{
  "_index": "logstash-dnp3-2022.09.12",
  "_type": "_doc",
  "_id": "2w9vMoMBfTCdXV7aObhy",
  "_version": 1,
  "_score": null,
  "_source": {
    "timestamp": "2022-09-12T18:01:34.853073+0200",
    "input": {
      "type": "log"
    },
    "see_name": "stamus-central-server",
    "type": "json-log",
    "net_info": {},
    "log": {
      "offset": 1404099472,
      "file": {
        "path": "/var/log/suricata/eve-0.json"
      }
    },
    "flow_id": 1743366763893122,
    "event_type": "dnp3",
    "@version": "1",
    "in_iface": "tppdummy0",
    "see_id": "2e2cf4a77cbd",
    "ether": {
      "src_mac": "00:50:56:c0:00:08",
      "dest_mac": "00:0c:29:24:3a:0a"
    },
    "agent": {
      "id": "9f305fa4-6db1-485c-81f9-598dce1469e3",
      "version": "7.16.1",
      "name": "SSProbe-1",
      "type": "filebeat",
      "ephemeral_id": "50e455b7-c932-4cf1-a630-0675035aba08",
      "hostname": "SSProbe-1"
    },
    "tags": [
      "beats_input_codec_json_applied"
    ],
    "host": "SSProbe-1",
    "dest_ip": "192.168.60.130",
    "dnp3": {
      "src": 10,
      "dst": 1,
      "iin": {
        "indicators": [
          "no_func_code_support"
        ]
      },
      "application": {
        "objects": [],
        "function_code": 129,
        "complete": true,
        "control": {
          "con": false,
          "sequence": 0,
          "uns": false,
          "fir": true,
          "fin": true
        }
      },
      "control": {
        "dir": false,
        "pri": true,
        "fcb": false,
        "fcv": false,
        "function_code": 4
      },
      "type": "response"
    },
    "@timestamp": "2022-09-12T16:01:34.853Z",
    "ecs": {
      "version": "1.12.0"
    },
    "src_port": 49536,
    "proto": "TCP",
    "src_ip": "192.168.60.1",
    "dest_port": 20000
  },
  "fields": {
    "@timestamp": [
      "2022-09-12T16:01:34.853Z"
    ],
    "EveBox": [
      1743366763893122
    ],
    "timestamp": [
      "2022-09-12T16:01:34.853Z"
    ]
  },
  "sort": [
    1662998494853
  ]
}