec]]
  634. [DEBUG] 2018-09-14 10:40:36.325 [<udp.1] netflow - Received template 280 of size 110 bytes. Representing in 110 BinData bytes
  635. [DEBUG] 2018-09-14 10:40:36.329 [<udp.1] netflow - Start processing template
  636. [DEBUG] 2018-09-14 10:40:36.329 [<udp.1] netflow - Field definition complete for template 281 {:field=>[:uint32, :conn_id]}
  637. [DEBUG] 2018-09-14 10:40:36.330 [<udp.1] netflow - Field definition complete for template 281 {:field=>[:ip6_addr, :ipv6_src_addr]}
  638. [DEBUG] 2018-09-14 10:40:36.330 [<udp.1] netflow - Field definition complete for template 281 {:field=>[:uint16, :l4_src_port]}
  639. [DEBUG] 2018-09-14 10:40:36.330 [<udp.1] netflow - Field definition complete for template 281 {:field=>[:uint16, :input_snmp]}
  640. [DEBUG] 2018-09-14 10:40:36.330 [<udp.1] netflow - Field definition complete for template 281 {:field=>[:ip6_addr, :ipv6_dst_addr]}
  641. [DEBUG] 2018-09-14 10:40:36.330 [<udp.1] netflow - Field definition complete for template 281 {:field=>[:uint16, :l4_dst_port]}
  642. [DEBUG] 2018-09-14 10:40:36.330 [<udp.1] netflow - Field definition complete for template 281 {:field=>[:uint16, :output_snmp]}
  643. [DEBUG] 2018-09-14 10:40:36.330 [<udp.1] netflow - Field definition complete for template 281 {:field=>[:uint8, :protocol]}
  644. [DEBUG] 2018-09-14 10:40:36.330 [<udp.1] netflow - Field definition complete for template 281 {:field=>[:uint8, :icmp_type_ipv6]}
  645. [DEBUG] 2018-09-14 10:40:36.331 [<udp.1] netflow - Field definition complete for template 281 {:field=>[:uint8, :icmp_code_ipv6]}
  646. [DEBUG] 2018-09-14 10:40:36.331 [<udp.1] netflow - Field definition complete for template 281 {:field=>[:ip6_addr, :xlate_src_addr_ipv6]}
  647. [DEBUG] 2018-09-14 10:40:36.331 [<udp.1] netflow - Field definition complete for template 281 {:field=>[:ip4_addr, :xlate_dst_addr_ipv4]}
  648. [DEBUG] 2018-09-14 10:40:36.331 [<udp.1] netflow - Field definition complete for template 281 {:field=>[:uint16, :xlate_src_port]}
  649. [DEBUG] 2018-09-14 10:40:36.331 [<udp.1] netflow - Field definition complete for template 281 {:field=>[:uint16, :xlate_dst_port]}
  650. [DEBUG] 2018-09-14 10:40:36.331 [<udp.1] netflow - Field definition complete for template 281 {:field=>[:uint8, :fw_event]}
  651. [DEBUG] 2018-09-14 10:40:36.331 [<udp.1] netflow - Field definition complete for template 281 {:field=>[:uint16, :fw_ext_event]}
  652. [DEBUG] 2018-09-14 10:40:36.331 [<udp.1] netflow - Field definition complete for template 281 {:field=>[:uint64, :event_time_msec]}
  653. [DEBUG] 2018-09-14 10:40:36.331 [<udp.1] netflow - Field definition complete for template 281 {:field=>[:uint64, :fwd_flow_delta_bytes]}
  654. [DEBUG] 2018-09-14 10:40:36.331 [<udp.1] netflow - Field definition complete for template 281 {:field=>[:uint64, :rev_flow_delta_bytes]}
  655. [DEBUG] 2018-09-14 10:40:36.332 [<udp.1] netflow - Field definition complete for template 281 {:field=>[:uint64, :initiatorPackets]}
  656. [DEBUG] 2018-09-14 10:40:36.332 [<udp.1] netflow - Field definition complete for template 281 {:field=>[:uint64, :responderPackets]}
  657. [DEBUG] 2018-09-14 10:40:36.332 [<udp.1] netflow - Field definition complete for template 281 {:field=>[:uint64, :flow_start_msec]}
  658. [DEBUG] 2018-09-14 10:40:36.332 [<udp.0] netflow - Received template 263 with fields [[:uint32, :conn_id], [:ip4_addr, :ipv4_src_addr], [:uint16, :l4_src_port], [:uint16, :input_snmp], [:ip4_addr, :ipv4_dst_addr], [:uint16, :l4_dst_port], [:uint16, :output_snmp], [:uint8, :protocol], [:uint8, :icmp_type], [:uint8, :icmp_code], [:ip4_addr, :xlate_src_addr_ipv4], [:ip4_addr, :xlate_dst_addr_ipv4], [:uint16, :xlate_src_port], [:uint16, :xlate_dst_port], [:uint8, :fw_event], [:uint16, :fw_ext_event], [:uint64, :event_time_msec], [:uint64, :fwd_flow_delta_bytes], [:uint64, :rev_flow_delta_bytes], [:uint64, :initiatorPackets], [:uint64, :responderPackets], [:uint64, :flow_start_msec]]
  659. [DEBUG] 2018-09-14 10:40:36.336 [<udp.0] netflow - Received template 263 of size 86 bytes. Representing in 86 BinData bytes
  660. [DEBUG] 2018-09-14 10:40:36.339 [<udp.0] netflow - Start processing template
  661. [DEBUG] 2018-09-14 10:40:36.339 [<udp.0] netflow - Field definition complete for template 264 {:field=>[:uint32, :conn_id]}
  662. [DEBUG] 2018-09-14 10:40:36.339 [<udp.0] netflow - Field definition complete for template 264 {:field=>[:ip6_addr, :ipv6_src_addr]}
  663. [DEBUG] 2018-09-14 10:40:36.339 [<udp.0] netflow - Field definition complete for template 264 {:field=>[:uint16, :l4_src_port]}
  664. [DEBUG] 2018-09-14 10:40:36.340 [<udp.0] netflow - Field definition complete for template 264 {:field=>[:uint16, :input_snmp]}
  665. [DEBUG] 2018-09-14 10:40:36.340 [<udp.0] netflow - Field definition complete for template 264 {:field=>[:ip6_addr, :ipv6_dst_addr]}
  666. [DEBUG] 2018-09-14 10:40:36.340 [<udp.0] netflow - Field definition complete for template 264 {:field=>[:uint16, :l4_dst_port]}
  667. [DEBUG] 2018-09-14 10:40:36.340 [<udp.0] netflow - Field definition complete for template 264 {:field=>[:uint16, :output_snmp]}
  668. [DEBUG] 2018-09-14 10:40:36.340 [<udp.0] netflow - Field definition complete for template 264 {:field=>[:uint8, :protocol]}
  669. [DEBUG] 2018-09-14 10:40:36.340 [<udp.0] netflow - Field definition complete for template 264 {:field=>[:uint8, :icmp_type_ipv6]}
  670. [DEBUG] 2018-09-14 10:40:36.340 [<udp.0] netflow - Field definition complete for template 264 {:field=>[:uint8, :icmp_code_ipv6]}
  671. [DEBUG] 2018-09-14 10:40:36.340 [<udp.0] netflow - Field definition complete for template 264 {:field=>[:ip6_addr, :xlate_src_addr_ipv6]}
  672. [DEBUG] 2018-09-14 10:40:36.340 [<udp.0] netflow - Field definition complete for template 264 {:field=>[:ip6_addr, :xlate_dst_addr_ipv6]}
  673. [DEBUG] 2018-09-14 10:40:36.340 [<udp.0] netflow - Field definition complete for template 264 {:field=>[:uint16, :xlate_src_port]}
  674. [DEBUG] 2018-09-14 10:40:36.341 [<udp.0] netflow - Field definition complete for template 264 {:field=>[:uint16, :xlate_dst_port]}
  675. [DEBUG] 2018-09-14 10:40:36.341 [<udp.0] netflow - Field definition complete for template 264 {:field=>[:uint8, :fw_event]}
  676. [DEBUG] 2018-09-14 10:40:36.341 [<udp.0] netflow - Field definition complete for template 264 {:field=>[:uint16, :fw_ext_event]}
  677. [DEBUG] 2018-09-14 10:40:36.341 [<udp.0] netflow - Field definition complete for template 264 {:field=>[:uint64, :event_time_msec]}
  678. [DEBUG] 2018-09-14 10:40:36.341 [<udp.0] netflow - Field definition complete for template 264 {:field=>[:uint64, :fwd_flow_delta_bytes]}
  679. [DEBUG] 2018-09-14 10:40:36.341 [<udp.0] netflow - Field definition complete for template 264 {:field=>[:uint64, :rev_flow_delta_bytes]}
  680. [DEBUG] 2018-09-14 10:40:36.341 [<udp.0] netflow - Field definition complete for template 264 {:field=>[:uint64, :initiatorPackets]}
  681. [DEBUG] 2018-09-14 10:40:36.341 [<udp.0] netflow - Field definition complete for template 264 {:field=>[:uint64, :responderPackets]}
  682. [DEBUG] 2018-09-14 10:40:36.341 [<udp.0] netflow - Field definition complete for template 264 {:field=>[:uint64, :flow_start_msec]}
  683. [DEBUG] 2018-09-14 10:40:36.343 [<udp.1] netflow - Received template 281 with fields [[:uint32, :conn_id], [:ip6_addr, :ipv6_src_addr], [:uint16, :l4_src_port], [:uint16, :input_snmp], [:ip6_addr, :ipv6_dst_addr], [:uint16, :l4_dst_port], [:uint16, :output_snmp], [:uint8, :protocol], [:uint8, :icmp_type_ipv6], [:uint8, :icmp_code_ipv6], [:ip6_addr, :xlate_src_addr_ipv6], [:ip4_addr, :xlate_dst_addr_ipv4], [:uint16, :xlate_src_port], [:uint16, :xlate_dst_port], [:uint8, :fw_event], [:uint16, :fw_ext_event], [:uint64, :event_time_msec], [:uint64, :fwd_flow_delta_bytes], [:uint64, :rev_flow_delta_bytes], [:uint64, :initiatorPackets], [:uint64, :responderPackets], [:uint64, :flow_start_msec]]
