Normalerweise arbeiten wir mit diesem Befehl um Details zu Policy Regeln abzufragen z.B. Packets/Bytes die gematched haben. Im Fall von App-Mon Policies sind diese Werte aber nicht zu sehen, wie im folgenden Fall für die Applikation TeamViewer.
OS6860E-> show active policy rule Rule name : TeamViewer From = ldap, Precedence = 30001, Condition name = TeamViewerCondition, Action name = TeamViewerAction, Validity period name = AllTheTime Rule name : sip-snooping Condition name = sip-snooping, Action name = sip-snooping, Packets = 2230, Bytes = 1214292
Mit diesem Kommando können wir sehen welche Applikationen von Smart Analytics auf dem OmniSwitch 6860E erkannt wurden. Wir schränken die Ausgabe exemplarisch auf die Applikationen Yammer, Xing, Web.de und TeamViewer ein. Für Unternehmen bedeutet dies dass entsprechende Regeln für die HTTPS-basierten Applikationen durchgesetzt werden könnten (Bandbreite begrenzen, Priorität festlegen, DROP (für z.B. Dropbox)).
Ohne egrep bekommt man natürlich die vollständige Liste ausgegeben! egrep -i ignoriert die Groß- und Kleinschreibung und „|“ bedeutet oder.
OS6860E-> show app-mon app-list enforcement active | egrep -i "yammer|xing|web_de|teamviewer" 2581 web_de Web 0 288 516 xing Web 0 234 519 yammer Web 3 189 545 teamviewer Thin Client 0 13
Mit folgendem Kommando ist es möglich sich die umfangreiche Liste von Applikationen auf die Ausgaben zu reduzieren die als Applikation im Netzwerk auch wirklich erkannt wurden.
OS6860E-> show app-mon app-list enforcement active | awk '{if (NF >= 2) if ($(NF-1) > 0 || $(NF) > 0) {print $0};}'
Legend: Application-name: *= Not present in recently updated kit,
App-Id Application App-Grp Matched Matched
Name Name Flow Count Gross Count
742 msrpc Middleware 0 161
191 soap Middleware 0 536
97 krb5 Authentication 60 10881
158 radius Authentication 0 38
75 imap Mail 0 15
76 imaps Mail 2 49
110 mapi Mail 2 307
186 smtp Mail 0 752
208 tds Database 1 1
1293 bmff Audio/Video 0 18
530 itunes Audio/Video 1 361
174 rtcp Audio/Video 10 288
175 rtp Audio/Video 11 1662
182 sip Audio/Video 87 846
534 spotify Audio/Video 0 103
597 viber Audio/Video 0 11
1069 vimeo Audio/Video 0 26
2444 vine Audio/Video 0 1
1118 apns Application Service 3 360
1106 appstore Application Service 3 536
37 epm Application Service 1 988
1122 google_play Application Service 4 361
1126 icloud Application Service 1 1755
1744 iminent Application Service 0 53
1119 ios_ota_update Application Service 0 42
136 nspi Application Service 2 384
149 portmap Application Service 5 8699
1121 samsung_apps Application Service 0 100
196 srvloc Application Service 0 78
204 syslog Application Service 4 2080
1111 windows_marketplace Application Service 0 13
29 dhcp Network Service 6 4726
32 dns Network Service 392 1033281
128 nbns Network Service 3 263
137 ntp Network Service 7 26782
1504 websocket Network Service 1 8
2245 king Game 0 47
2179 the_simpsons_tapped_out Game 0 12
342 xboxlive Game 0 88
1257 58com Web 0 59
956 accuweather Web 0 15
2231 addthis Web 0 82
2280 adobe Web 0 108
1556 adobe_online_office Web 0 39
549 adobe_update Web 0 106
2529 adtech Web 0 148
2587 advertising_com Web 0 3
1284 akamai Web 0 140
968 amazon Web 0 401
2207 amazon_adsystem Web 0 131
1183 amazon_aws Web 0 531
1240 amazon_video Web 0 106
2209 aol Web 0 231
2535 aol_one Web 0 18
306 apple Web 4 3672
2518 apple_location Web 1 1163
1481 apple_siri Web 0 37
563 apple_update Web 0 18
2531 appnexus Web 0 244
2334 appsflyer Web 0 7
1755 avg Web 0 1
714 avg_update Web 0 2
1512 bet365 Web 0 5
2028 bild Web 0 73
547 bing Web 0 356
974 blogger Web 0 28
2322 brightcove Web 0 15
