Skip to content

Flow Analytics - Firewall Events

This view provides detailed visibilty, filtering and analytical options for events recorded from the Firewall configuration and summarized in Firewall Events category.

Refer Flow Analytics Overview for details on Search, Filter, Show/Hide Columns, Select Gateways and modify Time Formats/Timeframes.

Tables and Fields available in Firewall Events are as follows

Event Details Description
Date and Time ISO 8601 format: YYYY-MM-DD T HH:MM:SS:S Example: 2020-11-22T10:58:46.820
Type APPID, L4_FW, MALICIOUS_SRC, SNI
CSP Account Valtix CSP Account
Gateway Valtix Gateway
Region Region of the Valtix Gateway
Level DEBUG, INFO, NOTICE, WARNING, ERROR, CRITCAL, ALERT, EMERGENCY
Session ID ..
Service Description
Src IP Source IP Address
Src Port Source Port
Dest IP Destination IP Address
Dest Port Destination Port
Protocol UDP, TCP
Application Info Description
Client App Name Application name associated with client side of the session. Example: Advanced Packaging Tool
Payload App Name HTTP application name associated with webserver host. Example: Facebook
Service App Name Application name associated with server side of the session Example: HTTP
Action Description
Action ALLOW, DENY
State ESTABLISHED, CLOSE, CLOSED, CLOSE_WAIT, TIME_WAIT, FIN_WAIT, LAST_ACK
HTTP Request Description
Host Host portion of URL
Method GET, PUT, POST, HEAD, DELETE, PATCH, OPTIONS
URI URI Identifier RFC 3986
Rule Description
ID ID number/description of Valtix Rule. Example 59 (egress-prod-apt-80)
FQDN Description
FQDN Fully Qualified Domain Name
Category Name Category classification of the FQDN. Example: Social Media
Reputation Reputation score of the FQDN