  684. [DEBUG] 2018-09-14 10:40:36.349 [<udp.1] netflow - Received template 281 of size 122 bytes. Representing in 122 BinData bytes
  685. [DEBUG] 2018-09-14 10:40:36.351 [<udp.1] netflow - Start processing template
  686. [DEBUG] 2018-09-14 10:40:36.352 [<udp.1] netflow - Field definition complete for template 282 {:field=>[:uint32, :conn_id]}
  687. [DEBUG] 2018-09-14 10:40:36.352 [<udp.1] netflow - Field definition complete for template 282 {:field=>[:ip4_addr, :ipv4_src_addr]}
  688. [DEBUG] 2018-09-14 10:40:36.352 [<udp.1] netflow - Field definition complete for template 282 {:field=>[:uint16, :l4_src_port]}
  689. [DEBUG] 2018-09-14 10:40:36.352 [<udp.1] netflow - Field definition complete for template 282 {:field=>[:uint16, :input_snmp]}
  690. [DEBUG] 2018-09-14 10:40:36.352 [<udp.1] netflow - Field definition complete for template 282 {:field=>[:ip4_addr, :ipv4_dst_addr]}
  691. [DEBUG] 2018-09-14 10:40:36.352 [<udp.1] netflow - Field definition complete for template 282 {:field=>[:uint16, :l4_dst_port]}
  692. [DEBUG] 2018-09-14 10:40:36.352 [<udp.1] netflow - Field definition complete for template 282 {:field=>[:uint16, :output_snmp]}
  693. [DEBUG] 2018-09-14 10:40:36.352 [<udp.1] netflow - Field definition complete for template 282 {:field=>[:uint8, :protocol]}
  694. [DEBUG] 2018-09-14 10:40:36.353 [<udp.1] netflow - Field definition complete for template 282 {:field=>[:uint8, :icmp_type]}
  695. [DEBUG] 2018-09-14 10:40:36.353 [<udp.1] netflow - Field definition complete for template 282 {:field=>[:uint8, :icmp_code]}
  696. [DEBUG] 2018-09-14 10:40:36.353 [<udp.1] netflow - Field definition complete for template 282 {:field=>[:ip6_addr, :xlate_src_addr_ipv6]}
  697. [DEBUG] 2018-09-14 10:40:36.353 [<udp.1] netflow - Field definition complete for template 282 {:field=>[:ip6_addr, :xlate_dst_addr_ipv6]}
  698. [DEBUG] 2018-09-14 10:40:36.353 [<udp.1] netflow - Field definition complete for template 282 {:field=>[:uint16, :xlate_src_port]}
  699. [DEBUG] 2018-09-14 10:40:36.353 [<udp.1] netflow - Field definition complete for template 282 {:field=>[:uint16, :xlate_dst_port]}
  700. [DEBUG] 2018-09-14 10:40:36.353 [<udp.1] netflow - Field definition complete for template 282 {:field=>[:uint8, :fw_event]}
  701. [DEBUG] 2018-09-14 10:40:36.353 [<udp.1] netflow - Field definition complete for template 282 {:field=>[:uint16, :fw_ext_event]}
  702. [DEBUG] 2018-09-14 10:40:36.353 [<udp.1] netflow - Field definition complete for template 282 {:field=>[:uint64, :event_time_msec]}
  703. [DEBUG] 2018-09-14 10:40:36.354 [<udp.1] netflow - Field definition complete for template 282 {:field=>[:uint64, :fwd_flow_delta_bytes]}
  704. [DEBUG] 2018-09-14 10:40:36.354 [<udp.1] netflow - Field definition complete for template 282 {:field=>[:uint64, :rev_flow_delta_bytes]}
  705. [DEBUG] 2018-09-14 10:40:36.354 [<udp.1] netflow - Field definition complete for template 282 {:field=>[:uint64, :initiatorPackets]}
  706. [DEBUG] 2018-09-14 10:40:36.354 [<udp.1] netflow - Field definition complete for template 282 {:field=>[:uint64, :responderPackets]}
  707. [DEBUG] 2018-09-14 10:40:36.354 [<udp.1] netflow - Field definition complete for template 282 {:field=>[:uint64, :flow_start_msec]}
  708. [DEBUG] 2018-09-14 10:40:36.354 [<udp.1] netflow - Field definition complete for template 282 {:field=>[:acl_id_asa, :ingress_acl_id]}
  709. [DEBUG] 2018-09-14 10:40:36.354 [<udp.1] netflow - Field definition complete for template 282 {:field=>[:acl_id_asa, "egress_acl_id"]}
  710. [DEBUG] 2018-09-14 10:40:36.354 [<udp.1] netflow - Field definition complete for template 282 {:field=>[:string, :username, {:length=>20, :trim_padding=>true}]}
  711. [DEBUG] 2018-09-14 10:40:36.355 [<udp.0] netflow - Received template 264 with fields [[:uint32, :conn_id], [:ip6_addr, :ipv6_src_addr], [:uint16, :l4_src_port], [:uint16, :input_snmp], [:ip6_addr, :ipv6_dst_addr], [:uint16, :l4_dst_port], [:uint16, :output_snmp], [:uint8, :protocol], [:uint8, :icmp_type_ipv6], [:uint8, :icmp_code_ipv6], [:ip6_addr, :xlate_src_addr_ipv6], [:ip6_addr, :xlate_dst_addr_ipv6], [:uint16, :xlate_src_port], [:uint16, :xlate_dst_port], [:uint8, :fw_event], [:uint16, :fw_ext_event], [:uint64, :event_time_msec], [:uint64, :fwd_flow_delta_bytes], [:uint64, :rev_flow_delta_bytes], [:uint64, :initiatorPackets], [:uint64, :responderPackets], [:uint64, :flow_start_msec]]
  712. [DEBUG] 2018-09-14 10:40:36.359 [<udp.0] netflow - Received template 264 of size 134 bytes. Representing in 134 BinData bytes
  713. [DEBUG] 2018-09-14 10:40:36.362 [<udp.0] netflow - Start processing template
  714. [DEBUG] 2018-09-14 10:40:36.362 [<udp.0] netflow - Field definition complete for template 265 {:field=>[:uint32, :conn_id]}
  715. [DEBUG] 2018-09-14 10:40:36.362 [<udp.0] netflow - Field definition complete for template 265 {:field=>[:ip4_addr, :ipv4_src_addr]}
  716. [DEBUG] 2018-09-14 10:40:36.362 [<udp.0] netflow - Field definition complete for template 265 {:field=>[:uint16, :l4_src_port]}
  717. [DEBUG] 2018-09-14 10:40:36.363 [<udp.0] netflow - Field definition complete for template 265 {:field=>[:uint16, :input_snmp]}
  718. [DEBUG] 2018-09-14 10:40:36.363 [<udp.0] netflow - Field definition complete for template 265 {:field=>[:ip4_addr, :ipv4_dst_addr]}
  719. [DEBUG] 2018-09-14 10:40:36.363 [<udp.0] netflow - Field definition complete for template 265 {:field=>[:uint16, :l4_dst_port]}
  720. [DEBUG] 2018-09-14 10:40:36.363 [<udp.0] netflow - Field definition complete for template 265 {:field=>[:uint16, :output_snmp]}
  721. [DEBUG] 2018-09-14 10:40:36.363 [<udp.0] netflow - Field definition complete for template 265 {:field=>[:uint8, :protocol]}
  722. [DEBUG] 2018-09-14 10:40:36.363 [<udp.0] netflow - Field definition complete for template 265 {:field=>[:uint8, :icmp_type]}
  723. [DEBUG] 2018-09-14 10:40:36.363 [<udp.0] netflow - Field definition complete for template 265 {:field=>[:uint8, :icmp_code]}
  724. [DEBUG] 2018-09-14 10:40:36.363 [<udp.0] netflow - Field definition complete for template 265 {:field=>[:ip4_addr, :xlate_src_addr_ipv4]}
  725. [DEBUG] 2018-09-14 10:40:36.364 [<udp.0] netflow - Field definition complete for template 265 {:field=>[:ip4_addr, :xlate_dst_addr_ipv4]}
  726. [DEBUG] 2018-09-14 10:40:36.364 [<udp.0] netflow - Field definition complete for template 265 {:field=>[:uint16, :xlate_src_port]}
  727. [DEBUG] 2018-09-14 10:40:36.364 [<udp.0] netflow - Field definition complete for template 265 {:field=>[:uint16, :xlate_dst_port]}
  728. [DEBUG] 2018-09-14 10:40:36.364 [<udp.0] netflow - Field definition complete for template 265 {:field=>[:uint8, :fw_event]}
  729. [DEBUG] 2018-09-14 10:40:36.364 [<udp.0] netflow - Field definition complete for template 265 {:field=>[:uint16, :fw_ext_event]}
  730. [DEBUG] 2018-09-14 10:40:36.364 [<udp.0] netflow - Field definition complete for template 265 {:field=>[:uint64, :event_time_msec]}
  731. [DEBUG] 2018-09-14 10:40:36.364 [<udp.0] netflow - Field definition complete for template 265 {:field=>[:uint64, :fwd_flow_delta_bytes]}
  732. [DEBUG] 2018-09-14 10:40:36.364 [<udp.0] netflow - Field definition complete for template 265 {:field=>[:uint64, :rev_flow_delta_bytes]}
  733. [DEBUG] 2018-09-14 10:40:36.364 [<udp.0] netflow - Field definition complete for template 265 {:field=>[:uint64, :initiatorPackets]}
