Report proxy network traffic transaction details

POST https://{{host}}/etp-report/v3/configs/:configId/proxy-traffic/transactions/details

Lists proxy network traffic connections for a given time period.

Request Params

Request Body

{"endTimeSec"=>1589965237, "orderBy"=>"DESC", "pageNumber"=>1, "pageSize"=>5, "startTimeSec"=>1587459637}

HEADERS

RESPONSES

status: OK

{"dataRows":[{"event":{"actionId":"4","actionName":"Block - Error Page","blockDescription":"The URL hosts malware.","categoryId":"73","categoryName":"73","clientRequestId":"dc475a9e-c192-4b0b-a34e-a95c0f8dfcad-15904747363383674-1195","confidenceId":"-1","confidenceName":"Unknown","correlatedSinkholeEvents":[{"configId":1041,"destinationPort":80,"eventId":"1590113794976#ac4bde1e-7d3d-4ff5-9cf8-772df0b1ce11#28301","eventTime":"2020-05-22T02:16:34Z","hitCount":1,"hostname":"akamaisiacncstage.com","internalIP":"192.0.2.235","l4Protocol":"TCP","l7Protocol":"HTTP","machineNames":["N/A"],"sinkholeIP":"192.0.2.89","sinkholeId":"ac4bde1e-7d3d-4ff5-9cf8-772df0b1ce11","sinkholeName":"SIA_DNS_SINKHOLE","sourcePort":48022,"url":"/","userAgent":"curl/7.47.0"}],"deepScanned":false,"deepscanReportPath":"","detectionTime":"2020-05-26T06:33:33Z","detectionType":"inline","deviceId":"dc475a9e-c192-4b0b-a34e-a95c0f8dfcad","deviceName":"WIN81-ENT-210","httpUserAgent":"Windows-Update-Agent/7.9.9600.19670 Client-Protocol/1.21 EtpClient:3.0.0","httpVersion":"1.1","internalClientIP":"192.0.2.7","listId":"-1","listIdentifiers":[{"categoryId":73,"categoryName":"73","confidenceId":-1,"confidenceName":"Unknown","listId":-1,"listName":"unknown","threatId":0,"threatName":"Unclassified"}],"listName":"unknown","matchedGroups":[],"onrampType":"etp_offnet_client","policyId":"32965","policyName":"Westford OFF Network policy","reason":"Acceptable use policy","severityId":0,"severityLevel":"Unclassified","siteId":"5003","siteName":"Off Network SIA Clients","trigger":"null"},"id":"0","isEvent":true,"l7Protocol":"HTTP","request":{"clientIp":"192.0.2.168","clientPort":48176,"connectionId":"0x3706B3124FAFAF8C9574","destinationIP":"192.0.2.122","destinationPort":80,"domain":"statsfe2.ws.microsoft.com.","headers":[{"name":"Cache-Control","value":"no-cache"},{"name":"Content-Length","value":"2369"},{"name":"Content-Type","value":"text/xml; charset=utf-8"},{"name":"Host","value":"statsfe2.ws.microsoft.com"},{"name":"Pragma","value":"no-cache"},{"name":"User-Agent","value":"Windows-Update-Agent/7.9.9600.19670 Client-Protocol/1.21 EtpClient:3.0.0"},{"name":"X-Forwarded-For","value":"172.25.162.210, 172.25.162.210"}],"method":"POST","queryStrings":[],"startTime":1590474813791,"uri":"/ReportingWebService/ReportingWebService.asmx","uuid":"1b72e77c-254a-4ba9-a456-2a1b4407d65b"},"response":{"endTime":1590474813793,"hash":"","headers":[]},"userIdentity":{"encryptedUserID":"","encryptedUserName":"","groups":[]}},{"event":{"actionId":"5","actionName":"Allow","blockDescription":"The URL hosts