2449 cedexis Web 0 47
567 chrome_update Web 0 30
1445 cloudflare Web 0 247
988 cnn Web 0 54
773 concur Web 0 29
2319 crashlytics Web 0 337
2279 criteo Web 0 161
2301 crittercism Web 0 1
779 dropbox Web 0 108
34 ebay Web 0 63
2016 edgecast Web 0 47
1495 evernote Web 0 2
244 facebook Web 0 854
556 firefox_update Web 0 57
550 flashplugin_update Web 0 24
300 flickr Web 0 11
2519 flipboard Web 0 9
2300 flurry Web 0 96
2340 freewheel Web 0 1
1094 funshion Web 0 1
2483 gcs Web 0 1
54 google Web 13 3112
2150 google_accounts Web 0 65
247 google_ads Web 1 1178
744 google_analytics Web 0 214
1104 google_appengine Web 0 10
800 google_cache Web 0 210
2502 google_calendar Web 0 10
1489 google_docs Web 0 3
55 google_earth Web 0 22
57 google_maps Web 0 359
1125 google_plus Web 0 25
2288 google_safebrowsing Web 0 300
801 google_translate Web 0 12
2336 gravatar Web 0 9
1001 groupon Web 0 50
745 gstatic Web 1 395
1451 here Web 0 20
67 http Web 9 33064
68 https Web 46 261298
1483 imgur Web 0 2
2525 indexexchange Web 0 21
2333 inmobi Web 0 11
2299 inneractive Web 0 10
1175 instagram Web 0 44
561 java_update Web 0 12
2348 liverail Web 0 7
2526 lotame Web 0 6
1454 lync_online Web 1 1742
1468 mapquest Web 0 9
2445 mixpanel Web 0 27
1019 monster Web 0 10
1020 mozilla Web 0 177
125 myspace Web 0 1
1030 nba Web 0 11
2344 nielsen Web 0 18
461 ning Web 0 3
1448 office365 Web 17 5520
2416 onclickads Web 0 5
2523 openx Web 0 103
578 opera_update Web 0 26
1753 orange Web 0 4
1478 outlook Web 5 1742
1747 paypal Web 0 2
1470 pinterest Web 0 17
1039 playstation Web 0 121
2524 pubmatic Web 0 107
1241 qq_web Web 0 2
2238 quantcast Web 0 78
1413 qunar Web 0 2
2536 rlcdn Web 0 16
922 rss Web 0 53
1046 rtl Web 0 6
2527 rubiconproject Web 0 35
844 salesforce Web 0 198
2303 samsung Web 0 22
2237 scorecardresearch Web 0 92
1453 sharepoint_online Web 0 233
1178 shazam Web 0 2
2530 sizmek Web 0 37
850 skydrive Web 0 20
1051 slideshare Web 0 1
2446 smartadserver Web 0 94
1469 spdy Web 0 102
1465 speedtest Web 0 36
1052 spiegel Web 0 169
2350 stickyads Web 0 46
1056 surveymonkey Web 0 4
2250 symantec Web 0 2
1763 t_online Web 0 316
2558 thevideos Web 0 10
860 tidaltv Web 0 9
2277 truste Web 0 24
2236 turn Web 0 4
2343 turner Web 0 1
503 twitter Web 0 633
2581 web_de Web 0 295
222 wikipedia Web 0 14
1288 windows_azure Web 0 16
562 windows_update Web 0 448
298 windowslive Web 3 9229
297 wordpress Web 0 11
516 xing Web 2 319
1294 yahoo Web 0 107
234 yahoo_search Web 0 7
519 yammer Web 5 300
523 yandex Web 0 5
240 youtube Web 1 185
2481 bjnp Printer 0 52397
170 rsh Terminal 0 1
209 telnet Terminal 0 2
190 snmp Network Management 184 331480
305 linkedin Forum 0 435
2215 tapatalk Forum 0 2
51 gmail Webmail 0 113
1116 gmx Webmail 0 88
141 owa Webmail 0 1
236 ymail2 Webmail 0 10
111 mcafee Security Service 0 2
45 ftp File Server 0 638
46 ftp_data File Server 0 22
131 nfs File Server 2 473
211 tftp File Server 0 1343
545 teamviewer Thin Client 0 13
220 vmware Thin Client 0 2
85 ipsec Encrypted 2 6
92 isakmp Encrypted 1 4
330 ocsp Encrypted 0 649
198 ssh Encrypted 1 5283
1913 bits File Transfer 0 75
1912 imessage_file_download File Transfer 0 7
4 unknown Standard 60 38859
275 aim_express Instant Messaging 0 37
281 aims Instant Messaging 0 10
2331 facebook_messenger Instant Messaging 0 10
1441 gtalk Instant Messaging 2 73
94 jabber Instant Messaging 0 2
183 skype Instant Messaging 0 209
1568 touch Instant Messaging 0 6025
1093 whatsapp Instant Messaging 0 74
Number of Applications: 2069
Erweitert man das vorherige Kommando um das Keyword stats so bekommt man die gesuchten Ausgaben zu Packets/Bytes dargestellt.
