![maxmind proxy score maxmind proxy score](https://i.ytimg.com/vi/G8MM5-3bmF0/maxresdefault.jpg)
Timestamp corresponding to the modification time of the entity (file, etc.) Source from where the location of Source IP was derived Source from where the location of Destination IP was derived URLs were categorized by NSURLC machine or not In addition, policy field will be also set for every Bypass event. ssl_decrypt_policy field will provide this extra information. The existing flag bypass_traffic only gives information that a flow has been bypassed, but does not tell exactly which policy was responsible for it. There are 2 ways to create rules for bypass: Number of raw log lines/events sessionized or suppressed during the suppressed interval.Īpplicable to only bypass events.
![maxmind proxy score maxmind proxy score](https://forums.oscommerce.com/uploads/monthly_2017_12/N_member_25810.png)
When events are suppressed (like collaboration apps), then the suppression end time will be set and only one event will be send with suppression start time and end time and count of occurrence. Total number of downloaded from server to client. Total number of bytes uploaded from client to server Total number of bytes that were transmitted for the connection - numbytes = client_bytes + server_bytes Total number of HTTP responses (equal to number of transaction events for this page event) from server to client Total number of HTTP requests (equal to number of transaction events for this page event) sent from client to server over one underlying TCP connection. Total latency from proxy to app in milliseconds Max latency for a connection in milliseconds Min latency for a connection in milliseconds Shows the ID for the connection event.ĭuration of the connection in milliseconds. Only available for the Client steering configuration.Įach connection has a unique ID. Tells whether it is user generated page event Shows if the event was generated from the Risk Insights log. Useralert, Detection, bypass, block, alert, restrictToView, disableDownload, legalHold, expireLink, restrictAccess, delete, quarantine It is currently not captured for Risk Insights. Web traffic is only captured for inline access method. CloudApp indicates CASB and web indicates HTTP traffic. This field shows the actual access method that triggered the event.įor log uploads this shows the actual log type such as PAN, Websense, etc.Ĭlient, Secure Forwarder, API Connector, Proxy Chaining, Reverse Proxy Administrators can also upload firewall and/or proxy logs for log analytics. Values for Alerts: nspolicy, connection, breach, anomaly, malsiteĬloud app traffic can be steered to the Netskope cloud using different deployment methods such as Client (Netskope Client), Secure Forwarder etc. Connection events shows the actual HTTP connection. Application events are recorded to track user events inside a cloud app. Shows if it is an application event or a connection event. Shows the long format timezone designation.