General files in the \files subfolder and EML files in the \mails folder use the following filename formats.
ssssssssss_n_sourceIP_destIP_type_.eml
Example:
0000000520_4_201.86.52.4_10.0.0.13_SMTP_.eml
Where:
Specifies a serial number used to ensure the filename is unique
Specifies the CPU on the NBA that the file was captured on.
On Bivio 7000 appliances, n can be 1c0 to 6c1.
On the Linux Server Platform, n can be 1 to 8.
Specifies the source IP address of the file.
Specifies the destination IP address of the file.
Is one of the following:
AOLMAIL AOLMAIL-SSL CHAT-AIMICQ CHAT-JABBER CHAT-MSN CHAT-SIP CHAT-YAHOO DELTASYNC-RECV DELTASYNC-RECV-SSL DELTASYNC-SEND DELTASYNC-SEND-SSL GMAIL GMAIL-SSL HOTMAIL HOTMAIL-SSL HTTP-POST HTTP-POST-SSL POP3 POP3-SSL SMTP SMTP-SSL YAHOONEW YAHOONEW-SSL
ssssssssss_n_sourceIP-destIP_type_filename
Example:
4C3C792BC2_2c0_au.download.windowsupdate.com(130.119.248.209)_130.119.44.131_HTTP-GET_windows-kb890830-v3.9-d...61c5fada43a2f8788d42.exe
Where:
Is a serial number used to ensure the filename is unique
Specifies the CPU on the NBA that the file was captured on.
On Bivio 7000 appliances, n can be 1c0 to 6c1.
On the Linux Server Platform, n can be 1 to 8.
Specifies the source machine name and, in brackets, the file’s source IP address. If the machine name is not available, only the IP address is used.
Specifies the destination machine name and, in brackets, the file’s source IP address. If the machine name is not available, only the IP address is used.
Is one of the following:
AOLMAIL-ATTACH AOLMAIL-ATTACH-SSL CHAT-SKYPE FILE-AIMICQ FILE-MSN FILE-YAHOO FTP-GET FTP-PUT GMAIL-ATTACH GMAIL-ATTACH-SSL HOTMAIL-ATTACH HOTMAIL-ATTACH-SSL HTTP-GET HTTP-GET-SSL HTTP-POST HTTP-POST-SSL HTTP-URL HTTP-URL-SSL NNTP-GET NNTP-POST SMB YAHOO-ATTACH YAHOO-ATTACH-SSL
|
Copyright © 2014 CA.
All rights reserved.
|
|