OS6860E-> show app-mon app-list enforcement active stats
Legend: Application-name: *= Not present in recently updated kit,
App-Id Application App-Grp Matched Active Matched Active Matched Gross Matched Gross
Name Name Packet Count Byte Count Packet Count Byte Count
------+---------------------------------------------------------------------+--------------------------------+----------------+---------------+--------------+----------------
9 amqp Middleware 0 0 0 0
26 dcerpc Middleware 0 0 0 0
914 diop Middleware 0 0 0 0
49 giop Middleware 0 0 0 0
752 giops Middleware 0 0 0 0
913 iiop Middleware 0 0 0 0
2439 java_rmi Middleware 0 0 0 0
... (Ausgabe eingeschränkt, sonst sehr viele Zeilen)
1093 whatsapp Instant Messaging 0 0 11296 7236508
237 ymsg Instant Messaging 0 0 0 0
238 ymsg_conf Instant Messaging 0 0 0 0
276 ymsg_webmessenger Instant Messaging 0 0 0 0
874 yoono Instant Messaging 0 0 0 0
1297 youni Instant Messaging 0 0 0 0
2345 zalo Instant Messaging 0 0 0 0
883 zoho_im Instant Messaging 0 0 0 0
Number of Applications: 2069
Für dieses Kommando werden ebenfalls sehr viele Zeilen für Applikationen ausgegeben die im Netzwerk zwar erkannt und behandelt werden könnten, aber derzeit nicht verwendet wurden. Mit awk kann die Ausgabe auf aktive/erkannte Applikationen reduziert werden.
OS6860E-> show app-mon app-list enforcement active stats | awk '{if (NF >= 4) if ($(NF-3) > 0 || $(NF-2) > 0 || $(NF-1) > 0 || $(NF) > 0) {print $0};}'
Legend: Application-name: *= Not present in recently updated kit,
App-Id Application App-Grp Matched Active Matched Active Matched Gross Matched Gross
Name Name Packet Count Byte Count Packet Count Byte Count
742 msrpc Middleware 0 0 2030 413459
191 soap Middleware 0 0 4954 1190350
97 krb5 Authentication 8 1045 83772 21380922
158 radius Authentication 0 0 245 47644
75 imap Mail 0 0 1204 769864
76 imaps Mail 2 172 2524 904466
110 mapi Mail 120 33810 34329 6457215
186 smtp Mail 0 0 10898 1520433
208 tds Database 29767 13861778 29767 13861778
1293 bmff Audio/Video 0 0 2561 1853293
530 itunes Audio/Video 0 0 334333 241793788
174 rtcp Audio/Video 2303 500734 35502 8340392
175 rtp Audio/Video 560693 125913126 8934889 1987155632
182 sip Audio/Video 792137 598237170 816414 618548210
534 spotify Audio/Video 0 0 85032 60293811
597 viber Audio/Video 0 0 90 11968
1069 vimeo Audio/Video 0 0 16041 11618010
2444 vine Audio/Video 0 0 23 7527
1118 apns Application Service 58 18964 6881 2175780
1106 appstore Application Service 0 0 1136283 714879033
37 epm Application Service 0 0 12374 1747886
1122 google_play Application Service 33 9214 5718 1657727
1126 icloud Application Service 9 674 87608 41448541
1744 iminent Application Service 0 0 525 90745
1119 ios_ota_update Application Service 0 0 704291 537647566
136 nspi Application Service 0 0 2853 809977
149 portmap Application Service 64 5344 54201 4527542
1121 samsung_apps Application Service 2 164 2483 836372
196 srvloc Application Service 0 0 5368 483676
204 syslog Application Service 794396 181652272 817145 186106844
1111 windows_marketplace Application Service 0 0 693 409037
29 dhcp Network Service 37600 21009992 49983 26134379
32 dns Network Service 5546 565715 1786505 189164639
128 nbns Network Service 31 3917 1875 196503
137 ntp Network Service 7348 704024 51309 4928166
1504 websocket Network Service 1213 91006 3509 292316
2245 king Game 0 0 588 119286