  734. [DEBUG] 2018-09-14 10:40:36.364 [<udp.0] netflow - Field definition complete for template 265 {:field=>[:uint64, :responderPackets]}
  735. [DEBUG] 2018-09-14 10:40:36.364 [<udp.0] netflow - Field definition complete for template 265 {:field=>[:uint64, :flow_start_msec]}
  736. [DEBUG] 2018-09-14 10:40:36.365 [<udp.0] netflow - Field definition complete for template 265 {:field=>[:acl_id_asa, :ingress_acl_id]}
  737. [DEBUG] 2018-09-14 10:40:36.365 [<udp.0] netflow - Field definition complete for template 265 {:field=>[:acl_id_asa, "egress_acl_id"]}
  738. [DEBUG] 2018-09-14 10:40:36.365 [<udp.0] netflow - Field definition complete for template 265 {:field=>[:string, :username, {:length=>20, :trim_padding=>true}]}
  739. [DEBUG] 2018-09-14 10:40:36.365 [<udp.1] netflow - Received template 282 with fields [[:uint32, :conn_id], [:ip4_addr, :ipv4_src_addr], [:uint16, :l4_src_port], [:uint16, :input_snmp], [:ip4_addr, :ipv4_dst_addr], [:uint16, :l4_dst_port], [:uint16, :output_snmp], [:uint8, :protocol], [:uint8, :icmp_type], [:uint8, :icmp_code], [:ip6_addr, :xlate_src_addr_ipv6], [:ip6_addr, :xlate_dst_addr_ipv6], [:uint16, :xlate_src_port], [:uint16, :xlate_dst_port], [:uint8, :fw_event], [:uint16, :fw_ext_event], [:uint64, :event_time_msec], [:uint64, :fwd_flow_delta_bytes], [:uint64, :rev_flow_delta_bytes], [:uint64, :initiatorPackets], [:uint64, :responderPackets], [:uint64, :flow_start_msec], [:acl_id_asa, :ingress_acl_id], [:acl_id_asa, "egress_acl_id"], [:string, :username, {:length=>20, :trim_padding=>true}]]
  740. [DEBUG] 2018-09-14 10:40:36.372 [<udp.1] netflow - Received template 282 of size 154 bytes. Representing in 154 BinData bytes
  741. [DEBUG] 2018-09-14 10:40:36.375 [<udp.1] netflow - Start processing template
  742. [DEBUG] 2018-09-14 10:40:36.376 [<udp.1] netflow - Field definition complete for template 283 {:field=>[:uint32, :conn_id]}
  743. [DEBUG] 2018-09-14 10:40:36.376 [<udp.1] netflow - Field definition complete for template 283 {:field=>[:ip4_addr, :ipv4_src_addr]}
  744. [DEBUG] 2018-09-14 10:40:36.376 [<udp.1] netflow - Field definition complete for template 283 {:field=>[:uint16, :l4_src_port]}
  745. [DEBUG] 2018-09-14 10:40:36.376 [<udp.1] netflow - Field definition complete for template 283 {:field=>[:uint16, :input_snmp]}
  746. [DEBUG] 2018-09-14 10:40:36.376 [<udp.1] netflow - Field definition complete for template 283 {:field=>[:ip4_addr, :ipv4_dst_addr]}
  747. [DEBUG] 2018-09-14 10:40:36.376 [<udp.1] netflow - Field definition complete for template 283 {:field=>[:uint16, :l4_dst_port]}
  748. [DEBUG] 2018-09-14 10:40:36.376 [<udp.1] netflow - Field definition complete for template 283 {:field=>[:uint16, :output_snmp]}
  749. [DEBUG] 2018-09-14 10:40:36.376 [<udp.1] netflow - Field definition complete for template 283 {:field=>[:uint8, :protocol]}
  750. [DEBUG] 2018-09-14 10:40:36.376 [<udp.1] netflow - Field definition complete for template 283 {:field=>[:uint8, :icmp_type]}
  751. [DEBUG] 2018-09-14 10:40:36.376 [<udp.1] netflow - Field definition complete for template 283 {:field=>[:uint8, :icmp_code]}
  752. [DEBUG] 2018-09-14 10:40:36.377 [<udp.1] netflow - Field definition complete for template 283 {:field=>[:ip6_addr, :xlate_src_addr_ipv6]}
  753. [DEBUG] 2018-09-14 10:40:36.377 [<udp.1] netflow - Field definition complete for template 283 {:field=>[:ip6_addr, :xlate_dst_addr_ipv6]}
  754. [DEBUG] 2018-09-14 10:40:36.377 [<udp.1] netflow - Field definition complete for template 283 {:field=>[:uint16, :xlate_src_port]}
  755. [DEBUG] 2018-09-14 10:40:36.377 [<udp.1] netflow - Field definition complete for template 283 {:field=>[:uint16, :xlate_dst_port]}
  756. [DEBUG] 2018-09-14 10:40:36.377 [<udp.1] netflow - Field definition complete for template 283 {:field=>[:uint8, :fw_event]}
  757. [DEBUG] 2018-09-14 10:40:36.377 [<udp.1] netflow - Field definition complete for template 283 {:field=>[:uint16, :fw_ext_event]}
  758. [DEBUG] 2018-09-14 10:40:36.377 [<udp.1] netflow - Field definition complete for template 283 {:field=>[:uint64, :event_time_msec]}
  759. [DEBUG] 2018-09-14 10:40:36.377 [<udp.1] netflow - Field definition complete for template 283 {:field=>[:uint64, :fwd_flow_delta_bytes]}
  760. [DEBUG] 2018-09-14 10:40:36.378 [<udp.1] netflow - Field definition complete for template 283 {:field=>[:uint64, :rev_flow_delta_bytes]}
  761. [DEBUG] 2018-09-14 10:40:36.378 [<udp.1] netflow - Field definition complete for template 283 {:field=>[:uint64, :initiatorPackets]}
  762. [DEBUG] 2018-09-14 10:40:36.378 [<udp.1] netflow - Field definition complete for template 283 {:field=>[:uint64, :responderPackets]}
  763. [DEBUG] 2018-09-14 10:40:36.378 [<udp.1] netflow - Field definition complete for template 283 {:field=>[:uint64, :flow_start_msec]}
  764. [DEBUG] 2018-09-14 10:40:36.378 [<udp.1] netflow - Field definition complete for template 283 {:field=>[:acl_id_asa, :ingress_acl_id]}
  765. [DEBUG] 2018-09-14 10:40:36.378 [<udp.1] netflow - Field definition complete for template 283 {:field=>[:acl_id_asa, "egress_acl_id"]}
  766. [DEBUG] 2018-09-14 10:40:36.378 [<udp.1] netflow - Field definition complete for template 283 {:field=>[:string, :username, {:length=>65, :trim_padding=>true}]}
  767. [DEBUG] 2018-09-14 10:40:36.380 [<udp.0] netflow - Received template 265 with fields [[:uint32, :conn_id], [:ip4_addr, :ipv4_src_addr], [:uint16, :l4_src_port], [:uint16, :input_snmp], [:ip4_addr, :ipv4_dst_addr], [:uint16, :l4_dst_port], [:uint16, :output_snmp], [:uint8, :protocol], [:uint8, :icmp_type], [:uint8, :icmp_code], [:ip4_addr, :xlate_src_addr_ipv4], [:ip4_addr, :xlate_dst_addr_ipv4], [:uint16, :xlate_src_port], [:uint16, :xlate_dst_port], [:uint8, :fw_event], [:uint16, :fw_ext_event], [:uint64, :event_time_msec], [:uint64, :fwd_flow_delta_bytes], [:uint64, :rev_flow_delta_bytes], [:uint64, :initiatorPackets], [:uint64, :responderPackets], [:uint64, :flow_start_msec], [:acl_id_asa, :ingress_acl_id], [:acl_id_asa, "egress_acl_id"], [:string, :username, {:length=>20, :trim_padding=>true}]]
  768. [DEBUG] 2018-09-14 10:40:36.385 [<udp.0] netflow - Received template 265 of size 130 bytes. Representing in 130 BinData bytes
  769. [DEBUG] 2018-09-14 10:40:36.388 [<udp.0] netflow - Start processing template
  770. [DEBUG] 2018-09-14 10:40:36.389 [<udp.0] netflow - Field definition complete for template 266 {:field=>[:uint32, :conn_id]}
  771. [DEBUG] 2018-09-14 10:40:36.389 [<udp.0] netflow - Field definition complete for template 266 {:field=>[:ip4_addr, :ipv4_src_addr]}
  772. [DEBUG] 2018-09-14 10:40:36.389 [<udp.0] netflow - Field definition complete for template 266 {:field=>[:uint16, :l4_src_port]}
  773. [DEBUG] 2018-09-14 10:40:36.389 [<udp.0] netflow - Field definition complete for template 266 {:field=>[:uint16, :input_snmp]}
  774. [DEBUG] 2018-09-14 10:40:36.389 [<udp.0] netflow - Field definition complete for template 266 {:field=>[:ip4_addr, :ipv4_dst_addr]}
  775. [DEBUG] 2018-09-14 10:40:36.389 [<udp.0] netflow - Field definition complete for template 266 {:field=>[:uint16, :l4_dst_port]}
  776. [DEBUG] 2018-09-14 10:40:36.389 [<udp.0] netflow - Field definition complete for template 266 {:field=>[:uint16, :output_snmp]}
  777. [DEBUG] 2018-09-14 10:40:36.389 [<udp.0] netflow - Field definition complete for template 266 {:field=>[:uint8, :protocol]}
  778. [DEBUG] 2018-09-14 10:40:36.389 [<udp.0] netflow - Field definition complete for template 266 {:field=>[:uint8, :icmp_type]}
  779. [DEBUG] 2018-09-14 10:40:36.389 [<udp.0] netflow - Field definition complete for template 266 {:field=>[:uint8, :icmp_code]}
