Skip to content

Flow Analytics - Network Threats

This view provides detailed visibilty, filtering and analytical options for events recorded from Valtix threat analysis engine and summarized in Network Threats.

Refer Flow Analytics Overview for details on Search, Filter, Show/Hide Columns, Select Gateways and modify Time Formats/Timeframes.

Network Threats

Tables and Fields available in Network Threats are as follows

Event Details Description
Date and Time ISO 8601 format: YYYY-MM-DD T HH:MM:SS:S Example: 2020-11-22T10:58:46.820
Type APPD ID, FLOW_LOG, TLS_LOG, URLFILTER
Level DEBUG, INFO, NOTICE, WARNING, ERROR, CRITCAL, ALERT, EMERGENCY


Service Description
Src IP Source IP Adresss
Src Port Source Port
Dest IP Destination IP Address
Dest Port Destination Port
Protocol UDP, TCP


Application Info Description
Client App Name Application name associated with client side of the session. Example: Advanced Packaging Tool
Payload App Name HTTP application name associated with webserver host. Example: Facebook
Service App Name Application name associated with server side of the session Example: HTTP


Action Description
Action ALLOW, DENY
State ESTABLISHED, CLOSE, CLOSED, CLOSE_WAIT, TIME_WAIT, FIN_WAIT, LAST_ACK


HTTP Request Description
Host Host portion of URL
Method GET, PUT, POST, HEAD, DELETE, PATCH, OPTIONS
URI URI Identifier RFC 3986


FQDN Description
FQDN Fully Qualified Domain Name


Rule Description
ID ID number/description of Valtix Rule. Example 59 (egress-prod-apt-80)