2179 the_simpsons_tapped_out Game 0 0 3779 3478592
342 xboxlive Game 0 0 1698 661068
1257 58com Web 0 0 801 470359
956 accuweather Web 0 0 193 61673
2231 addthis Web 0 0 2852 1455394
2280 adobe Web 0 0 2941 1082737
1556 adobe_online_office Web 0 0 1381 577857
549 adobe_update Web 0 0 3132 1415254
2529 adtech Web 0 0 4894 1978323
2587 advertising_com Web 0 0 18 3685
1284 akamai Web 0 0 6042267 4631533222
968 amazon Web 0 0 27764 13623034
2207 amazon_adsystem Web 0 0 2604 613429
1183 amazon_aws Web 4 316 2344680 1413992657
1240 amazon_video Web 0 0 732693 486080469
2209 aol Web 0 0 12371 3857864
2535 aol_one Web 0 0 1721 1073764
306 apple Web 29 11250 1439711 743107257
2518 apple_location Web 0 0 70660 38261485
1481 apple_siri Web 0 0 3260 1295713
563 apple_update Web 0 0 688684 517096376
2531 appnexus Web 0 0 6737 2647071
2334 appsflyer Web 0 0 157 44584
1755 avg Web 0 0 7 1701
714 avg_update Web 0 0 20 5370
1512 bet365 Web 0 0 1045 597577
2028 bild Web 0 0 3762 2406182
547 bing Web 0 0 6890 3174779
974 blogger Web 0 0 1394 660956
2322 brightcove Web 0 0 808 456663
2449 cedexis Web 0 0 1251 419683
567 chrome_update Web 0 0 342 102689
1445 cloudflare Web 0 0 22509 13732911
988 cnn Web 0 0 2074 724629
773 concur Web 0 0 4572 2626673
2319 crashlytics Web 0 0 11550 3730876
2279 criteo Web 0 0 3902 1377370
2301 crittercism Web 0 0 27 8430
779 dropbox Web 0 0 140468 102495130
34 ebay Web 0 0 1710 704892
2016 edgecast Web 0 0 3079 1612601
1495 evernote Web 0 0 107 48441
244 facebook Web 2275 1561248 365836 249264881
556 firefox_update Web 0 0 165005 133791200
550 flashplugin_update Web 0 0 495 200583
300 flickr Web 0 0 3516 2288130
2519 flipboard Web 0 0 189 53409
2300 flurry Web 0 0 2896 922053
2340 freewheel Web 0 0 30 2895
1094 funshion Web 0 0 32 4800
2483 gcs Web 0 0 19 8753
54 google Web 801 127294 238882 120228620
2150 google_accounts Web 1 82 2097 690735
247 google_ads Web 503 283626 70904 28385825
744 google_analytics Web 37 14246 10863 3210653
1104 google_appengine Web 0 0 160 45308
800 google_cache Web 3 242 36190 22318207
2502 google_calendar Web 0 0 489 125392
1489 google_docs Web 0 0 180 71911
55 google_earth Web 0 0 112892 71956461
57 google_maps Web 1 82 25938 14025587
1125 google_plus Web 0 0 2971 1409349
2288 google_safebrowsing Web 1860 1615516 42111 22516395
801 google_translate Web 0 0 1056 248220
2336 gravatar Web 0 0 188 57307
1001 groupon Web 0 0 1737 632275
745 gstatic Web 2 168 45350 26962542
1451 here Web 0 0 1285 569829
67 http Web 3352 2909219 4770755 3497164987
68 https Web 766382 674822840 23632758 21125200296
1483 imgur Web 0 0 105 32067
2525 indexexchange Web 0 0 454 119055
2333 inmobi Web 0 0 141 66601
2299 inneractive Web 0 0 108 30336
1175 instagram Web 0 0 5702 4709761
561 java_update Web 0 0 344 153237
2348 liverail Web 0 0 205 58757
2526 lotame Web 0 0 88 30360
1454 lync_online Web 0 0 51873 34184730
1468 mapquest Web 0 0 264 91262
2445 mixpanel Web 0 0 913 295610
1019 monster Web 0 0 264 122835
1020 mozilla Web 0 0 7936 3490073
125 myspace Web 0 0 30 6538
1030 nba Web 0 0 1609 1025133
2344 nielsen Web 0 0 368 89365
461 ning Web 0 0 37984 42107682
2235 nokia Web 0 0 17 6415
1448 office365 Web 17737 10708564 926946 546844763
2416 onclickads Web 0 0 114 55239
2523 openx Web 0 0 2313 1089233
578 opera_update Web 0 0 2259 765263
1753 orange Web 0 0 226 46470
