HTTP or TLS requests.

Field

Group

Type

Application name

Application

Field

Windows black.png
Mac black.png
Mobile gray disabled.png

Name of the application which made the web request

Binary paths

Application

Field

Windows black.png
Mac black.png
Mobile gray disabled.png

Paths of the binary which made the web request

Binary version

Application

Field

Windows black.png
Mac black.png
Mobile gray disabled.png

Version of the binary which made the web request

Cardinality

Properties

Field

Windows black.png
Mac black.png
Mobile gray disabled.png

Number of underlying web requests, consolidated over time

NXQL ID:

cardinality

Connections duration

Properties

Field

Windows black.png
Mac black.png
Mobile gray disabled.png

The time between start of the first connection and end of the last underlying connection

NXQL ID:

connections_duration

Device ID

Device

Field

Windows black.png
Mac black.png
Mobile gray disabled.png

Unique identifier code of the web request source

Device name

Device

Field

Windows black.png
Mac black.png
Mobile gray disabled.png

Indicates the name of the device:

  • For Windows: NetBios Name

  • For Mac OS: computer name used on the network

  • For Mobile: composed by mailbox name and device friendly name

Device SID

Device

Field

Windows black.png
Mac black.png
Mobile gray disabled.png

Windows security identifier of the web request source

Domain name

Domain

Field

Windows black.png
Mac black.png
Mobile gray disabled.png

Name of the web request destination domain

End time

Properties

Field

Windows black.png
Mac black.png
Mobile gray disabled.png

Web request end time, corresponding to the moment when the last underlying TCP connection was closed

NXQL ID:

end_time

Executable name

Application

Field

Windows black.png
Mac black.png
Mobile gray disabled.png

Name of the executable which made the web request

HTTP status

Properties

Field

Windows black.png
Mac black.png
Mobile gray disabled.png

HTTP response status code

NXQL ID:

http_status

ID

Properties

Field

Windows black.png
Mac black.png
Mobile gray disabled.png

Unique request identifier code

NXQL ID:

id

Incoming web traffic

Traffic

Field

Windows black.png
Mac black.png
Mobile gray disabled.png

Incoming web traffic of all underlying web requests, consolidated over time

NXQL ID:

incoming_traffic

Network response time

Availability

Field

Windows black.png
Mac black.png
Mobile gray disabled.png

Average TCP connection establishment time of all underlying connections, consolidated over time

NXQL ID:

network_response_time

Outgoing web traffic

Properties

Field

Windows black.png
Mac black.png
Mobile gray disabled.png

Outgoing web traffic of all underlying web requests, consolidated over time

NXQL ID:

outgoing_traffic

Port number

Port

Field

Windows black.png
Mac black.png
Mobile gray disabled.png

Port number of the web request

Protocol

Properties

Field

Windows black.png
Mac black.png
Mobile gray disabled.png

Web request protocol (HTTP, TLS)

NXQL ID:

protocol

Protocol version

Properties

Field

Windows black.png
Mac black.png
Mobile gray disabled.png

Web request protocol version

NXQL ID:

protocol_version

Service related

Properties

Field

Windows black.png
Mac black.png
Mobile gray disabled.png

Indicates whether the web request is related to a configured service:

  • yes: these requests are always visible by all users

  • no: depending on the privacy settings, requests not related to a service might not be visible by everyone

NXQL ID:

service_related

Signature ID

Properties

Field

Windows black.png
Mac black.png
Mobile gray disabled.png

ID of the related web request signature, i.e. a user executing a certain process on a particular device which emits requests to a specific domain

NXQL ID:

signature_id

Start time

Properties

Field

Windows black.png
Mac black.png
Mobile gray disabled.png

Web request start time

NXQL ID:

start_time

URL path

Properties

Field

Windows black.png
Mac black.png
Mobile gray disabled.png

Indicates the expression used to match the web request against web-based services with URL path:

'-': the web request did not match against any service with URL path
CODE

User ID

User

Field

Windows black.png
Mac black.png
Mobile gray disabled.png

Unique identifier code of the user who made the web request

User name

User

Field

Windows black.png
Mac black.png
Mobile gray disabled.png

Name of the user who made the web request

User SID

User

Field

Windows black.png
Mac black.png
Mobile gray disabled.png

Indicates the Windows security identifier for the user who made the web request.

  • For Mac 0S: the value is 'S-0-0' if the user is not in Active Directory

Web request duration

Properties

Field

Windows black.png
Mac black.png
Mobile gray disabled.png

Average time between request and last response byte of all underlying requests, consolidated over time

NXQL ID:

web_request_duration