  780. [DEBUG] 2018-09-14 10:40:36.390 [<udp.0] netflow - Field definition complete for template 266 {:field=>[:ip4_addr, :xlate_src_addr_ipv4]}
  781. [DEBUG] 2018-09-14 10:40:36.390 [<udp.0] netflow - Field definition complete for template 266 {:field=>[:ip4_addr, :xlate_dst_addr_ipv4]}
  782. [DEBUG] 2018-09-14 10:40:36.390 [<udp.0] netflow - Field definition complete for template 266 {:field=>[:uint16, :xlate_src_port]}
  783. [DEBUG] 2018-09-14 10:40:36.390 [<udp.0] netflow - Field definition complete for template 266 {:field=>[:uint16, :xlate_dst_port]}
  784. [DEBUG] 2018-09-14 10:40:36.390 [<udp.0] netflow - Field definition complete for template 266 {:field=>[:uint8, :fw_event]}
  785. [DEBUG] 2018-09-14 10:40:36.390 [<udp.0] netflow - Field definition complete for template 266 {:field=>[:uint16, :fw_ext_event]}
  786. [DEBUG] 2018-09-14 10:40:36.390 [<udp.0] netflow - Field definition complete for template 266 {:field=>[:uint64, :event_time_msec]}
  787. [DEBUG] 2018-09-14 10:40:36.390 [<udp.0] netflow - Field definition complete for template 266 {:field=>[:uint64, :fwd_flow_delta_bytes]}
  788. [DEBUG] 2018-09-14 10:40:36.390 [<udp.0] netflow - Field definition complete for template 266 {:field=>[:uint64, :rev_flow_delta_bytes]}
  789. [DEBUG] 2018-09-14 10:40:36.390 [<udp.0] netflow - Field definition complete for template 266 {:field=>[:uint64, :initiatorPackets]}
  790. [DEBUG] 2018-09-14 10:40:36.391 [<udp.0] netflow - Field definition complete for template 266 {:field=>[:uint64, :responderPackets]}
  791. [DEBUG] 2018-09-14 10:40:36.391 [<udp.0] netflow - Field definition complete for template 266 {:field=>[:uint64, :flow_start_msec]}
  792. [DEBUG] 2018-09-14 10:40:36.391 [<udp.0] netflow - Field definition complete for template 266 {:field=>[:acl_id_asa, :ingress_acl_id]}
  793. [DEBUG] 2018-09-14 10:40:36.391 [<udp.0] netflow - Field definition complete for template 266 {:field=>[:acl_id_asa, "egress_acl_id"]}
  794. [DEBUG] 2018-09-14 10:40:36.391 [<udp.0] netflow - Field definition complete for template 266 {:field=>[:string, :username, {:length=>65, :trim_padding=>true}]}
  795. [DEBUG] 2018-09-14 10:40:36.392 [<udp.1] netflow - Received template 283 with fields [[:uint32, :conn_id], [:ip4_addr, :ipv4_src_addr], [:uint16, :l4_src_port], [:uint16, :input_snmp], [:ip4_addr, :ipv4_dst_addr], [:uint16, :l4_dst_port], [:uint16, :output_snmp], [:uint8, :protocol], [:uint8, :icmp_type], [:uint8, :icmp_code], [:ip6_addr, :xlate_src_addr_ipv6], [:ip6_addr, :xlate_dst_addr_ipv6], [:uint16, :xlate_src_port], [:uint16, :xlate_dst_port], [:uint8, :fw_event], [:uint16, :fw_ext_event], [:uint64, :event_time_msec], [:uint64, :fwd_flow_delta_bytes], [:uint64, :rev_flow_delta_bytes], [:uint64, :initiatorPackets], [:uint64, :responderPackets], [:uint64, :flow_start_msec], [:acl_id_asa, :ingress_acl_id], [:acl_id_asa, "egress_acl_id"], [:string, :username, {:length=>65, :trim_padding=>true}]]
  796. [DEBUG] 2018-09-14 10:40:36.399 [<udp.1] netflow - Received template 283 of size 199 bytes. Representing in 199 BinData bytes
  797. [DEBUG] 2018-09-14 10:40:36.403 [<udp.1] netflow - Start processing template
  798. [DEBUG] 2018-09-14 10:40:36.403 [<udp.1] netflow - Field definition complete for template 284 {:field=>[:uint32, :conn_id]}
  799. [DEBUG] 2018-09-14 10:40:36.404 [<udp.1] netflow - Field definition complete for template 284 {:field=>[:ip6_addr, :ipv6_src_addr]}
  800. [DEBUG] 2018-09-14 10:40:36.404 [<udp.1] netflow - Field definition complete for template 284 {:field=>[:uint16, :l4_src_port]}
  801. [DEBUG] 2018-09-14 10:40:36.404 [<udp.1] netflow - Field definition complete for template 284 {:field=>[:uint16, :input_snmp]}
  802. [DEBUG] 2018-09-14 10:40:36.404 [<udp.1] netflow - Field definition complete for template 284 {:field=>[:ip6_addr, :ipv6_dst_addr]}
  803. [DEBUG] 2018-09-14 10:40:36.404 [<udp.1] netflow - Field definition complete for template 284 {:field=>[:uint16, :l4_dst_port]}
  804. [DEBUG] 2018-09-14 10:40:36.404 [<udp.1] netflow - Field definition complete for template 284 {:field=>[:uint16, :output_snmp]}
  805. [DEBUG] 2018-09-14 10:40:36.404 [<udp.1] netflow - Field definition complete for template 284 {:field=>[:uint8, :protocol]}
  806. [DEBUG] 2018-09-14 10:40:36.404 [<udp.1] netflow - Field definition complete for template 284 {:field=>[:uint8, :icmp_type_ipv6]}
  807. [DEBUG] 2018-09-14 10:40:36.404 [<udp.1] netflow - Field definition complete for template 284 {:field=>[:uint8, :icmp_code_ipv6]}
  808. [DEBUG] 2018-09-14 10:40:36.405 [<udp.1] netflow - Field definition complete for template 284 {:field=>[:ip4_addr, :xlate_src_addr_ipv4]}
  809. [DEBUG] 2018-09-14 10:40:36.405 [<udp.1] netflow - Field definition complete for template 284 {:field=>[:ip4_addr, :xlate_dst_addr_ipv4]}
  810. [DEBUG] 2018-09-14 10:40:36.405 [<udp.1] netflow - Field definition complete for template 284 {:field=>[:uint16, :xlate_src_port]}
  811. [DEBUG] 2018-09-14 10:40:36.405 [<udp.1] netflow - Field definition complete for template 284 {:field=>[:uint16, :xlate_dst_port]}
  812. [DEBUG] 2018-09-14 10:40:36.405 [<udp.1] netflow - Field definition complete for template 284 {:field=>[:uint8, :fw_event]}
  813. [DEBUG] 2018-09-14 10:40:36.405 [<udp.1] netflow - Field definition complete for template 284 {:field=>[:uint16, :fw_ext_event]}
  814. [DEBUG] 2018-09-14 10:40:36.405 [<udp.1] netflow - Field definition complete for template 284 {:field=>[:uint64, :event_time_msec]}
  815. [DEBUG] 2018-09-14 10:40:36.406 [<udp.1] netflow - Field definition complete for template 284 {:field=>[:uint64, :fwd_flow_delta_bytes]}
  816. [DEBUG] 2018-09-14 10:40:36.406 [<udp.1] netflow - Field definition complete for template 284 {:field=>[:uint64, :rev_flow_delta_bytes]}
  817. [DEBUG] 2018-09-14 10:40:36.406 [<udp.1] netflow - Field definition complete for template 284 {:field=>[:uint64, :initiatorPackets]}
  818. [DEBUG] 2018-09-14 10:40:36.406 [<udp.1] netflow - Field definition complete for template 284 {:field=>[:uint64, :responderPackets]}
  819. [DEBUG] 2018-09-14 10:40:36.406 [<udp.1] netflow - Field definition complete for template 284 {:field=>[:uint64, :flow_start_msec]}
  820. [DEBUG] 2018-09-14 10:40:36.406 [<udp.1] netflow - Field definition complete for template 284 {:field=>[:acl_id_asa, :ingress_acl_id]}
  821. [DEBUG] 2018-09-14 10:40:36.406 [<udp.0] netflow - Received template 266 with fields [[:uint32, :conn_id], [:ip4_addr, :ipv4_src_addr], [:uint16, :l4_src_port], [:uint16, :input_snmp], [:ip4_addr, :ipv4_dst_addr], [:uint16, :l4_dst_port], [:uint16, :output_snmp], [:uint8, :protocol], [:uint8, :icmp_type], [:uint8, :icmp_code], [:ip4_addr, :xlate_src_addr_ipv4], [:ip4_addr, :xlate_dst_addr_ipv4], [:uint16, :xlate_src_port], [:uint16, :xlate_dst_port], [:uint8, :fw_event], [:uint16, :fw_ext_event], [:uint64, :event_time_msec], [:uint64, :fwd_flow_delta_bytes], [:uint64, :rev_flow_delta_bytes], [:uint64, :initiatorPackets], [:uint64, :responderPackets], [:uint64, :flow_start_msec], [:acl_id_asa, :ingress_acl_id], [:acl_id_asa, "egress_acl_id"], [:string, :username, {:length=>65, :trim_padding=>true}]]
  822. [DEBUG] 2018-09-14 10:40:36.406 [<udp.1] netflow - Field definition complete for template 284 {:field=>[:acl_id_asa, "egress_acl_id"]}
  823. [DEBUG] 2018-09-14 10:40:36.406 [<udp.1] netflow - Field definition complete for template 284 {:field=>[:string, :username, {:length=>20, :trim_padding=>true}]}
  824. [DEBUG] 2018-09-14 10:40:36.412 [<udp.0] netflow - Received template 266 of size 175 bytes. Representing in 175 BinData bytes
  825. [DEBUG] 2018-09-14 10:40:36.415 [<udp.0] netflow - Start processing template
