SSL Inspector Reports: Difference between revisions

From Edge Threat Management Wiki - Arista
Jump to navigationJump to search
No edit summary
 
No edit summary
Line 6: Line 6:
=== Reports ===
=== Reports ===


All SSL Inspector reports can be accessed using the ''Select Reports'' window. All pre-defined reports will be listed along with any custom reports that have been created.  
This applications reports can be accessed via the ''Reports'' tab at the top or the ''Reports'' tab within the settings. All pre-defined reports will be listed along with any custom reports that have been created.  


Reports can be searched and further defined using the time selectors and the ''Conditions'' window at the bottom of the page. The data used in the report can be obtained on the ''Current Data'' window on the right.  
Reports can be searched and further defined using the time selectors and the ''Conditions'' window at the bottom of the page. The data used in the report can be obtained on the ''Current Data'' window on the right.  


Pre-defined report queries:  
Pre-defined report queries:  
{{#section:All_Reports|'SSL Inspector'}}
{{#section:All_Reports|'SSL Inspector'}}


The tables queried to render these reports:
* [[Database_Schema#sessions|sessions]]


=== Columns/Conditions ===
Conditions can be used to filter the traffic information shown in reports and events. Each condition has a corresponding column that can be viewed in the events viewer. Multiple conditions can be added to drill down and inspect SSL Inspector data. For a list of conditions, refer to the sessions table in [[Global DB Schema#sessions|Global DB Schema]].


===== Status =====
===== Status =====

Revision as of 19:12, 26 December 2016

The Reports tab provides a view of all reports and events for all traffic handled by HTTPS Inspector.

Reports

This applications reports can be accessed via the Reports tab at the top or the Reports tab within the settings. All pre-defined reports will be listed along with any custom reports that have been created.

Reports can be searched and further defined using the time selectors and the Conditions window at the bottom of the page. The data used in the report can be obtained on the Current Data window on the right.

Pre-defined report queries: {{#section:All_Reports|'SSL Inspector'}}

The tables queried to render these reports:


Status

The status of the session that generated the event.

  • INSPECTED means the session was fully processed by the inspector, and all traffic was passed through all the other applications and services.
  • IGNORED means the session was not or could not be inspected, so the traffic was completely ignored and not analyzed by any applications or services.
  • BLOCKED means the traffic was blocked because it did not contain a valid HTTPS request, and the Block Invalid Traffic option was enabled.
  • UNTRUSTED means the traffic was blocked because the server certificate could not be authenticated.
  • ABANDONED means the traffic was blocked because of a problem with the underlying SSL session.


Related Topics

Report Viewer

Manage Reports