Proxy activity details
Proxy activity appears in a table. After you select a filter and dimension, you can select the type of data that you want to show in the table. In addition to data listed in the Proxy activity dimensions topic, you can show this data in the activity table.
| Proxy activity detail | Description |
|---|---|
| Detected Time | Date and time the activity was detected. |
| Policy | Policy that applies or was applied. |
| List | Custom lists or threat categories associated with the activity. |
| Detection Method | Indicates how activity was detected. This field may
show any of these values:
|
| Resolved IP | IP address that is resolved from the domain. |
| Is Event | Indicates whether the activity produced an event. This dimension shows a value of True or False. |
| Category |
The overall category of the event. This may be the AUP category or the threat event category such as malware, phishing, command and control, and DNS exfiltration. If the domain does not appear in any lists, including threat, custom, or exception lists, the Unclassified category is shown. |
| Confidence | Indicates whether activity is a known threat. If this information is not known, it shows as Unknown. |
| Connection ID | ID associated with the activity. |
| On-Ramp | Indicates whether traffic was forwarded to ETP Proxy. This field shows Yes or No. |
Indicates whether traffic was forwarded to ETP Proxy. This field shows Yes or No.
| Detail | Description |
|---|---|
| Layer 7 Protocol | Application layer protocols such as HTTP and HTTPS. |
| Request Time | Date and time the user made the request. |
| Response Time | Date and time when a response to a request was provided. |
| URI | Uniform Resource Identifier. Characters or string that identify a resource. For example, a URL is a URI. |
| Source Port | The TCP/UDP port of the user’s machine. |
| Hash | Hash of the HTTP response. |