  826. [DEBUG] 2018-09-14 10:40:36.416 [<udp.0] netflow - Field definition complete for template 267 {:field=>[:uint32, :conn_id]}
  827. [DEBUG] 2018-09-14 10:40:36.416 [<udp.0] netflow - Field definition complete for template 267 {:field=>[:ip6_addr, :ipv6_src_addr]}
  828. [DEBUG] 2018-09-14 10:40:36.416 [<udp.0] netflow - Field definition complete for template 267 {:field=>[:uint16, :l4_src_port]}
  829. [DEBUG] 2018-09-14 10:40:36.416 [<udp.0] netflow - Field definition complete for template 267 {:field=>[:uint16, :input_snmp]}
  830. [DEBUG] 2018-09-14 10:40:36.416 [<udp.0] netflow - Field definition complete for template 267 {:field=>[:ip6_addr, :ipv6_dst_addr]}
  831. [DEBUG] 2018-09-14 10:40:36.416 [<udp.0] netflow - Field definition complete for template 267 {:field=>[:uint16, :l4_dst_port]}
  832. [DEBUG] 2018-09-14 10:40:36.416 [<udp.0] netflow - Field definition complete for template 267 {:field=>[:uint16, :output_snmp]}
  833. [DEBUG] 2018-09-14 10:40:36.416 [<udp.0] netflow - Field definition complete for template 267 {:field=>[:uint8, :protocol]}
  834. [DEBUG] 2018-09-14 10:40:36.416 [<udp.0] netflow - Field definition complete for template 267 {:field=>[:uint8, :icmp_type_ipv6]}
  835. [DEBUG] 2018-09-14 10:40:36.416 [<udp.0] netflow - Field definition complete for template 267 {:field=>[:uint8, :icmp_code_ipv6]}
  836. [DEBUG] 2018-09-14 10:40:36.416 [<udp.0] netflow - Field definition complete for template 267 {:field=>[:ip6_addr, :xlate_src_addr_ipv6]}
  837. [DEBUG] 2018-09-14 10:40:36.416 [<udp.0] netflow - Field definition complete for template 267 {:field=>[:ip6_addr, :xlate_dst_addr_ipv6]}
  838. [DEBUG] 2018-09-14 10:40:36.417 [<udp.0] netflow - Field definition complete for template 267 {:field=>[:uint16, :xlate_src_port]}
  839. [DEBUG] 2018-09-14 10:40:36.417 [<udp.0] netflow - Field definition complete for template 267 {:field=>[:uint16, :xlate_dst_port]}
  840. [DEBUG] 2018-09-14 10:40:36.417 [<udp.0] netflow - Field definition complete for template 267 {:field=>[:uint8, :fw_event]}
  841. [DEBUG] 2018-09-14 10:40:36.417 [<udp.0] netflow - Field definition complete for template 267 {:field=>[:uint16, :fw_ext_event]}
  842. [DEBUG] 2018-09-14 10:40:36.417 [<udp.0] netflow - Field definition complete for template 267 {:field=>[:uint64, :event_time_msec]}
  843. [DEBUG] 2018-09-14 10:40:36.417 [<udp.0] netflow - Field definition complete for template 267 {:field=>[:uint64, :fwd_flow_delta_bytes]}
  844. [DEBUG] 2018-09-14 10:40:36.417 [<udp.0] netflow - Field definition complete for template 267 {:field=>[:uint64, :rev_flow_delta_bytes]}
  845. [DEBUG] 2018-09-14 10:40:36.417 [<udp.0] netflow - Field definition complete for template 267 {:field=>[:uint64, :initiatorPackets]}
  846. [DEBUG] 2018-09-14 10:40:36.417 [<udp.0] netflow - Field definition complete for template 267 {:field=>[:uint64, :responderPackets]}
  847. [DEBUG] 2018-09-14 10:40:36.417 [<udp.0] netflow - Field definition complete for template 267 {:field=>[:uint64, :flow_start_msec]}
  848. [DEBUG] 2018-09-14 10:40:36.417 [<udp.0] netflow - Field definition complete for template 267 {:field=>[:acl_id_asa, :ingress_acl_id]}
  849. [DEBUG] 2018-09-14 10:40:36.417 [<udp.0] netflow - Field definition complete for template 267 {:field=>[:acl_id_asa, "egress_acl_id"]}
  850. [DEBUG] 2018-09-14 10:40:36.418 [<udp.0] netflow - Field definition complete for template 267 {:field=>[:string, :username, {:length=>20, :trim_padding=>true}]}
  851. [DEBUG] 2018-09-14 10:40:36.418 [<udp.1] netflow - Received template 284 with fields [[:uint32, :conn_id], [:ip6_addr, :ipv6_src_addr], [:uint16, :l4_src_port], [:uint16, :input_snmp], [:ip6_addr, :ipv6_dst_addr], [:uint16, :l4_dst_port], [:uint16, :output_snmp], [:uint8, :protocol], [:uint8, :icmp_type_ipv6], [:uint8, :icmp_code_ipv6], [:ip4_addr, :xlate_src_addr_ipv4], [:ip4_addr, :xlate_dst_addr_ipv4], [:uint16, :xlate_src_port], [:uint16, :xlate_dst_port], [:uint8, :fw_event], [:uint16, :fw_ext_event], [:uint64, :event_time_msec], [:uint64, :fwd_flow_delta_bytes], [:uint64, :rev_flow_delta_bytes], [:uint64, :initiatorPackets], [:uint64, :responderPackets], [:uint64, :flow_start_msec], [:acl_id_asa, :ingress_acl_id], [:acl_id_asa, "egress_acl_id"], [:string, :username, {:length=>20, :trim_padding=>true}]]
  852. [DEBUG] 2018-09-14 10:40:36.424 [<udp.1] netflow - Received template 284 of size 154 bytes. Representing in 154 BinData bytes
  853. [DEBUG] 2018-09-14 10:40:36.428 [<udp.1] netflow - Start processing template
  854. [DEBUG] 2018-09-14 10:40:36.429 [<udp.1] netflow - Field definition complete for template 285 {:field=>[:uint32, :conn_id]}
  855. [DEBUG] 2018-09-14 10:40:36.429 [<udp.1] netflow - Field definition complete for template 285 {:field=>[:ip6_addr, :ipv6_src_addr]}
  856. [DEBUG] 2018-09-14 10:40:36.429 [<udp.1] netflow - Field definition complete for template 285 {:field=>[:uint16, :l4_src_port]}
  857. [DEBUG] 2018-09-14 10:40:36.429 [<udp.1] netflow - Field definition complete for template 285 {:field=>[:uint16, :input_snmp]}
  858. [DEBUG] 2018-09-14 10:40:36.429 [<udp.1] netflow - Field definition complete for template 285 {:field=>[:ip6_addr, :ipv6_dst_addr]}
  859. [DEBUG] 2018-09-14 10:40:36.430 [<udp.1] netflow - Field definition complete for template 285 {:field=>[:uint16, :l4_dst_port]}
  860. [DEBUG] 2018-09-14 10:40:36.430 [<udp.1] netflow - Field definition complete for template 285 {:field=>[:uint16, :output_snmp]}
  861. [DEBUG] 2018-09-14 10:40:36.430 [<udp.1] netflow - Field definition complete for template 285 {:field=>[:uint8, :protocol]}
  862. [DEBUG] 2018-09-14 10:40:36.430 [<udp.1] netflow - Field definition complete for template 285 {:field=>[:uint8, :icmp_type_ipv6]}
  863. [DEBUG] 2018-09-14 10:40:36.430 [<udp.1] netflow - Field definition complete for template 285 {:field=>[:uint8, :icmp_code_ipv6]}
  864. [DEBUG] 2018-09-14 10:40:36.430 [<udp.1] netflow - Field definition complete for template 285 {:field=>[:ip4_addr, :xlate_src_addr_ipv4]}
  865. [DEBUG] 2018-09-14 10:40:36.430 [<udp.1] netflow - Field definition complete for template 285 {:field=>[:ip4_addr, :xlate_dst_addr_ipv4]}
  866. [DEBUG] 2018-09-14 10:40:36.430 [<udp.1] netflow - Field definition complete for template 285 {:field=>[:uint16, :xlate_src_port]}
  867. [DEBUG] 2018-09-14 10:40:36.430 [<udp.1] netflow - Field definition complete for template 285 {:field=>[:uint16, :xlate_dst_port]}
  868. [DEBUG] 2018-09-14 10:40:36.430 [<udp.1] netflow - Field definition complete for template 285 {:field=>[:uint8, :fw_event]}
  869. [DEBUG] 2018-09-14 10:40:36.430 [<udp.1] netflow - Field definition complete for template 285 {:field=>[:uint16, :fw_ext_event]}
  870. [DEBUG] 2018-09-14 10:40:36.431 [<udp.1] netflow - Field definition complete for template 285 {:field=>[:uint64, :event_time_msec]}
  871. [DEBUG] 2018-09-14 10:40:36.431 [<udp.1] netflow - Field definition complete for template 285 {:field=>[:uint64, :fwd_flow_delta_bytes]}
  872. [DEBUG] 2018-09-14 10:40:36.431 [<udp.1] netflow - Field definition complete for template 285 {:field=>[:uint64, :rev_flow_delta_bytes]}
  873. [DEBUG] 2018-09-14 10:40:36.431 [<udp.1] netflow - Field definition complete for template 285 {:field=>[:uint64, :initiatorPackets]}
  874. [DEBUG] 2018-09-14 10:40:36.431 [<udp.1] netflow - Field definition complete for template 285 {:field=>[:uint64, :responderPackets]}
  875. [DEBUG] 2018-09-14 10:40:36.431 [<udp.1] netflow - Field definition complete for template 285 {:field=>[:uint64, :flow_start_msec]}
  876. [DEBUG] 2018-09-14 10:40:36.431 [<udp.1] netflow - Field definition complete for template 285 {:field=>[:acl_id_asa, :ingress_acl_id]}
