<ids-flow-entry>

Usage

<ids-flow-table>
    <ids-flow-entry>
        <ids-flow-source-ip>ids-flow-source-ip</ids-flow-source-ip>
        <ids-flow-destination-ip>ids-flow-destination-ip</ids-flow-destination-ip>
        <ids-flow-time>ids-flow-time</ids-flow-time>
        <ids-flow-flags>ids-flow-flags</ids-flow-flags>
        <ids-flow-long-flags>ids-flow-long-flags</ids-flow-long-flags>
        <ids-flow-count>ids-flow-count</ids-flow-count>
        <ids-flow-application>ids-flow-application</ids-flow-application>
        <ids-bytes-count>ids-bytes-count</ids-bytes-count>
        <ids-packets-count>ids-packets-count</ids-packets-count>
        <ids-flows-count>ids-flows-count</ids-flows-count>
        <ids-anomalies-count>ids-anomalies-count</ids-anomalies-count>
        <ids-anomaly-entry>...</ids-anomaly-entry>
    </ids-flow-entry>
</ids-flow-table>

Description

IDS terse information.

Contents

<ids-anomalies-count>—Number of anomalies.

<ids-anomaly-entry>—IDS anomaly information.

<ids-bytes-count>—Number of bytes.

<ids-flow-application>—Application name.

<ids-flow-count>—Value depend from request (packet number, bytes, and so on).

<ids-flow-destination-ip>—Destination IP address.

<ids-flow-flags>—S - SYN cookie enabled, F - Forced entry.

<ids-flow-long-flags>—SYN cookie enabled, Forced entry.

<ids-flow-source-ip>—Source IP address.

<ids-flow-time>—Time from last event.

<ids-flows-count>—Number of flows.

<ids-packets-count>—Number of packets.