Flow Analytics - Session Summary
This view provides detailed visibility, filtering and analytical options for events recorded from either a forward or reverse gateway proxy. Session Summary events contribute to one of three (3) event types: Firewall Events, Network Events and Web Attacks.
Refer Flow Analytics Overview for details on Search, Filter, Show/Hide Columns, Select Gateways and modify Time Formats/Timeframes.
Session Summary
Tables and Fields available in Session Summary are as follows:
| Event Details |
Description |
| Date and Time |
ISO 8601 format: YYYY-MM-DD T HH:MM:SS:S Example: 2020-11-22T10:58:46.820 |
| CSP Account |
Valtix CSP Account |
| Gateway |
Valtix Gateway |
| Region |
Region of the Valtix Gateway |
| Level |
INFO |
| Session ID |
.. |
| Client-side Connection |
Description |
| Src IP |
Source IP Address |
| Src Port |
Source Port |
| Dest IP |
Destination IP Address |
| Dest Port |
Destination Port |
| Protocol |
UDP, TCP |
| Client-side Stats |
Traffic between client and Valtix Gateway |
| Received Bytes |
Number of bytes received from client |
| Transmitted Bytes |
Number of bytes sent to client |
| Received Packets |
Number of packets received from client |
| Transmitted Packets |
Number of packets sent to client |
| Policy Match Info |
Description |
| Dest Address Group |
Destination Address Group configured in the matched policy rule |
| Src Address Group |
Source Address Group configured in the matched policy rule |
| Request SNI |
Server Name Indication in the request |
| Service Type |
Service Type. Example: PROXY |
| Src Country |
Country that the request originated from on the client-side |
| Dest Country |
Country that the request was destined to on the server-side. Example: United States |
| Server-side Connection |
Description |
| Src IP |
Source IP Address |
| Src Port |
Source Port |
| Dest IP |
Destination IP Address |
| Dest Port |
Destination Port |
| Protocol |
UDP, TCP |
| Server-side Stats |
Traffic between Valtix Gateway and server |
| Received Bytes |
Number of bytes received from server |
| Transmitted Bytes |
Number of bytes sent to server |
| Received Packets |
Number of packets received from server |
| Transmitted Packets |
Number of packets sent to server |
| Application Info |
Description |
| Client App Name |
Application name associated with client side of the session. Example: Advanced Packaging Tool |
| Payload App Name |
HTTP application name associated with webserver host. Example: Facebook |
| Service App Name |
Application name associated with server side of the session Example: HTTP |
| Action |
Description |
| Action |
ALLOW, DENY |
| Cloud Service |
Description |
| Cloud Service |
Name of the destination cloud service accessed with the request. Example AMAZON, EC2 |
| Src Instance Info |
Description |
| Instance ID |
Client instance ID |
| Instance Name |
Client instance name (and provides ability to see tags) |
| VPC ID |
Client VPC ID |
| HTTP Request |
Description |
| Host |
Host portion of URL |
| Method |
GET, PUT, POST, HEAD, DELETE, PATCH, OPTIONS |
| URI |
URI Identifier RFC 3986 |
| Rule |
Description |
| ID |
ID number/description of Valtix Rule. Example 59 (egress-prod-apt-80) |
| FQDN |
Description |
| FQDN |
Fully Qualified Domain Name |
| Category Name |
Category classification of the FQDN. Example: Social Media |
| Reputation |
Reputation score of the FQDN |