{"help": "https://natwork-data-portal.iti.gr:443/fa_IR/api/3/action/help_show?name=datastore_search", "success": true, "result": {"include_total": true, "limit": 100, "records_format": "objects", "resource_id": "d4864014-a84a-4198-a0ca-b80c85b525b7", "total_estimation_threshold": null, "records": [{"_id":1,"ip.session_id":1,"meta.direction":0,"ip.pkts_per_flow":311,"duration":310.0003650188446,"ip.header_len":6220,"ip.payload_len":13062,"ip.avg_bytes_tot_len":59.333333333333336,"time_between_pkts_sum":21.640539169311523,"time_between_pkts_avg":0.06958372723251294,"time_between_pkts_max":0.1399517059326172,"time_between_pkts_min":0.041961669921875,"time_between_pkts_std":0.014886196305236573,"(-0.001, 50.0]":311,"(50.0, 100.0]":0,"(100.0, 150.0]":0,"(150.0, 200.0]":0,"(200.0, 250.0]":0,"(250.0, 300.0]":0,"(300.0, 350.0]":0,"(350.0, 400.0]":0,"(400.0, 450.0]":0,"(450.0, 500.0]":0,"(500.0, 550.0]":0,"tcp_pkts_per_flow":311,"pkts_rate":1.003224625174537,"tcp_bytes_per_flow":3110,"byte_rate":1.003224625174537,"tcp.tcp_session_payload_up_len":311,"tcp.tcp_session_payload_down_len":311,"(-0.001, 150.0]":311,"(150.0, 300.0]":0,"(300.0, 450.0]":0,"(450.0, 600.0]":0,"(600.0, 750.0]":0,"(750.0, 900.0]":0,"(900.0, 1050.0]":0,"(1050.0, 1200.0]":0,"(1200.0, 1350.0]":0,"(1350.0, 1500.0]":0,"(1500.0, 10000.0]":0,"tcp.fin":0,"tcp.syn":0,"tcp.rst":0,"tcp.psh":311,"tcp.ack":311,"tcp.urg":0,"sport_g":0,"sport_le":311,"dport_g":311,"dport_le":0,"mean_tcp_pkts":502,"std_tcp_pkts":0,"min_tcp_pkts":502,"max_tcp_pkts":502,"entropy_tcp_pkts":0,"mean_tcp_len":10,"std_tcp_len":0.0,"min_tcp_len":10,"max_tcp_len":10,"entropy_tcp_len":0,"ssl.tls_version":0,"malware":1},{"_id":2,"ip.session_id":1,"meta.direction":1,"ip.pkts_per_flow":622,"duration":310.0003809928894,"ip.header_len":12440,"ip.payload_len":23636,"ip.avg_bytes_tot_len":59.333333333333336,"time_between_pkts_sum":309978.7404537201,"time_between_pkts_avg":498.3581036233442,"time_between_pkts_max":1000.2760887145996,"time_between_pkts_min":0.0,"time_between_pkts_std":500.34707376292874,"(-0.001, 50.0]":312,"(50.0, 100.0]":0,"(100.0, 150.0]":0,"(150.0, 200.0]":0,"(200.0, 250.0]":0,"(250.0, 300.0]":0,"(300.0, 350.0]":0,"(350.0, 400.0]":0,"(400.0, 450.0]":0,"(450.0, 500.0]":0,"(500.0, 550.0]":0,"tcp_pkts_per_flow":622,"pkts_rate":2.0064491469585226,"tcp_bytes_per_flow":3732,"byte_rate":2.0064491469585226,"tcp.tcp_session_payload_up_len":622,"tcp.tcp_session_payload_down_len":622,"(-0.001, 150.0]":622,"(150.0, 300.0]":0,"(300.0, 450.0]":0,"(450.0, 600.0]":0,"(600.0, 750.0]":0,"(750.0, 900.0]":0,"(900.0, 1050.0]":0,"(1050.0, 1200.0]":0,"(1200.0, 1350.0]":0,"(1350.0, 1500.0]":0,"(1500.0, 