1478 outlook Web 1 86 49723 25332371
1747 paypal Web 0 0 53 20447
1470 pinterest Web 0 0 814 320179
1039 playstation Web 0 0 2842 1306633
2524 pubmatic Web 0 0 1744 650028
1241 qq_web Web 0 0 24 3174
2238 quantcast Web 0 0 995 256235
1413 qunar Web 0 0 19 3063
2536 rlcdn Web 0 0 201 64879
922 rss Web 0 0 2738 1840085
1046 rtl Web 0 0 442 258935
2527 rubiconproject Web 0 0 1634 649311
844 salesforce Web 1217 343956 34352 18780107
2303 samsung Web 1 82 239 53547
2237 scorecardresearch Web 0 0 1903 447625
1453 sharepoint_online Web 1 74 149074 139794799
1178 shazam Web 0 0 45 12714
2530 sizmek Web 0 0 1982 1150853
850 skydrive Web 6 444 763 391687
1051 slideshare Web 0 0 13 8654
2446 smartadserver Web 0 0 3902 1424464
1469 spdy Web 0 0 10624 4820475
1465 speedtest Web 0 0 67633 46874056
1052 spiegel Web 0 0 8017 4448315
2350 stickyads Web 0 0 1388 447543
1056 surveymonkey Web 0 0 31 2606
2250 symantec Web 0 0 113 67957
1763 t_online Web 0 0 13813 6504875
2558 thevideos Web 0 0 72414 54760011
860 tidaltv Web 0 0 103 27910
2277 truste Web 0 0 635 223100
2236 turn Web 0 0 85 25625
2343 turner Web 0 0 41 7003
503 twitter Web 2 164 36690 20416429
2581 web_de Web 0 0 22822 11691591
222 wikipedia Web 0 0 2218 1309412
1288 windows_azure Web 0 0 2115 1436833
562 windows_update Web 14599 11142913 335741 279785423
298 windowslive Web 8393 1283304 417489 265723683
297 wordpress Web 0 0 324 58422
516 xing Web 0 0 19851 9376096
1294 yahoo Web 0 0 3179 1219260
234 yahoo_search Web 0 0 602 282169
519 yammer Web 998 367026 17455 7386359
523 yandex Web 0 0 122 53623
240 youtube Web 6649 7117607 338512 283573076
2481 bjnp Printer 0 0 2546972 163099250
170 rsh Terminal 0 0 12 2436
209 telnet Terminal 0 0 258 32738
190 snmp Network Management 561409 136373697 5740841 1761520003
305 linkedin Forum 0 0 35153 18287140
2215 tapatalk Forum 0 0 73 35290
51 gmail Webmail 5 559 40910 24637364
1116 gmx Webmail 0 0 3331 1752392
141 owa Webmail 0 0 9 1766
236 ymail2 Webmail 0 0 2525 2511246
111 mcafee Security Service 0 0 59 34130
45 ftp File Server 0 0 19378 1780894
46 ftp_data File Server 0 0 4520 3356278
131 nfs File Server 15028 19777248 1735624 2257351736
211 tftp File Server 8 932 1070 119379
545 teamviewer Thin Client 0 0 194169 65404672
220 vmware Thin Client 0 0 12177 1430186
85 ipsec Encrypted 3695465 807135409 4682100 1355808959
92 isakmp Encrypted 12993 3142652 894886 202447573
330 ocsp Encrypted 194 46037 12663 2746251
198 ssh Encrypted 2963 1333331 2052131 1901131898
1913 bits File Transfer 0 0 172898 169861483
1912 imessage_file_download File Transfer 0 0 7065 5839675
4 unknown Standard 2439358 1233030268 6338771 3483685869
275 aim_express Instant Messaging 0 0 2675 1393141
281 aims Instant Messaging 0 0 278 96207
2331 facebook_messenger Instant Messaging 0 0 322 64405
1441 gtalk Instant Messaging 178 19031 1282 213770
94 jabber Instant Messaging 0 0 45711 3339429
183 skype Instant Messaging 0 0 4688 2064810
1568 touch Instant Messaging 3 222 155403 61660008
1093 whatsapp Instant Messaging 0 0 11296 7236508
Number of Applications: 2069
Normalerweise gibt das Kommando die Werte für „Bytes“ eben auch als solche aus, allerdings fällt es beim Überfliegen der Liste nicht immer leicht sofort einen griffigen Wert im Kopf zu haben. Mit der Unterstützung von awk können die Werte von Bytes in Megabytes (MB) umgerechnet werden, was leichter zu erfassen ist.