malware.","categoryId":"104","categoryName":"104","clientRequestId":"c37a4c4e-a7cd-400f-820d-b82762c52975-15904747127323964-48715","confidenceId":"-1","confidenceName":"Unknown","correlatedSinkholeEvents":[{"configId":1041,"destinationPort":80,"eventId":"1590113794976#ac4bde1e-7d3d-4ff5-9cf8-772df0b1ce11#28301","eventTime":"2020-05-22T02:16:34Z","hitCount":1,"hostname":"akamaisiacncstage.com","internalIP":"192.0.2.190","l4Protocol":"TCP","l7Protocol":"HTTP","machineNames":["N/A"],"sinkholeIP":"192.0.2.173","sinkholeId":"ac4bde1e-7d3d-4ff5-9cf8-772df0b1ce11","sinkholeName":"SIA_DNS_SINKHOLE","sourcePort":48022,"url":"/","userAgent":"curl/7.47.0"}],"deepScanned":false,"deepscanReportPath":"","detectionTime":"2020-05-26T06:32:30Z","detectionType":"N/A","deviceId":"c37a4c4e-a7cd-400f-820d-b82762c52975","deviceName":"BOS-WPX5E","httpUserAgent":"Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Teams/1.3.00.12058 Chrome/69.0.3497.128 Electron/4.2.12 Safari/537.36 EtpClient:3.0.0","httpVersion":"1.1","internalClientIP":"192.0.2.25","listId":"-1","listIdentifiers":[{"categoryId":104,"categoryName":"104","confidenceId":-1,"confidenceName":"Unknown","listId":-1,"listName":"unknown","threatId":0,"threatName":"Unclassified"}],"listName":"unknown","matchedGroups":[],"onrampType":"etp_client","policyId":"0","policyName":"0","reason":"Acceptable use policy","severityId":0,"severityLevel":"Unclassified","siteId":"51284","siteName":"E2E WIN 174.232 site","trigger":"null"},"id":"1","isEvent":false,"l7Protocol":"HTTPS","request":{"clientIp":"192.0.2.45","clientPort":34656,"connectionId":"0x3706B30F4FAEB4B27FB1","destinationIP":"2001:db8:5ad7:b1f8:6411:d14f:971c:7bfe","destinationPort":443,"domain":"statics.teams.cdn.office.net.","headers":[{"name":"Accept","value":"image/webp,image/apng,image/*,*/*;q=0.8"},{"name":"Accept-Encoding","value":"gzip, deflate, br"},{"name":"Accept-Language","value":"en-US"},{"name":"Connection","value":"keep-alive"},{"name":"Host","value":"statics.teams.cdn.office.net"},{"name":"Referer","value":"https://teams.microsoft.com/_"},{"name":"User-Agent","value":"Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Teams/1.3.00.12058 Chrome/69.0.3497.128 Electron/4.2.12 Safari/537.36"}],"method":"GET","queryStrings":[{"name":"cb","value":"1590474712726"}],"startTime":1590474750161,"uri":"/evergreen-assets/icons/1x1-000000ff.png","uuid":"38c91e98-37fc-40f0-876e-ba60104b4d35"},"response":{"endTime":1590474750226,"hash":"","headers":[{"name":"Access-Control-Allow-Origin","value":"*"},{"name":"Cache-Control","value":"public, max-age=604777"},{"name":"Connection","value":"keep-alive"},{"name":"Content-Length","value":"68"},{"name":"Content-MD5","value":"5E5+z+yZNWYywTzT6qPiUA=="},{"name":"Content-Type","value":"image/png"},{"name":"Date","value":"Tue, 26 May 2020 06:32:30 GMT"},{"name":"ETag","value":"\"0x8D6D3F4152295F5\""},{"name":"Last-Modified","value":"Wed, 08 May 2019 20:30:59 GMT"},{"name":"Server","value":"Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0"}]},"userIdentity":{"encryptedUserID":"","encryptedUserName":"","groups":[]}},{"event":{"actionId":"5","actionName":"Allow","blockDescription":"The URL hosts malware.","categoryId":"55","categoryName":"Streaming