Flow Analytics - Flow Logs
This view provides detailed visibility, filtering and analytical options for events recorded from Flow Logs. Flow logs may contribute to one of three (3) event types: Firewall Events, Network Events and Web Attacks.
Refer Flow Analytics Overview for details on Search, Filter, Show/Hide Columns, Select Gateways and modify Time Formats/Timeframes.
Tables and Fields available in Flow Logs are as follows
| Event Details |
Description |
| Date and Time |
ISO 8601 format: YYYY-MM-DD T HH:MM:SS:S Example: 2020-11-22T10:58:46.820 |
| Type |
FLOW_LOG |
| CSP Account |
Valtix CSP Account |
| Gateway |
Valtix Gateway |
| Region |
Region of the Valtix Gateway |
| Session ID |
.. |
| Service |
Description |
| Src IP |
Source IP Address |
| Src Port |
Source Port |
| Dest IP |
Destination IP Address |
| Dest Port |
Destination Port |
| Protocol |
UDP, TCP |
| Application Info |
Description |
| Client App Name |
Application name associated with client side of the session. Example: Advanced Packaging Tool |
| Payload App Name |
HTTP application name associated with webserver host. Example: Facebook |
| Service App Name |
Application name associated with server side of the session Example: HTTP |
| Action |
Description |
| Action |
ALLOW, DENY |
| State |
ESTABLISHED, CLOSE, CLOSED, CLOSE_WAIT, TIME_WAIT, FIN_WAIT, LAST_ACK |
| FQDN |
Description |
| FQDN |
Fully Qualified Domain Name |
| Category Name |
Category classification of the FQDN. Example: Social Media |
| Reputation |
Reputation score of the FQDN |