Die Werte werden nur als Megabytes dargestellt wenn mehr als 1 MB übertragen wurde, sonst verbleibt der Wert in Bytes.
OS6860E-> show app-mon app-list enforcement active stats | awk -F"[ ]{2,}" 'FNR <= 6 {print $0}; FNR > 6 && NF >= 4 { if (int($5) > 1048576) $5=sprintf("%.2f MB",$5/1024/1024); if (int($7) > 1048576) $7=sprintf("%.2f MB",$7/1024/1024); if ($4 > 0 || $5 > 0 || $6 > 0 || $7 > 0) printf "%-6s %-69s %-32s %-16s %-15s %-14s %-16s\n", $1, $2, $3, $4, $5, $6, $7; else next; }'
Legend: Application-name: *= Not present in recently updated kit,
App-Id Application App-Grp Matched Active Matched Active Matched Gross Matched Gross
Name Name Packet Count Byte Count Packet Count Byte Count
------+---------------------------------------------------------------------+--------------------------------+----------------+---------------+--------------+----------------
742 msrpc Middleware 0 0 2030 413459
191 soap Middleware 0 0 4954 1,14 MB
97 krb5 Authentication 49 17301 83876 20,42 MB
158 radius Authentication 0 0 245 47644
75 imap Mail 0 0 1204 769864
76 imaps Mail 2 172 2524 904466
110 mapi Mail 142 35722 34351 6,16 MB
186 smtp Mail 0 0 10924 1,45 MB
208 tds Database 30234 13,30 MB 30234 13,30 MB
1293 bmff Audio/Video 0 0 2561 1,77 MB
530 itunes Audio/Video 0 0 334396 230,62 MB
174 rtcp Audio/Video 3481 764858 36791 8,23 MB
175 rtp Audio/Video 849400 181,47 MB 9247425 1962,14 MB
182 sip Audio/Video 793354 571,44 MB 817633 590,81 MB
534 spotify Audio/Video 0 0 85032 57,50 MB
597 viber Audio/Video 0 0 90 11968
1069 vimeo Audio/Video 0 0 16041 11,08 MB
2444 vine Audio/Video 0 0 23 7527
1118 apns Application Service 2 160 6885 2,08 MB
1106 appstore Application Service 0 0 1136338 681,80 MB
37 epm Application Service 0 0 12385 1,67 MB
1122 google_play Application Service 507 375627 6705 2,15 MB
1126 icloud Application Service 2 160 88165 39,79 MB
1744 iminent Application Service 0 0 525 90745
1119 ios_ota_update Application Service 0 0 704291 512,74 MB
136 nspi Application Service 0 0 2853 809977
149 portmap Application Service 33 2770 54250 4,32 MB
1121 samsung_apps Application Service 16 2650 2524 846594
196 srvloc Application Service 0 0 5368 483676
204 syslog Application Service 795468 173,47 MB 818223 177,72 MB
1111 windows_marketplace Application Service 0 0 722 423362
29 dhcp Network Service 37766 20,10 MB 50179 25,00 MB
32 dns Network Service 5604 574371 1792187 181,07 MB
128 nbns Network Service 19 2717 1879 197088
137 ntp Network Service 7365 705646 51391 4,71 MB
1504 websocket Network Service 1285 96346 3581 297656
2245 king Game 0 0 588 119286
2179 the_simpsons_tapped_out Game 0 0 3779 3,32 MB
342 xboxlive Game 0 0 1698 661068
1257 58com Web 0 0 801 470359
956 accuweather Web 0 0 193 61673
2231 addthis Web 0 0 2852 1,39 MB
2280 adobe Web 0 0 3123 1,19 MB
1556 adobe_online_office Web 0 0 1488 618255
549 adobe_update Web 3 222 4113 2,20 MB
2529 adtech Web 0 0 4894 1,89 MB
2587 advertising_com Web 0 0 18 3685
1284 akamai Web 0 0 6042267 4416,97 MB
968 amazon Web 17 1394 27868 13,02 MB
2207 amazon_adsystem Web 0 0 2604 613429
1183 amazon_aws Web 9 692 2344963 1348,64 MB
1240 amazon_video Web 0 0 732693 463,56 MB
2209 aol Web 0 0 12371 3,68 MB
