[Oisf-users] Question about src_port and dest_port in eve log

Andreas Herz aherz at oisf.net
Fri Sep 6 19:51:46 UTC 2019

Previous message (by thread): [Oisf-users] Question about src_port and dest_port in eve log
Next message (by thread): [Oisf-users] Question about src_port and dest_port in eve log
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 06/09/19 at 15:15, "강지환" wrote:
> I have faced a very strange thing which is that both src_port and dest_port are 0.

Well if you look into the pcap in wireshark you see that the port
information is missing. The IP part says Proto UDP but the UDP ports are
not included.

-- 
Andreas Herz

Previous message (by thread): [Oisf-users] Question about src_port and dest_port in eve log
Next message (by thread): [Oisf-users] Question about src_port and dest_port in eve log
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Oisf-users mailing list