10000.0]":0,"tcp.fin":0,"tcp.syn":0,"tcp.rst":0,"tcp.psh":311,"tcp.ack":622,"tcp.urg":0,"sport_g":622,"sport_le":0,"dport_g":0,"dport_le":622,"mean_tcp_pkts":37648,"std_tcp_pkts":0,"min_tcp_pkts":37648,"max_tcp_pkts":37648,"entropy_tcp_pkts":0,"mean_tcp_len":6,"std_tcp_len":6.004828974624735,"min_tcp_len":0,"max_tcp_len":12,"entropy_tcp_len":0,"ssl.tls_version":0,"malware":1}], "fields": [{"id": "_id", "type": "int"}, {"id": "ip.session_id", "type": "numeric"}, {"id": "meta.direction", "type": "numeric"}, {"id": "ip.pkts_per_flow", "type": "numeric"}, {"id": "duration", "type": "numeric"}, {"id": "ip.header_len", "type": "numeric"}, {"id": "ip.payload_len", "type": "numeric"}, {"id": "ip.avg_bytes_tot_len", "type": "numeric"}, {"id": "time_between_pkts_sum", "type": "numeric"}, {"id": "time_between_pkts_avg", "type": "numeric"}, {"id": "time_between_pkts_max", "type": "numeric"}, {"id": "time_between_pkts_min", "type": "numeric"}, {"id": "time_between_pkts_std", "type": "numeric"}, {"id": "(-0.001, 50.0]", "type": "numeric"}, {"id": "(50.0, 100.0]", "type": "numeric"}, {"id": "(100.0, 150.0]", "type": "numeric"}, {"id": "(150.0, 200.0]", "type": "numeric"}, {"id": "(200.0, 250.0]", "type": "numeric"}, {"id": "(250.0, 300.0]", "type": "numeric"}, {"id": "(300.0, 350.0]", "type": "numeric"}, {"id": "(350.0, 400.0]", "type": "numeric"}, {"id": "(400.0, 450.0]", "type": "numeric"}, {"id": "(450.0, 500.0]", "type": "numeric"}, {"id": "(500.0, 550.0]", "type": "numeric"}, {"id": "tcp_pkts_per_flow", "type": "numeric"}, {"id": "pkts_rate", "type": "numeric"}, {"id": "tcp_bytes_per_flow", "type": "numeric"}, {"id": "byte_rate", "type": "numeric"}, {"id": "tcp.tcp_session_payload_up_len", "type": "numeric"}, {"id": "tcp.tcp_session_payload_down_len", "type": "numeric"}, {"id": "(-0.001, 150.0]", "type": "numeric"}, {"id": "(150.0, 300.0]", "type": "numeric"}, {"id": "(300.0, 450.0]", "type": "numeric"}, {"id": "(450.0, 600.0]", "type": "numeric"}, {"id": "(600.0, 750.0]", "type": "numeric"}, {"id": "(750.0, 900.0]", "type": "numeric"}, {"id": "(900.0, 1050.0]", "type": "numeric"}, {"id": "(1050.0, 1200.0]", "type": "numeric"}, {"id": "(1200.0, 1350.0]", "type": "numeric"}, {"id": "(1350.0, 1500.0]", "type": "numeric"}, {"id": "(1500.0, 10000.0]", "type": "numeric"}, {"id": "tcp.fin", "type": "numeric"}, {"id": "tcp.syn", "type": "numeric"}, {"id": "tcp.rst", "type": "numeric"}, {"id": "tcp.psh", "type": "numeric"}, {"id": "tcp.ack", "type": "numeric"}, {"id": "tcp.urg", "type": "numeric"}, {"id": "sport_g", "type": "numeric"}, {"id": "sport_le", "type": "numeric"}, {"id": "dport_g", "type": "numeric"}, {"id": "dport_le", "type": "numeric"}, {"id": "mean_tcp_pkts", "type": "numeric"}, {"id": "std_tcp_pkts", "type": "numeric"}, {"id": "min_tcp_pkts", "type": "numeric"}, {"id": "max_tcp_pkts", "type": "numeric"}, {"id": "entropy_tcp_pkts", "type": "numeric"}, {"id": "mean_tcp_len", "type": "numeric"}, {"id": "std_tcp_len", "type": "numeric"}, {"id": "min_tcp_len", "type": "numeric"}, {"id": "max_tcp_len", "type": "numeric"}, {"id": "entropy_tcp_len", "type": "numeric"}, {"id": "ssl.tls_version", "type": "numeric"}, {"id": "malware", "type": "numeric"}], "_links": {"start": "/api/3/action/datastore_search?resource_id=d4864014-a84a-4198-a0ca-b80c85b525b7", "next": "/api/3/action/datastore_search?resource_id=d4864014-a84a-4198-a0ca-b80c85b525b7&offset=100"}, "total": 2, "total_was_estimated": false}}