Flow Analytics - All Events
Flow Analytics - All Events provides overall visibility into network and security events from the entire Multicloud Defense solution.
Tables and Fields available in All Events are as follows:
|
Event Details |
Description |
|---|---|
|
Date and Time |
ISO 8601 format: YYYY-MM-DD T HH:MM:SS:S Example: |
|
Type |
APPID, AV, DLP, DPI, FLOW_LOG, FQDNFILTER, L4_FW, L7DOS, MALICIOUS_SRC, SNI, TLS_ERROR, TLS_LOG, URLFILTER. |
|
CSP Account |
Multicloud Defense CSP Account. |
|
Gateway |
Multicloud Defense Gateway. |
|
Region |
Region of the Multicloud Defense Gateway. |
|
Level |
DEBUG, INFO, NOTICE, WARNING, ERROR, CRITICAL, ALERT, EMERGENCY. |
|
Session ID |
.. |
|
Service |
Description |
|---|---|
|
Src IP |
Source IP Address. |
|
Src Port |
Source Port. |
|
Dest IP |
Destination IP Address. |
|
Dest Port |
Destination Port. |
|
Protocol |
UDP, TCP. |
|
Application Info |
Description |
|---|---|
|
Client App Name |
Application name associated with client side of the session. Example: |
|
Payload App Name |
HTTP application name associated with webserver host. Example: |
|
Service App Name |
Application name associated with server side of the session. Example: |
|
Action |
Description |
|---|---|
|
Action |
ALLOW, DENY. |
|
State |
ESTABLISHED, CLOSE, CLOSED, CLOSE_WAIT, TIME_WAIT, FIN_WAIT, LAST_ACK. |
|
HTTP Request |
Description |
|---|---|
|
Host |
Host portion of URL. |
|
Method |
GET, PUT, POST, HEAD, DELETE, PATCH, OPTIONS. |
|
URI |
URI Identifier RFC 3986. |
|
Rule |
Description |
|---|---|
|
ID |
ID number/description of Multicloud Defense Rule. Example |
|
FQDN |
Description |
|---|---|
|
FQDN |
Fully Qualified Domain Name. |
|
Category Name |
Category classification of the FQDN. Example: |
|
Reputation |
Reputation score of the FQDN. |