Sessions

From Edge Threat Management Wiki - Arista
Revision as of 00:32, 18 May 2017 by Dmorris (talk | contribs)
Jump to navigationJump to search

Sessions provides a view of the current sessions (also known as connections)

Each row represents a single a network session/and its properties.

As Untangle and all the apps learn more about a session, many will "attach" data to the session so it is globally visible and accessible via other apps. The Sessions view provides a view into everything that is known about a session.

The Sessions view provides a real-time view into whats going on in the network, and can also provide a great debugging tool to verify that sessions are being processed by the correct policies and hantdled correctly.

Column Header Property Description
Creation Time The creation time of the session (if scanned)
Session ID The session ID (if scanned)
Mark The netfilter connmark
Protocol The protocol of the session (TCP/UDP)
Bypassed True if the session is bypassed, False if it is scanned
Policy The policy handling the session (if scanned)
Hostname The hostname for the client address (if known)
NATd True if the client address of the session was rewritten (NAT), False otherwise
Port Forwarded True if the server address of the session was rewritten (port-forward), False otherwise
Tags The tags attached to the session (inherited from Hosts, Devices, and Users)
Tags String The list of all tags attached to the session.
Local Address The IP address of the "local" (non-WAN) participant or the Client Address if no local address.
Remote Address The IP address of the "remote" (WAN) participant or the Server Address if no remote address.
Bandwidth Control Priority The priority of the session set by Bandwidth Control.
QoS Priority The priority set by QoS.
Pipeline The application processing order (pipeline) of the session (if scanned).
Client Interface The network interface of the client (source).
Client Address (Pre-NAT) The IP address of the client (initiator) of the session.
Client Port (Pre-NAT) The port of the client (initiator) of the session.
Client Address (Post-NAT) The IP address of the client (initiator) of the session post-NAT.
Client Port (Post-NAT) The port of the client (initiator) of the session post-NAT.
Client Country The country code of the client IP address.
Client Latitude The latitude of the client IP address.
Client Longitude The longitude of the client IP address.
Server Interface The network interface of the server (destination).
Server Address (Pre-NAT) The IP address of the server (receiver) of the session pre-NAT.
Server Port (Pre-NAT) The port of the server (receiver) of the session pre-NAT.
Server Address (Post-NAT) The IP address of the server (receiver) of the session.
Server Port (Post-NAT) The port of the server (receiver) of the session.
Server Country The country code of the server IP address.
Server Latitude The latitude of the server IP address.
Server Longitude The longitude of the server IP address.
Speed (KB/s) Client The data rate of data sent by the client (updated every 60 seconds).
Speed (KB/s) Server The data rate of data sent by the server (updated every 60 seconds).
Speed (KB/s) Total The data rate of session (updated every 60 seconds).
Application Control Lite Protocol The protocol according to Application Control Lite.
Application Control Lite Category The category according to Application Control Lite.
Application Control Lite Description The description of the protocol according to Application Control Lite.
Application Control Lite Matched? True if Application Control Lite matched the session.
Application Control Protochain The protochain of Application Control
Application Control Application The application of Application Control
Application Control Category The category of the application of Application Control
Application Control Detail The detail of the application of Application Control
Application Control Confidence The confidence of the match of Application Control
Application Control Productivity The productivity of the application of Application Control
Application Control Risk The risk of the application of Application Control
Web Filter Category Name The category of the last web request according to Web Filter
Web Filter Category Description The description of the category of the last web request according to Web Filter
Web Filter Category Flagged True if this category of the web request is flagged, False if not, null otherwise
Web Filter Category Blocked True if this category of the web request is blocked, False if not, null otherwise
Web Filter Flagged True if the last web request is flagged, False if not, null otherwise
HTTP Hostname The HTTP hostname if an HTTP session.
HTTP URL The HTTP URL of the last request if an HTTP session.
HTTP User Agent The HTTP User Agent of the last request if an HTTP session.
HTTP URI The HTTP URI of the last request if an HTTP session.
HTTP Request Method The HTTP Request Method of the last request if an HTTP session.
HTTP Request File Name The HTTP Request filename of the last request if an HTTP session.
HTTP Request File Path The HTTP Request file path of the last request if an HTTP session.
HTTP Content Type The HTTP Content Type of the last response if an HTTP session.
HTTP Referer The HTTP Referer of the last request if an HTTP session.
HTTP Content Length The HTTP content length of the last response if an HTTP session.