Skip to content

Flow Analytics - Flow Logs

This view provides detailed visibilty, filtering and analytical options for events recorded from Flow Logs. Flow logs may contribute to one of three (3) event types: Firewall Events, Network Events and Web Attacks.

Refer Flow Analytics Overview for details on Search, Filter, Show/Hide Columns, Select Gateways and modify Time Formats/Timeframes.

Tables and Fields available in Flow Logs are as follows

Event Details Description
Date and Time ISO 8601 format: YYYY-MM-DD T HH:MM:SS:S Example: 2020-11-22T10:58:46.820
Type APPD ID, FLOW_LOG, TLS_LOG, URLFILTER
Session ID ..
Service Description
Src IP Source IP Adresss
Src Port Source Port
Dest IP Destination IP Address
Dest Port Destination Port
Protocol UDP, TCP
Application Info Description
Client App Name Application name associated with client side of the session. Example: Advanced Packaging Tool
Payload App Name HTTP application name associated with webserver host. Example: Facebook
Service App Name Application name associated with server side of the session Example: HTTP
Action Description
Action ALLOW, DENY
State ESTABLISHED, CLOSE, CLOSED, CLOSE_WAIT, TIME_WAIT, FIN_WAIT, LAST_ACK
FQDN Description
FQDN Fully Qualified Domain Name