  877. [DEBUG] 2018-09-14 10:40:36.431 [<udp.1] netflow - Field definition complete for template 285 {:field=>[:acl_id_asa, "egress_acl_id"]}
  878. [DEBUG] 2018-09-14 10:40:36.432 [<udp.1] netflow - Field definition complete for template 285 {:field=>[:string, :username, {:length=>65, :trim_padding=>true}]}
  879. [DEBUG] 2018-09-14 10:40:36.433 [<udp.0] netflow - Received template 267 with fields [[:uint32, :conn_id], [:ip6_addr, :ipv6_src_addr], [:uint16, :l4_src_port], [:uint16, :input_snmp], [:ip6_addr, :ipv6_dst_addr], [:uint16, :l4_dst_port], [:uint16, :output_snmp], [:uint8, :protocol], [:uint8, :icmp_type_ipv6], [:uint8, :icmp_code_ipv6], [:ip6_addr, :xlate_src_addr_ipv6], [:ip6_addr, :xlate_dst_addr_ipv6], [:uint16, :xlate_src_port], [:uint16, :xlate_dst_port], [:uint8, :fw_event], [:uint16, :fw_ext_event], [:uint64, :event_time_msec], [:uint64, :fwd_flow_delta_bytes], [:uint64, :rev_flow_delta_bytes], [:uint64, :initiatorPackets], [:uint64, :responderPackets], [:uint64, :flow_start_msec], [:acl_id_asa, :ingress_acl_id], [:acl_id_asa, "egress_acl_id"], [:string, :username, {:length=>20, :trim_padding=>true}]]
  880. [DEBUG] 2018-09-14 10:40:36.443 [<udp.0] netflow - Received template 267 of size 178 bytes. Representing in 178 BinData bytes
  881. [DEBUG] 2018-09-14 10:40:36.449 [<udp.0] netflow - Start processing template
  882. [DEBUG] 2018-09-14 10:40:36.449 [<udp.0] netflow - Field definition complete for template 268 {:field=>[:uint32, :conn_id]}
  883. [DEBUG] 2018-09-14 10:40:36.449 [<udp.0] netflow - Field definition complete for template 268 {:field=>[:ip6_addr, :ipv6_src_addr]}
  884. [DEBUG] 2018-09-14 10:40:36.449 [<udp.0] netflow - Field definition complete for template 268 {:field=>[:uint16, :l4_src_port]}
  885. [DEBUG] 2018-09-14 10:40:36.450 [<udp.0] netflow - Field definition complete for template 268 {:field=>[:uint16, :input_snmp]}
  886. [DEBUG] 2018-09-14 10:40:36.450 [<udp.0] netflow - Field definition complete for template 268 {:field=>[:ip6_addr, :ipv6_dst_addr]}
  887. [DEBUG] 2018-09-14 10:40:36.450 [<udp.0] netflow - Field definition complete for template 268 {:field=>[:uint16, :l4_dst_port]}
  888. [DEBUG] 2018-09-14 10:40:36.450 [<udp.0] netflow - Field definition complete for template 268 {:field=>[:uint16, :output_snmp]}
  889. [DEBUG] 2018-09-14 10:40:36.450 [<udp.0] netflow - Field definition complete for template 268 {:field=>[:uint8, :protocol]}
  890. [DEBUG] 2018-09-14 10:40:36.450 [<udp.0] netflow - Field definition complete for template 268 {:field=>[:uint8, :icmp_type_ipv6]}
  891. [DEBUG] 2018-09-14 10:40:36.450 [<udp.0] netflow - Field definition complete for template 268 {:field=>[:uint8, :icmp_code_ipv6]}
  892. [DEBUG] 2018-09-14 10:40:36.450 [<udp.0] netflow - Field definition complete for template 268 {:field=>[:ip6_addr, :xlate_src_addr_ipv6]}
  893. [DEBUG] 2018-09-14 10:40:36.450 [<udp.0] netflow - Field definition complete for template 268 {:field=>[:ip6_addr, :xlate_dst_addr_ipv6]}
  894. [DEBUG] 2018-09-14 10:40:36.450 [<udp.0] netflow - Field definition complete for template 268 {:field=>[:uint16, :xlate_src_port]}
  895. [DEBUG] 2018-09-14 10:40:36.450 [<udp.0] netflow - Field definition complete for template 268 {:field=>[:uint16, :xlate_dst_port]}
  896. [DEBUG] 2018-09-14 10:40:36.450 [<udp.0] netflow - Field definition complete for template 268 {:field=>[:uint8, :fw_event]}
  897. [DEBUG] 2018-09-14 10:40:36.451 [<udp.0] netflow - Field definition complete for template 268 {:field=>[:uint16, :fw_ext_event]}
  898. [DEBUG] 2018-09-14 10:40:36.451 [<udp.0] netflow - Field definition complete for template 268 {:field=>[:uint64, :event_time_msec]}
  899. [DEBUG] 2018-09-14 10:40:36.451 [<udp.0] netflow - Field definition complete for template 268 {:field=>[:uint64, :fwd_flow_delta_bytes]}
  900. [DEBUG] 2018-09-14 10:40:36.451 [<udp.0] netflow - Field definition complete for template 268 {:field=>[:uint64, :rev_flow_delta_bytes]}
  901. [DEBUG] 2018-09-14 10:40:36.451 [<udp.0] netflow - Field definition complete for template 268 {:field=>[:uint64, :initiatorPackets]}
  902. [DEBUG] 2018-09-14 10:40:36.451 [<udp.0] netflow - Field definition complete for template 268 {:field=>[:uint64, :responderPackets]}
  903. [DEBUG] 2018-09-14 10:40:36.451 [<udp.0] netflow - Field definition complete for template 268 {:field=>[:uint64, :flow_start_msec]}
  904. [DEBUG] 2018-09-14 10:40:36.452 [<udp.0] netflow - Field definition complete for template 268 {:field=>[:acl_id_asa, :ingress_acl_id]}
  905. [DEBUG] 2018-09-14 10:40:36.452 [<udp.0] netflow - Field definition complete for template 268 {:field=>[:acl_id_asa, "egress_acl_id"]}
  906. [DEBUG] 2018-09-14 10:40:36.452 [<udp.0] netflow - Field definition complete for template 268 {:field=>[:string, :username, {:length=>65, :trim_padding=>true}]}
  907. [DEBUG] 2018-09-14 10:40:36.453 [<udp.1] netflow - Received template 285 with fields [[:uint32, :conn_id], [:ip6_addr, :ipv6_src_addr], [:uint16, :l4_src_port], [:uint16, :input_snmp], [:ip6_addr, :ipv6_dst_addr], [:uint16, :l4_dst_port], [:uint16, :output_snmp], [:uint8, :protocol], [:uint8, :icmp_type_ipv6], [:uint8, :icmp_code_ipv6], [:ip4_addr, :xlate_src_addr_ipv4], [:ip4_addr, :xlate_dst_addr_ipv4], [:uint16, :xlate_src_port], [:uint16, :xlate_dst_port], [:uint8, :fw_event], [:uint16, :fw_ext_event], [:uint64, :event_time_msec], [:uint64, :fwd_flow_delta_bytes], [:uint64, :rev_flow_delta_bytes], [:uint64, :initiatorPackets], [:uint64, :responderPackets], [:uint64, :flow_start_msec], [:acl_id_asa, :ingress_acl_id], [:acl_id_asa, "egress_acl_id"], [:string, :username, {:length=>65, :trim_padding=>true}]]
  908. [DEBUG] 2018-09-14 10:40:36.460 [<udp.1] netflow - Received template 285 of size 199 bytes. Representing in 199 BinData bytes
  909. [DEBUG] 2018-09-14 10:40:36.467 [<udp.0] netflow - Received template 268 with fields [[:uint32, :conn_id], [:ip6_addr, :ipv6_src_addr], [:uint16, :l4_src_port], [:uint16, :input_snmp], [:ip6_addr, :ipv6_dst_addr], [:uint16, :l4_dst_port], [:uint16, :output_snmp], [:uint8, :protocol], [:uint8, :icmp_type_ipv6], [:uint8, :icmp_code_ipv6], [:ip6_addr, :xlate_src_addr_ipv6], [:ip6_addr, :xlate_dst_addr_ipv6], [:uint16, :xlate_src_port], [:uint16, :xlate_dst_port], [:uint8, :fw_event], [:uint16, :fw_ext_event], [:uint64, :event_time_msec], [:uint64, :fwd_flow_delta_bytes], [:uint64, :rev_flow_delta_bytes], [:uint64, :initiatorPackets], [:uint64, :responderPackets], [:uint64, :flow_start_msec], [:acl_id_asa, :ingress_acl_id], [:acl_id_asa, "egress_acl_id"], [:string, :username, {:length=>65, :trim_padding=>true}]]
  910. [DEBUG] 2018-09-14 10:40:36.473 [<udp.0] netflow - Received template 268 of size 223 bytes. Representing in 223 BinData bytes
  911. [DEBUG] 2018-09-14 10:40:36.478 [<udp.0] netflow - Start processing template
  912. [DEBUG] 2018-09-14 10:40:36.478 [<udp.0] netflow - Field definition complete for template 269 {:field=>[:uint32, :conn_id]}
  913. [DEBUG] 2018-09-14 10:40:36.479 [<udp.0] netflow - Field definition complete for template 269 {:field=>[:ip4_addr, :ipv4_src_addr]}
  914. [DEBUG] 2018-09-14 10:40:36.479 [<udp.0] netflow - Field definition complete for template 269 {:field=>[:uint16, :l4_src_port]}
  915. [DEBUG] 2018-09-14 10:40:36.479 [<udp.0] netflow - Field definition complete for template 269 {:field=>[:uint16, :input_snmp]}
  916. [DEBUG] 2018-09-14 10:40:36.479 [<udp.0] netflow - Field definition complete for template 269 {:field=>[:ip4_addr, :ipv4_dst_addr]}
  917. [DEBUG] 2018-09-14 10:40:36.479 [<udp.0] netflow - Field definition complete for template 269 {:field=>[:uint16, :l4_dst_port]}
