Skip to content

Flow Analytics - Network Threats

This view provides detailed visibility, filtering and analytical options for events recorded from Valtix threat analysis engine and summarized in Network Threats.

Refer Flow Analytics Overview for details on Search, Filter, Show/Hide Columns, Select Gateways and modify Time Formats/Timeframes.

Network Threats

Tables and Fields available in Network Threats are as follows

Event Details Description
Date and Time ISO 8601 format: YYYY-MM-DD T HH:MM:SS:S Example: 2020-11-22T10:58:46.820
Type AV, DLP, DPI
CSP Account Valtix CSP Account
Gateway Valtix Gateway
Region Region of the Valtix Gateway
Level DEBUG, INFO, NOTICE, WARNING, ERROR, CRITICAL, ALERT, EMERGENCY
Session ID ..


Service Description
Src IP Source IP Address
Src Port Source Port
Dest IP Destination IP Address
Dest Port Destination Port
Protocol UDP, TCP


Application Info Description
Client App Name Application name associated with client side of the session. Example: Advanced Packaging Tool
Payload App Name HTTP application name associated with webserver host. Example: Facebook
Service App Name Application name associated with server side of the session Example: HTTP


Action Description
Action ALLOW, DENY
State ESTABLISHED, CLOSE, CLOSED, CLOSE_WAIT, TIME_WAIT, FIN_WAIT, LAST_ACK


HTTP Request Description
Host Host portion of URL
Method GET, PUT, POST, HEAD, DELETE, PATCH, OPTIONS
URI URI Identifier RFC 3986


FQDN Description
FQDN Fully Qualified Domain Name
Category Name Category classification of the FQDN. Example: Social Media
Reputation Reputation score of the FQDN


Rule Description
ID ID number/description of Valtix Rule. Example 59 (egress-prod-apt-80)