2535 aol_one Web 0 0 1721 1,02 MB
306 apple Web 4 304 1458239 718,36 MB
2518 apple_location Web 0 0 70691 36,50 MB
1481 apple_siri Web 0 0 3343 1,26 MB
563 apple_update Web 0 0 688684 493,14 MB
2531 appnexus Web 0 0 6824 2,56 MB
2334 appsflyer Web 0 0 157 44584
1755 avg Web 0 0 7 1701
714 avg_update Web 0 0 20 5370
1512 bet365 Web 0 0 1045 597577
2028 bild Web 0 0 3762 2,29 MB
547 bing Web 0 0 6890 3,03 MB
974 blogger Web 0 0 1394 660956
2322 brightcove Web 0 0 808 456663
2449 cedexis Web 72 24551 1478 506464
567 chrome_update Web 0 0 342 102689
1445 cloudflare Web 1 74 22545 13,11 MB
988 cnn Web 0 0 2074 724629
773 concur Web 0 0 4572 2,50 MB
2319 crashlytics Web 0 0 11627 3,59 MB
2279 criteo Web 68 32618 4052 1,37 MB
2301 crittercism Web 0 0 27 8430
779 dropbox Web 0 0 140468 97,75 MB
34 ebay Web 0 0 1710 704892
2016 edgecast Web 0 0 3079 1,54 MB
1495 evernote Web 0 0 107 48441
244 facebook Web 8 632 366216 237,82 MB
556 firefox_update Web 2 148 165007 127,59 MB
550 flashplugin_update Web 0 0 495 200583
300 flickr Web 0 0 3516 2,18 MB
2519 flipboard Web 0 0 189 53409
2300 flurry Web 0 0 2896 922053
2340 freewheel Web 0 0 30 2895
1094 funshion Web 0 0 32 4800
2483 gcs Web 0 0 19 8753
54 google Web 627 89820 239349 114,78 MB
2150 google_accounts Web 0 0 2100 691004
247 google_ads Web 15 1496 72756 28,49 MB
744 google_analytics Web 8 794 10928 3,08 MB
1104 google_appengine Web 0 0 160 45308
800 google_cache Web 0 0 36227 21,29 MB
2502 google_calendar Web 0 0 489 125392
1489 google_docs Web 0 0 180 71911
55 google_earth Web 0 0 112892 68,62 MB
57 google_maps Web 2 164 25942 13,38 MB
1125 google_plus Web 1 86 2972 1,34 MB
2288 google_safebrowsing Web 1 74 42152 21,48 MB
801 google_translate Web 0 0 1056 248220
2336 gravatar Web 0 0 188 57307
1001 groupon Web 0 0 1737 632275
745 gstatic Web 4 324 45352 25,71 MB
1451 here Web 0 0 1285 569829
67 http Web 1722 1,44 MB 4779159 3341,55 MB
68 https Web 861323 695,02 MB 23757764 20211,64 MB
1483 imgur Web 0 0 105 32067
2525 indexexchange Web 0 0 468 123894
2333 inmobi Web 0 0 141 66601
2299 inneractive Web 0 0 108 30336
1175 instagram Web 0 0 5702 4,49 MB
561 java_update Web 0 0 344 153237
2348 liverail Web 0 0 221 64487
2526 lotame Web 0 0 88 30360
1454 lync_online Web 0 0 51873 32,60 MB
1468 mapquest Web 0 0 264 91262
2445 mixpanel Web 0 0 913 295610
1019 monster Web 0 0 264 122835
1020 mozilla Web 1 74 8099 3,38 MB
125 myspace Web 0 0 30 6538
1030 nba Web 0 0 1609 1025133
2344 nielsen Web 0 0 368 89365
461 ning Web 0 0 37984 40,16 MB
2235 nokia Web 0 0 17 6415
1448 office365 Web 24730 16,50 MB 942553 535,00 MB
2416 onclickads Web 0 0 114 55239
2523 openx Web 0 0 2313 1,04 MB
578 opera_update Web 0 0 2259 765263
1753 orange Web 0 0 226 46470
1478 outlook Web 63 25812 49931 24,25 MB
1747 paypal Web 0 0 53 20447
1470 pinterest Web 0 0 814 320179
1039 playstation Web 0 0 2842 1,25 MB
2524 pubmatic Web 0 0 1744 650028
1241 qq_web Web 0 0 24 3174
2238 quantcast Web 0 0 995 256235
1413 qunar Web 0 0 19 3063
2536 rlcdn Web 0 0 201 64879
922 rss Web 0 0 2738 1,75 MB
1046 rtl Web 0 0 442 258935
2527 rubiconproject Web 0 0 1634 649311
844 salesforce Web 2278 657302 37016 18,74 MB
2303 samsung Web 1 82 239 53547