  918. [DEBUG] 2018-09-14 10:40:36.479 [<udp.0] netflow - Field definition complete for template 269 {:field=>[:uint16, :output_snmp]}
  919. [DEBUG] 2018-09-14 10:40:36.479 [<udp.0] netflow - Field definition complete for template 269 {:field=>[:uint8, :protocol]}
  920. [DEBUG] 2018-09-14 10:40:36.479 [<udp.0] netflow - Field definition complete for template 269 {:field=>[:uint8, :icmp_type]}
  921. [DEBUG] 2018-09-14 10:40:36.479 [<udp.0] netflow - Field definition complete for template 269 {:field=>[:uint8, :icmp_code]}
  922. [DEBUG] 2018-09-14 10:40:36.479 [<udp.0] netflow - Field definition complete for template 269 {:field=>[:ip6_addr, :xlate_src_addr_ipv6]}
  923. [DEBUG] 2018-09-14 10:40:36.480 [<udp.0] netflow - Field definition complete for template 269 {:field=>[:ip6_addr, :xlate_dst_addr_ipv6]}
  924. [DEBUG] 2018-09-14 10:40:36.480 [<udp.0] netflow - Field definition complete for template 269 {:field=>[:uint16, :xlate_src_port]}
  925. [DEBUG] 2018-09-14 10:40:36.480 [<udp.0] netflow - Field definition complete for template 269 {:field=>[:uint16, :xlate_dst_port]}
  926. [DEBUG] 2018-09-14 10:40:36.480 [<udp.0] netflow - Field definition complete for template 269 {:field=>[:uint8, :fw_event]}
  927. [DEBUG] 2018-09-14 10:40:36.480 [<udp.0] netflow - Field definition complete for template 269 {:field=>[:uint16, :fw_ext_event]}
  928. [DEBUG] 2018-09-14 10:40:36.480 [<udp.0] netflow - Field definition complete for template 269 {:field=>[:uint64, :event_time_msec]}
  929. [DEBUG] 2018-09-14 10:40:36.480 [<udp.0] netflow - Field definition complete for template 269 {:field=>[:uint64, :flow_start_msec]}
  930. [DEBUG] 2018-09-14 10:40:36.480 [<udp.0] netflow - Field definition complete for template 269 {:field=>[:acl_id_asa, :ingress_acl_id]}
  931. [DEBUG] 2018-09-14 10:40:36.480 [<udp.0] netflow - Field definition complete for template 269 {:field=>[:acl_id_asa, "egress_acl_id"]}
  932. [DEBUG] 2018-09-14 10:40:36.480 [<udp.0] netflow - Field definition complete for template 269 {:field=>[:string, :username, {:length=>20, :trim_padding=>true}]}
  933. [DEBUG] 2018-09-14 10:40:36.489 [<udp.0] netflow - Received template 269 with fields [[:uint32, :conn_id], [:ip4_addr, :ipv4_src_addr], [:uint16, :l4_src_port], [:uint16, :input_snmp], [:ip4_addr, :ipv4_dst_addr], [:uint16, :l4_dst_port], [:uint16, :output_snmp], [:uint8, :protocol], [:uint8, :icmp_type], [:uint8, :icmp_code], [:ip6_addr, :xlate_src_addr_ipv6], [:ip6_addr, :xlate_dst_addr_ipv6], [:uint16, :xlate_src_port], [:uint16, :xlate_dst_port], [:uint8, :fw_event], [:uint16, :fw_ext_event], [:uint64, :event_time_msec], [:uint64, :flow_start_msec], [:acl_id_asa, :ingress_acl_id], [:acl_id_asa, "egress_acl_id"], [:string, :username, {:length=>20, :trim_padding=>true}]]
  934. [DEBUG] 2018-09-14 10:40:36.494 [<udp.0] netflow - Received template 269 of size 122 bytes. Representing in 122 BinData bytes
  935. [DEBUG] 2018-09-14 10:40:36.497 [<udp.0] netflow - Start processing template
  936. [DEBUG] 2018-09-14 10:40:36.497 [<udp.0] netflow - Field definition complete for template 270 {:field=>[:uint32, :conn_id]}
  937. [DEBUG] 2018-09-14 10:40:36.497 [<udp.0] netflow - Field definition complete for template 270 {:field=>[:ip4_addr, :ipv4_src_addr]}
  938. [DEBUG] 2018-09-14 10:40:36.497 [<udp.0] netflow - Field definition complete for template 270 {:field=>[:uint16, :l4_src_port]}
  939. [DEBUG] 2018-09-14 10:40:36.497 [<udp.0] netflow - Field definition complete for template 270 {:field=>[:uint16, :input_snmp]}
  940. [DEBUG] 2018-09-14 10:40:36.497 [<udp.0] netflow - Field definition complete for template 270 {:field=>[:ip4_addr, :ipv4_dst_addr]}
  941. [DEBUG] 2018-09-14 10:40:36.497 [<udp.0] netflow - Field definition complete for template 270 {:field=>[:uint16, :l4_dst_port]}
  942. [DEBUG] 2018-09-14 10:40:36.497 [<udp.0] netflow - Field definition complete for template 270 {:field=>[:uint16, :output_snmp]}
  943. [DEBUG] 2018-09-14 10:40:36.497 [<udp.0] netflow - Field definition complete for template 270 {:field=>[:uint8, :protocol]}
  944. [DEBUG] 2018-09-14 10:40:36.497 [<udp.0] netflow - Field definition complete for template 270 {:field=>[:uint8, :icmp_type]}
  945. [DEBUG] 2018-09-14 10:40:36.498 [<udp.0] netflow - Field definition complete for template 270 {:field=>[:uint8, :icmp_code]}
  946. [DEBUG] 2018-09-14 10:40:36.498 [<udp.0] netflow - Field definition complete for template 270 {:field=>[:ip6_addr, :xlate_src_addr_ipv6]}
  947. [DEBUG] 2018-09-14 10:40:36.498 [<udp.0] netflow - Field definition complete for template 270 {:field=>[:ip6_addr, :xlate_dst_addr_ipv6]}
  948. [DEBUG] 2018-09-14 10:40:36.498 [<udp.0] netflow - Field definition complete for template 270 {:field=>[:uint16, :xlate_src_port]}
  949. [DEBUG] 2018-09-14 10:40:36.498 [<udp.0] netflow - Field definition complete for template 270 {:field=>[:uint16, :xlate_dst_port]}
  950. [DEBUG] 2018-09-14 10:40:36.498 [<udp.0] netflow - Field definition complete for template 270 {:field=>[:uint8, :fw_event]}
  951. [DEBUG] 2018-09-14 10:40:36.498 [<udp.0] netflow - Field definition complete for template 270 {:field=>[:uint16, :fw_ext_event]}
  952. [DEBUG] 2018-09-14 10:40:36.498 [<udp.0] netflow - Field definition complete for template 270 {:field=>[:uint64, :event_time_msec]}
  953. [DEBUG] 2018-09-14 10:40:36.498 [<udp.0] netflow - Field definition complete for template 270 {:field=>[:uint64, :flow_start_msec]}
  954. [DEBUG] 2018-09-14 10:40:36.498 [<udp.0] netflow - Field definition complete for template 270 {:field=>[:acl_id_asa, :ingress_acl_id]}
  955. [DEBUG] 2018-09-14 10:40:36.498 [<udp.0] netflow - Field definition complete for template 270 {:field=>[:acl_id_asa, "egress_acl_id"]}
  956. [DEBUG] 2018-09-14 10:40:36.498 [<udp.0] netflow - Field definition complete for template 270 {:field=>[:string, :username, {:length=>65, :trim_padding=>true}]}
  957. [DEBUG] 2018-09-14 10:40:36.502 [<udp.0] netflow - Received template 270 with fields [[:uint32, :conn_id], [:ip4_addr, :ipv4_src_addr], [:uint16, :l4_src_port], [:uint16, :input_snmp], [:ip4_addr, :ipv4_dst_addr], [:uint16, :l4_dst_port], [:uint16, :output_snmp], [:uint8, :protocol], [:uint8, :icmp_type], [:uint8, :icmp_code], [:ip6_addr, :xlate_src_addr_ipv6], [:ip6_addr, :xlate_dst_addr_ipv6], [:uint16, :xlate_src_port], [:uint16, :xlate_dst_port], [:uint8, :fw_event], [:uint16, :fw_ext_event], [:uint64, :event_time_msec], [:uint64, :flow_start_msec], [:acl_id_asa, :ingress_acl_id], [:acl_id_asa, "egress_acl_id"], [:string, :username, {:length=>65, :trim_padding=>true}]]
  958. [DEBUG] 2018-09-14 10:40:36.506 [<udp.0] netflow - Received template 270 of size 167 bytes. Representing in 167 BinData bytes
  959. [DEBUG] 2018-09-14 10:40:36.509 [<udp.0] netflow - Start processing template
  960. [DEBUG] 2018-09-14 10:40:36.509 [<udp.0] netflow - Field definition complete for template 271 {:field=>[:uint32, :conn_id]}
  961. [DEBUG] 2018-09-14 10:40:36.509 [<udp.0] netflow - Field definition complete for template 271 {:field=>[:ip6_addr, :ipv6_src_addr]}
  962. [DEBUG] 2018-09-14 10:40:36.509 [<udp.0] netflow - Field definition complete for template 271 {:field=>[:uint16, :l4_src_port]}
  963. [DEBUG] 2018-09-14 10:40:36.509 [<udp.0] netflow - Field definition complete for template 271 {:field=>[:uint16, :input_snmp]}
  964. [DEBUG] 2018-09-14 10:40:36.509 [<udp.0] netflow - Field definition complete for template 271 {:field=>[:ip6_addr, :ipv6_dst_addr]}
  965. [DEBUG] 2018-09-14 10:40:36.509 [<udp.0] netflow - Field definition complete for template 271 {:field=>[:uint16, :l4_dst_port]}
