Skip to content

Flow Analytics - Web Attacks

This view provides detailed visibilty, filtering and analytical options for events recorded from Valtix web attack engine and summarized in Web Attacks with an event rate counter displayed (total events/seTo perform various functions in this view, refer to the follwing guides:

Refer Flow Analytics Overview for details on Search, Filter, Show/Hide Columns, Select Gateways and modify Time Formats/Timeframes.

Web Attacks

Tables and Fields available in Web Attacks are as follows

Event Details Description
Date and Time ISO 8601 format: YYYY-MM-DD T HH:MM:SS:S Example: 2020-11-22T10:58:46.820
Type L7DOS, WAF
CSP Account Valtix CSP Account
Gateway Valtix Gateway
Region Region of the Valtix Gateway
Level DEBUG, INFO, NOTICE, WARNING, ERROR, CRITCAL, ALERT, EMERGENCY
Session ID ..


Service Description
Src IP Source IP Address
Src Port Source Port
Dest IP Destination IP Address
Dest Port Destination Port
Protocol UDP, TCP


Application Info Description
Client App Name Application name associated with client side of the session. Example: Advanced Packaging Tool
Payload App Name HTTP application name associated with webserver host. Example: Facebook
Service App Name Application name associated with server side of the session Example: HTTP


Action Description
Action ALLOW, DENY
State ESTABLISHED, CLOSE, CLOSED, CLOSE_WAIT, TIME_WAIT, FIN_WAIT, LAST_ACK


HTTP Request Description
Host Host portion of URL
Method GET, PUT, POST, HEAD, DELETE, PATCH, OPTIONS
URI URI Identifier RFC 3986


FQDN Description
FQDN Fully Qualified Domain Name
Category Name Category classification of the FQDN. Example: Social Media
Reputation Reputation score of the FQDN


Rule Description
ID ID number/description of Valtix Rule. Example 59 (egress-prod-apt-80)