Fields: ts, src_ip, dst_ip, proto, sensor, category, rule_id, confidence, action, profile, mode, notes