  966. [DEBUG] 2018-09-14 10:40:36.509 [<udp.0] netflow - Field definition complete for template 271 {:field=>[:uint16, :output_snmp]}
  967. [DEBUG] 2018-09-14 10:40:36.510 [<udp.0] netflow - Field definition complete for template 271 {:field=>[:uint8, :protocol]}
  968. [DEBUG] 2018-09-14 10:40:36.510 [<udp.0] netflow - Field definition complete for template 271 {:field=>[:uint8, :icmp_type_ipv6]}
  969. [DEBUG] 2018-09-14 10:40:36.510 [<udp.0] netflow - Field definition complete for template 271 {:field=>[:uint8, :icmp_code_ipv6]}
  970. [DEBUG] 2018-09-14 10:40:36.510 [<udp.0] netflow - Field definition complete for template 271 {:field=>[:ip4_addr, :xlate_src_addr_ipv4]}
  971. [DEBUG] 2018-09-14 10:40:36.510 [<udp.0] netflow - Field definition complete for template 271 {:field=>[:ip4_addr, :xlate_dst_addr_ipv4]}
  972. [DEBUG] 2018-09-14 10:40:36.510 [<udp.0] netflow - Field definition complete for template 271 {:field=>[:uint16, :xlate_src_port]}
  973. [DEBUG] 2018-09-14 10:40:36.510 [<udp.0] netflow - Field definition complete for template 271 {:field=>[:uint16, :xlate_dst_port]}
  974. [DEBUG] 2018-09-14 10:40:36.510 [<udp.0] netflow - Field definition complete for template 271 {:field=>[:uint8, :fw_event]}
  975. [DEBUG] 2018-09-14 10:40:36.510 [<udp.0] netflow - Field definition complete for template 271 {:field=>[:uint16, :fw_ext_event]}
  976. [DEBUG] 2018-09-14 10:40:36.510 [<udp.0] netflow - Field definition complete for template 271 {:field=>[:uint64, :event_time_msec]}
  977. [DEBUG] 2018-09-14 10:40:36.510 [<udp.0] netflow - Field definition complete for template 271 {:field=>[:uint64, :flow_start_msec]}
  978. [DEBUG] 2018-09-14 10:40:36.510 [<udp.0] netflow - Field definition complete for template 271 {:field=>[:acl_id_asa, :ingress_acl_id]}
  979. [DEBUG] 2018-09-14 10:40:36.510 [<udp.0] netflow - Field definition complete for template 271 {:field=>[:acl_id_asa, "egress_acl_id"]}
  980. [DEBUG] 2018-09-14 10:40:36.510 [<udp.0] netflow - Field definition complete for template 271 {:field=>[:string, :username, {:length=>20, :trim_padding=>true}]}
  981. [DEBUG] 2018-09-14 10:40:36.513 [<udp.0] netflow - Received template 271 with fields [[:uint32, :conn_id], [:ip6_addr, :ipv6_src_addr], [:uint16, :l4_src_port], [:uint16, :input_snmp], [:ip6_addr, :ipv6_dst_addr], [:uint16, :l4_dst_port], [:uint16, :output_snmp], [:uint8, :protocol], [:uint8, :icmp_type_ipv6], [:uint8, :icmp_code_ipv6], [:ip4_addr, :xlate_src_addr_ipv4], [:ip4_addr, :xlate_dst_addr_ipv4], [:uint16, :xlate_src_port], [:uint16, :xlate_dst_port], [:uint8, :fw_event], [:uint16, :fw_ext_event], [:uint64, :event_time_msec], [:uint64, :flow_start_msec], [:acl_id_asa, :ingress_acl_id], [:acl_id_asa, "egress_acl_id"], [:string, :username, {:length=>20, :trim_padding=>true}]]
  982. [DEBUG] 2018-09-14 10:40:36.517 [<udp.0] netflow - Received template 271 of size 122 bytes. Representing in 122 BinData bytes
  983. [DEBUG] 2018-09-14 10:40:36.715 [Ruby-0-Thread-15: /usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:506] pipeline - Pushing flush onto pipeline {:pipeline_id=>"main", :thread=>"#<Thread:0x680322c4@/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:156 sleep>"}
  984. [DEBUG] 2018-09-14 10:40:40.268 [pool-2-thread-3] cgroup - Error, cannot retrieve cgroups information {:exception=>"Errno::ENOENT", :message=>"No such file or directory - /sys/fs/cgroup/cpuacct/docker/ba1dad67b4edbfe7ac8c399262755bc33d4121f0ae0beb0d78d576f7afbde307/cpuacct.usage"}
  985. [DEBUG] 2018-09-14 10:40:40.371 [pool-2-thread-2] jvm - collector name {:name=>"PS Scavenge"}
  986. [DEBUG] 2018-09-14 10:40:40.371 [pool-2-thread-2] jvm - collector name {:name=>"PS MarkSweep"}
  987. [DEBUG] 2018-09-14 10:40:41.715 [Ruby-0-Thread-15: /usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:506] pipeline - Pushing flush onto pipeline {:pipeline_id=>"main", :thread=>"#<Thread:0x680322c4@/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:156 sleep>"}
  988. [DEBUG] 2018-09-14 10:40:45.271 [pool-2-thread-3] cgroup - Error, cannot retrieve cgroups information {:exception=>"Errno::ENOENT", :message=>"No such file or directory - /sys/fs/cgroup/cpuacct/docker/ba1dad67b4edbfe7ac8c399262755bc33d4121f0ae0beb0d78d576f7afbde307/cpuacct.usage"}
  989. [DEBUG] 2018-09-14 10:40:45.374 [pool-2-thread-2] jvm - collector name {:name=>"PS Scavenge"}
  990. [DEBUG] 2018-09-14 10:40:45.374 [pool-2-thread-2] jvm - collector name {:name=>"PS MarkSweep"}
  991. [DEBUG] 2018-09-14 10:40:46.715 [Ruby-0-Thread-15: /usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:506] pipeline - Pushing flush onto pipeline {:pipeline_id=>"main", :thread=>"#<Thread:0x680322c4@/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:156 sleep>"}
  992. [DEBUG] 2018-09-14 10:40:50.274 [pool-2-thread-3] cgroup - Error, cannot retrieve cgroups information {:exception=>"Errno::ENOENT", :message=>"No such file or directory - /sys/fs/cgroup/cpuacct/docker/ba1dad67b4edbfe7ac8c399262755bc33d4121f0ae0beb0d78d576f7afbde307/cpuacct.usage"}
  993. [DEBUG] 2018-09-14 10:40:50.377 [pool-2-thread-2] jvm - collector name {:name=>"PS Scavenge"}
  994. [DEBUG] 2018-09-14 10:40:50.378 [pool-2-thread-2] jvm - collector name {:name=>"PS MarkSweep"}
  995. [DEBUG] 2018-09-14 10:40:51.715 [Ruby-0-Thread-15: /usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:506] pipeline - Pushing flush onto pipeline {:pipeline_id=>"main", :thread=>"#<Thread:0x680322c4@/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:156 sleep>"}
  996. [DEBUG] 2018-09-14 10:40:55.282 [pool-2-thread-3] cgroup - Error, cannot retrieve cgroups information {:exception=>"Errno::ENOENT", :message=>"No such file or directory - /sys/fs/cgroup/cpuacct/docker/ba1dad67b4edbfe7ac8c399262755bc33d4121f0ae0beb0d78d576f7afbde307/cpuacct.usage"}
  997. [DEBUG] 2018-09-14 10:40:55.383 [pool-2-thread-2] jvm - collector name {:name=>"PS Scavenge"}
  998. [DEBUG] 2018-09-14 10:40:55.383 [pool-2-thread-2] jvm - collector name {:name=>"PS MarkSweep"}
  999. [DEBUG] 2018-09-14 10:40:56.716 [Ruby-0-Thread-15: /usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:506] pipeline - Pushing flush onto pipeline {:pipeline_id=>"main", :thread=>"#<Thread:0x680322c4@/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:156 sleep>"}
  1000. [DEBUG] 2018-09-14 10:41:00.289 [pool-2-thread-3] cgroup - Error, cannot retrieve cgroups information {:exception=>"Errno::ENOENT", :message=>"No such file or directory - /sys/fs/cgroup/cpuacct/docker/ba1dad67b4edbfe7ac8c399262755bc33d4121f0ae0beb0d78d576f7afbde307/cpuacct.usage"}
  1001. [DEBUG] 2018-09-14 10:41:00.389 [pool-2-thread-2] jvm - collector name {:name=>"PS Scavenge"}
  1002. [DEBUG] 2018-09-14 10:41:00.389 [pool-2-thread-2] jvm - collector name {:name=>"PS MarkSweep"}
  1003. [DEBUG] 2018-09-14 10:41:01.716 [Ruby-0-Thread-15: /usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:506] pipeline - Pushing flush onto pipeline {:pipeline_id=>"main", :thread=>"#<Thread:0x680322c4@/usr/share/logstash/logstash-core/lib/logstash/pipeline.rb:156 sleep>"}
  1004. [DEBUG] 2018-09-14 10:41:05.294 [pool-2-thread-3] cgroup - Error, cannot retrieve cgroups information {:exception=>"Errno::ENOENT", :message=>"No such file or directory - /sys/fs/cgroup/cpuacct/docker/ba1dad67b4edbfe7ac8c399262755bc33d4121f0ae0beb0d78d576f7afbde307/cpuacct.usage"}
  1005. [DEBUG] 2018-09-14 10:41:05.397 [pool-2-thread-2] jvm - collector name {:name=>"PS Scavenge"}
  1006. [DEBUG] 2018-09-14 10:41:05.397 [pool-2-thread-2] jvm - collector name {:name=>"PS MarkSweep"}
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!