{
  "Type": 0,
  "ExpectMode": 0,
  "Whitelisted": false,
  "Stage": "",
  "Enriched": {
   "machine_uuid": "user1_machine1",
   "trust_factor": "4",
   "user_uuid": "1",
   "watcher_ip": "1.2.3.4"
  },
  "Overflow": {
   "MapKey": "7e159c83f45e4cabfe4c2d8653a24ac79506a703",
   "scenario": "http_404-scan",
   "bucket_id": "morning-sea",
   "alert_message": "31.222.187.197 performed 'http_404-scan' (6 events over 2s) at 2020-01-02 15:31:32 +0000 UTC",
   "events_count": 6,
   "start_at": "2020-01-02T15:31:30Z",
   "ban_applications": [
    {
     "MeasureType": "ban",
     "MeasureExtra": "",
     "Until": "2020-01-02T19:31:32Z",
     "StartIp": 1781924660,
     "EndIp": 1781924660,
     "IpText": "31.222.187.197",
     "Reason": "ban on ip 31.222.187.197",
     "Scenario": "",
     "SignalOccurenceID": 985
    }
   ],
   "stop_at": "2020-01-14T06:44:14Z",
   "Source_ip": "31.222.187.197",
   "Source_range": "\u003cnil\u003e",
   "Source_AutonomousSystemNumber": "0",
   "Source_AutonomousSystemOrganization": "",
   "Source_Country": "CN",
   "Source_Latitude": 39.92890167236328,
   "Source_Longitude": 116.38829803466797,
   "sources": {
    "31.222.187.197": {
     "Ip": "31.222.187.197",
     "Range": {
      "IP": "",
      "Mask": null
     },
     "AutonomousSystemNumber": "0",
     "AutonomousSystemOrganization": "",
     "Country": "CN",
     "Latitude": 39.92890167236328,
     "Longitude": 116.38829803466797,
     "Flags": null
    }
   },
   "capacity": 5,
   "leak_speed": 10000000000,
   "Reprocess": true,
   "Labels": {
    "remediation": "true",
    "service": "http",
    "type": "scan"
   }
  },
  "Time": "0001-01-01T00:00:00Z",
  "StrTime": "",
  "MarshaledTime": "",
  "Process": true
 }