-
Notifications
You must be signed in to change notification settings - Fork 17
Baseline formats of different Centinel versions
Different versions of centinel save different formats of baseline json files. In this document we will present these different formats.
The following sample belongs to centinel versions prior to 0.1.5.4
{
"meta": {
"as_number": "1",
"server_time": "time",
"ip": "1.2.3.0/24",
"schedule_name": "text",
"as_owner": "AS1111 AS Name",
"country": "Alpha2 Code of Country",
"client_time": "time",
"time_taken": 1.1
},
"baseline": [
{
"tls": {
"www.somewebsite.com:443": {
"cert": "",
"fingerprint": ""
},
"www.someotherwebsite.com:443": {
"tls_error": "",
"fingerprint_error": ""
}
}
"total_time": 1.1
"http": {
"http://www.somewebsite.com": {
"redirects": {
"0": {
"path": "/",
"host": "somewebsite.com",
"response": {
"status": 301,
"headers": {
},
"reason": "Moved Permanently",
"body": ""
}
}
},
"request": {
"path": "/",
"host": "somewebsite.com",
"method": "GET",
"ssl": false
},
"response": {
"status": 200,
"headers": {
},
"reason": "OK",
"body": "" (or "body.b64" : "")
}
},
},
"file_name": "file name",
"file_metadata": {},
"file_comments": [
"comment"
],
"traceroute.udp": {
"www.somewebsite.com": {
"domain": "www.somewebsite.com",
"total_hops": 2,
"hops": {
"1": {
"rtt2": "205.327",
"ip": "172.20.32.1",
"rtt1": "205.517",
"domain_name": "172.20.32.1",
"rtt3": "204.827"
},
"2": {
"raw": "7 * * *"
}
},
"meaningful_hops": 2,
"unparseable_lines": {
"1": "traceroute to www.somewebsite.com (1.1.1.1), 30 hops max, 60 byte packets"
},
"forcefully_terminated": false,
"time_elapsed": 2,
"method": "udp"
}
},
"dns": {
"www. somewebsite.com": {
"domain": "www. somewebsite.com",
"response2": "",
"response1": "",
"request": "",
"response1-ips": [
"1.1.1.1",
"2.2.2.2",
],
"nameserver": "8.8.8.8"
}
},
"url_metadata": {
"http://www.somewebsite.com": {
"theme": "",
"generalStatus": "",
"urlCategories": ""
}
},
"traceroute.tcp": {
"www.somewebsite.com": {
"domain": "www.somewebsite.com",
"total_hops": 3,
"hops": {
"1": {
"raw": "1 1.1.1.1 (1.1.1.1) 152.237 ms 153.893 ms *"
},
"2": {
"raw": "2 * * *"
},
"3": {
"raw": "6 * somewebsite.net (2.2.2.2) 206.775 ms 206.131 ms"
}
},
"meaningful_hops": 0,
"unparseable_lines": {
"1": "traceroute to www.somewebsite.com (1.1.1.1), 30 hops max, 60 byte packets"
},
"forcefully_terminated": false,
"time_elapsed": 9,
"method": "tcp"
}
}
}
]
}
centinel_version has been added to meta.
{
"meta": {
"as_number": "0",
"server_time": "time",
"ip": "1.2.3.0/24",
"schedule_name": "baseline",
"as_owner": "AS0 AS Name",
"centinel_version": "0.1.5.4.1",
"country": "Alpha2 Code of Country",
"client_time": "time",
"time_taken": 381.19438
},
"baseline": [
{
"tls": {
"www.wmx.md:443": {
"cert": "",
"fingerprint": ""
}
},
"total_time": 370.7348291873932,
"http": {
"http://somewebsite.com": {
"request": {
"headers": {
"user-Agent": "Mozilla/5.0 (compatible, MSIE 11, Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko"
},
"host": "somewebsite.com",
"method": "GET",
"ssl": false,
"path": "/"
},
"response": {
"status": 200,
"headers": {
},
"reason": "OK",
"body": ""
}
}
},
"file_name": "file.csv",
"file_metadata": {},
"file_comments": [],
"dns": {
"somewebsite.com": [
{
"nameserver": "8.8.8.8",
"domain": "somewebsite.com",
"response1-ips": [
"1.1.1.1"
]
}
]
},
"url_metadata": {
"http://somewebsite.com": {
"category_code": "CODE",
"notes": "",
"category_description": "Desc for CODE",
"date_added": "time",
"source": ""
}
},
"traceroute.tcp": {
"somewebsite.com": {
"dest_name": "somewebsite.com",
"hops": [
{
"index": 1,
"asn": null,
"probes": [
{
"anno": "",
"ip": null,
"name": null,
"rtt": null
},
{
"anno": "",
"ip": null,
"name": null,
"rtt": null
},
{
"anno": "",
"ip": null,
"name": null,
"rtt": null
}
]
},
],
"forcefully_terminated": false,
"time_elapsed": 2,
"method": "tcp",
"dest_ip": "1.2.3.4"
}
}
}
]
}