2237 scorecardresearch Web 1 74 1923 454348
1453 sharepoint_online Web 21723 20,63 MB 455140 411,67 MB
1178 shazam Web 0 0 45 12714
2530 sizmek Web 0 0 1982 1,10 MB
850 skydrive Web 0 0 1012 560056
1051 slideshare Web 0 0 13 8654
2446 smartadserver Web 0 0 3919 1,36 MB
1469 spdy Web 0 0 10624 4,60 MB
1465 speedtest Web 0 0 67633 44,70 MB
1052 spiegel Web 0 0 8017 4,24 MB
2350 stickyads Web 0 0 1388 447543
1056 surveymonkey Web 0 0 31 2606
2250 symantec Web 0 0 113 67957
1763 t_online Web 0 0 13813 6,20 MB
2558 thevideos Web 0 0 72414 52,22 MB
860 tidaltv Web 0 0 103 27910
2277 truste Web 1 74 654 230486
502 tumblr Web 7 703 7 703
2236 turn Web 0 0 85 25625
2343 turner Web 0 0 41 7003
503 twitter Web 0 0 36711 19,48 MB
2581 web_de Web 0 0 22822 11,15 MB
222 wikipedia Web 0 0 2218 1,25 MB
1288 windows_azure Web 0 0 2115 1,37 MB
562 windows_update Web 0 0 345102 273,70 MB
298 windowslive Web 8362 1,20 MB 417945 253,61 MB
297 wordpress Web 0 0 324 58422
516 xing Web 6 444 22385 10,63 MB
1294 yahoo Web 0 0 3193 1,17 MB
234 yahoo_search Web 0 0 602 282169
519 yammer Web 1357 489365 18288 7,39 MB
523 yandex Web 0 0 122 53623
240 youtube Web 0 0 398744 336,25 MB
2481 bjnp Printer 0 0 2546972 155,54 MB
170 rsh Terminal 0 0 12 2436
209 telnet Terminal 0 0 258 32738
190 snmp Network Management 562500 130,34 MB 5743835 1680,97 MB
305 linkedin Forum 121 26666 37987 18,73 MB
2215 tapatalk Forum 0 0 73 35290
51 gmail Webmail 5 559 40939 23,50 MB
1116 gmx Webmail 0 0 3331 1,67 MB
141 owa Webmail 0 0 9 1766
236 ymail2 Webmail 0 0 2525 2,39 MB
111 mcafee Security Service 0 0 59 34130
45 ftp File Server 0 0 19439 1,70 MB
46 ftp_data File Server 0 0 4520 3,20 MB
131 nfs File Server 15035 18,86 MB 1735631 2152,78 MB
211 tftp File Server 8 932 1070 119379
545 teamviewer Thin Client 0 0 194169 62,37 MB
220 vmware Thin Client 0 0 12177 1,36 MB
85 ipsec Encrypted 3699185 770,57 MB 4685820 1293,83 MB
92 isakmp Encrypted 15153 3,47 MB 897046 193,54 MB
330 ocsp Encrypted 90 19699 13556 2,83 MB
198 ssh Encrypted 3072 1,32 MB 2052602 1813,15 MB
1913 bits File Transfer 0 0 172898 161,99 MB
1912 imessage_file_download File Transfer 0 0 7065 5,57 MB
4 unknown Standard 2443953 1179,60 MB 6346709 3327,94 MB
275 aim_express Instant Messaging 0 0 2675 1,33 MB
281 aims Instant Messaging 0 0 278 96207
2331 facebook_messenger Instant Messaging 0 0 322 64405
1441 gtalk Instant Messaging 168 16959 1354 222518
94 jabber Instant Messaging 0 0 45711 3,18 MB
183 skype Instant Messaging 0 0 4715 1,98 MB
1568 touch Instant Messaging 3 222 155563 58,86 MB
1093 whatsapp Instant Messaging 0 0 11296 6,90 MB
Die bisherigen Ausgaben ließen keinen Rückschluss auf den Nutzer der Applikation zu. Selbstverständlich ist eine solche Ausgabe möglich, in diesem Fall eingeschränkt auf die Applikation „firefox_update“.
OS6860E-> show app-mon ipv4-flow-table enforcement verbose | grep firefox_update -C 1 2016-09-25/19:38:59/CEST 0d 0h 49m 36s 52.222.169.89 172.30.0.19 80 59093 TCP firefox_update Web - 20368 15134039 -- 2016-09-25/20:27:41/CEST 0d 0h 0m 54s 54.191.11.118 172.30.0.50 443 51276 TCP firefox_update Web - 1 74
grep -C 1 gibt jeweils eine Zeile vor und nach dem gesuchten Begriff aus