-
Notifications
You must be signed in to change notification settings - Fork 23
ID2Tv1.0 Statistics DB: Tables
Aidmar Wainakh edited this page Oct 30, 2017
·
1 revision
Querying the SQLite database by standard SQL queries requires knowledge about the database scheme. Therefore we provide following an overview about the tables and fields.
This table contains general information about the dataset.
| Field Name | Description |
|---|---|
| packetCount | Number of packets in the dataset |
| captureDuration | The duration of the capture formatted as "milliseconds.microseconds" |
| timestampFirstPacket | Timestamp of the first packet in the capture, formatted as YYYY-MM-DD HH:MM:SS.MILLISECONDS |
| timestampLastPacket | Timestamp of the last packet in the capture, formatted as YYYY-MM-DD HH:MM:SS.MILLISECONDS |
| avgPacketRate | The average packet rate per second over all hosts, calculated as packetCount divided by captureDuration |
| avgPacketSize | The average packet size over all hosts |
| avgPacketSentPerHost | The average number of packets sent over all hosts |
| avgBandwidthIn | The average incoming bandwidth over all hosts |
| avgBandwidthOut | The average outgoing bandwidth over all hosts |
This table contains general IP statistics related to a specific IP address.
| Field Name | Description |
|---|---|
| ipAddress | IP Address of the host these statistics belong to |
| kybtesSent | KBytes of data sent |
| kybtesReceived | KBytes of data received |
| pktsSent | Number of packets sent |
| pktsReceived | Number of packets received |
This table contains TTL statistics.
| Field Name | Description |
|---|---|
| ipAddress | IP Address of the host |
| ttlValue | TTL value |
| ttlCount | Number of packets using this TTL value |
This table contains information about the used MAC adress for a given IP address. A MAC Address may be used by several IP addresses, for example, in an virtualized environment.
| Field Name | Description |
|---|---|
| ipAddress | IP Address of the host |
| macAddress | MAC Address of the host |
This table provides information about the used TCP/UDP ports.
| Field Name | Description |
|---|---|
| ipAddress | IP Address of the host |
| portDirection | If data was received on this port "in", if data was sent from this port "out" |
| portNumber | Port number |
| portCount | Number of packets using this port |
This table contains statistics about the protocol usage.
| Field Name | Description |
|---|---|
| ipAddress | IP Address of the host |
| protocolName | Name of the protocol, e.g. TCP, UDP, IPv4 |
| protocolCount | Number of packets using this protocol |
This table contains statistics about the used MSS values.
| Field Name | Description |
|---|---|
| ipAddress | IP Address of the host |
| mss | Maximum Segment Size (TCP option) used by the host |