These possible FPs occur during a backup of our mail server to an NFS mounted volume.
{"timestamp":"2021-10-27T05:04:07.617335-0700","flow_id":15866114764243,"event_type":"alert","src_ip":"192.168.69.246","src_port":806,"dest_ip":"192.168.69.245","dest_port":2049,"proto":"TCP","alert":{"action":"allowed","gid":1,"signature_id":2032926,"rev":2,"signature":"ET INFO Possible Overflow Attempt - Abnormally Large SMTP EHLO Inbound","category":"Potentially Bad Traffic","severity":2,"metadata":{"attack_target":["SMTP_Server"],"created_at":["2021_05_10"],"deployment":["Perimeter"],"former_category":["INFO"],"signature_severity":["Informational"],"updated_at":["2021_05_11"]}},"app_proto":"failed","flow":{"pkts_toserver":31940514,"pkts_toclient":30016135,"bytes_toserver":9462431584,"bytes_toclient":13173670072,"start":"2021-10-09T15:56:34.224723-0700"}}
---[ 13 more ]---