Results from netflow_nsel_reorder.yaml and logstash-1.4.0.beta1

netflow_nsel_reordered_results.txt

{
      "_index" : "logstash_misc-2014.03",
      "_type" : "netflow",
      "_id" : "1EBp6WItToiChtUow83xNw",
      "_score" : 1.0, "_source" : {"@timestamp":"2014-03-04T20:37:49.000Z","netflow":{"version":"9","flow_seq_num":"16323330","flowset_id":"256","nf_f_conn_id":"2881023953","nf_f_src_addr_ipv4":"1041806564","nf_f_src_port":"50284","nf_f_src_intf_id":"5","nf_f_dst_addr_ipv4":"3488767352","nf_f_dst_port":"53","nf_f_dst_intf_id":"8","nf_f_protocol":"17","nf_f_icmp_type":"0","nf_f_icmp_code":"0","nf_f_xlate_src_addr_ipv4":"1041806564","nf_f_xlate_dst_addr_ipv4":"3232282420","nf_f_xlate_src_port":"50284","nf_f_xlate_dst_port":"53","nf_f_fw_event":"1","nf_f_fw_ext_event":"0","nf_f_event_time_msec":"1393965454204","nf_f_flow_bytes":"145","nf_f_ingress_acl_id":"74146676141431344274432065536","nf_f_egress_acl_id":"0","nf_f_username":"0"},"@version":"1","type":"netflow","host":"172.20.140.10"}
    }, {
      "_index" : "logstash_misc-2014.03",
      "_type" : "netflow",
      "_id" : "bIHefq1TQM2qg7DImLoszw",
      "_score" : 1.0, "_source" : {"@timestamp":"2014-03-04T20:37:49.000Z","netflow":{"version":"9","flow_seq_num":"16323331","flowset_id":"256","nf_f_conn_id":"2881023968","nf_f_src_addr_ipv4":"3373334610","nf_f_src_port":"23400","nf_f_src_intf_id":"5","nf_f_dst_addr_ipv4":"3488767352","nf_f_dst_port":"53","nf_f_dst_intf_id":"8","nf_f_protocol":"17","nf_f_icmp_type":"0","nf_f_icmp_code":"0","nf_f_xlate_src_addr_ipv4":"3373334610","nf_f_xlate_dst_addr_ipv4":"3232282420","nf_f_xlate_src_port":"23400","nf_f_xlate_dst_port":"53","nf_f_fw_event":"1","nf_f_fw_ext_event":"0","nf_f_event_time_msec":"1393965454204","nf_f_flow_bytes":"164","nf_f_ingress_acl_id":"74146676141431344274432065536","nf_f_egress_acl_id":"0","nf_f_username":"0"},"@version":"1","type":"netflow","host":"172.20.140.10"}
    }, {
      "_index" : "logstash_misc-2014.03",
      "_type" : "netflow",
      "_id" : "JIjcB8esSVGyiJgyv4WwSw",
      "_score" : 1.0, "_source" : {"@timestamp":"2014-03-04T20:37:49.000Z","netflow":{"version":"9","flow_seq_num":"16323331","flowset_id":"256","nf_f_conn_id":"2881023969","nf_f_src_addr_ipv4":"1668347921","nf_f_src_port":"59375","nf_f_src_intf_id":"5","nf_f_dst_addr_ipv4":"3488767352","nf_f_dst_port":"53","nf_f_dst_intf_id":"8","nf_f_protocol":"17","nf_f_icmp_type":"0","nf_f_icmp_code":"0","nf_f_xlate_src_addr_ipv4":"1668347921","nf_f_xlate_dst_addr_ipv4":"3232282420","nf_f_xlate_src_port":"59375","nf_f_xlate_dst_port":"53","nf_f_fw_event":"1","nf_f_fw_ext_event":"0","nf_f_event_time_msec":"1393965454204","nf_f_flow_bytes":"150","nf_f_ingress_acl_id":"74146676141431344274432065536","nf_f_egress_acl_id":"0","nf_f_username":"0"},"@version":"1","type":"netflow","host":"172.20.140.10"}
    }, {
      "_index" : "logstash_misc-2014.03",
      "_type" : "netflow",
      "_id" : "kEO_79hpSeKBnc6krXrmeg",
      "_score" : 1.0, "_source" : {"@timestamp":"2014-03-04T20:37:49.000Z","netflow":{"version":"9","flow_seq_num":"16323331","flowset_id":"256","nf_f_conn_id":"2881023973","nf_f_src_addr_ipv4":"3284036155","nf_f_src_port":"51176","nf_f_src_intf_id":"5","nf_f_dst_addr_ipv4":"3488767352","nf_f_dst_port":"53","nf_f_dst_intf_id":"8","nf_f_protocol":"17","nf_f_icmp_type":"0","nf_f_icmp_code":"0","nf_f_xlate_src_addr_ipv4":"3284036155","nf_f_xlate_dst_addr_ipv4":"3232282420","nf_f_xlate_src_port":"51176","nf_f_xlate_dst_port":"53","nf_f_fw_event":"1","nf_f_fw_ext_event":"0","nf_f_event_time_msec":"1393965454214","nf_f_flow_bytes":"150","nf_f_ingress_acl_id":"74146676141431344274432065536","nf_f_egress_acl_id":"0","nf_f_username":"0"},"@version":"1","type":"netflow","host":"172.20.140.10"}