Websites","clientRequestId":"c37a4c4e-a7cd-400f-820d-b82762c52975-15904746798952196-48708","confidenceId":"-1","confidenceName":"Unknown","correlatedSinkholeEvents":[{"configId":1041,"destinationPort":80,"eventId":"1590113794976#ac4bde1e-7d3d-4ff5-9cf8-772df0b1ce11#28301","eventTime":"2020-05-22T02:16:34Z","hitCount":1,"hostname":"akamaisiacncstage.com","internalIP":"192.0.2.159","l4Protocol":"TCP","l7Protocol":"HTTP","machineNames":["N/A"],"sinkholeIP":"192.0.2.147","sinkholeId":"ac4bde1e-7d3d-4ff5-9cf8-772df0b1ce11","sinkholeName":"SIA_DNS_SINKHOLE","sourcePort":48022,"url":"/","userAgent":"curl/7.47.0"}],"deepScanned":false,"deepscanReportPath":"","detectionTime":"2020-05-26T06:31:58Z","detectionType":"N/A","deviceId":"c37a4c4e-a7cd-400f-820d-b82762c52975","deviceName":"BOS-WPX5E","httpUserAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 EtpClient:3.0.0","httpVersion":"1.1","internalClientIP":"192.0.2.224","listId":"-1","listIdentifiers":[{"categoryId":55,"categoryName":"Streaming Websites","confidenceId":-1,"confidenceName":"Unknown","listId":-1,"listName":"unknown","threatId":0,"threatName":"Unclassified"},{"categoryId":73,"categoryName":"73","confidenceId":-1,"confidenceName":"Unknown","listId":-1,"listName":"unknown","threatId":0,"threatName":"Unclassified"}],"listName":"unknown","matchedGroups":[],"onrampType":"etp_client","policyId":"0","policyName":"0","reason":"Acceptable use policy","severityId":0,"severityLevel":"Unclassified","siteId":"51284","siteName":"E2E WIN 174.232 site","trigger":"null"},"id":"2","isEvent":false,"l7Protocol":"HTTPS","request":{"clientIp":"192.0.2.84","clientPort":42380,"connectionId":"0x3706B3154FAE37181163A","destinationIP":"192.0.2.90","destinationPort":443,"domain":"clickstream-killswitch.hd-personalization-prod.gcp.example.com.","headers":[{"name":"Accept","value":"*/*"},{"name":"Accept-Encoding","value":"gzip, deflate, br"},{"name":"Accept-Language","value":"en-US,en;q=0.9"},{"name":"Connection","value":"keep-alive"},{"name":"content-type","value":"application/json"},{"name":"Host","value":"clickstream-killswitch.hd-personalization-prod.gcp.example.com"},{"name":"Origin","value":"https://www.example.com"},{"name":"Referer","value":"https://www.example.com/"},{"name":"User-Agent","value":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36"}],"method":"GET","queryStrings":[],"startTime":1590474718273,"uri":"/clickstream-killswitch/v1/detail","uuid":"a1d7f692-c932-466a-82f6-e4e85bba7864"},"response":{"endTime":1590474718348,"hash":"","headers":[{"name":"Access-Control-Allow-Origin","value":"https://www.example.com"},{"name":"Content-Length","value":"1329"},{"name":"Content-Type","value":"application/json;charset=UTF-8"},{"name":"Date","value":"Tue, 26 May 2020 06:31:57 GMT"},{"name":"Vary","value":"Origin, Access-Control-Request-Method, Access-Control-Request-Headers"},{"name":"Via","value":"1.1 google"}]},"userIdentity":{"encryptedUserID":"","encryptedUserName":"","groups":[]}},{"event":{"actionId":"4","actionName":"Block - Error Page","blockDescription":"The URL hosts malware.","categoryId":"31","categoryName":"Chat Site","clientRequestId":"c37a4c4e-a7cd-400f-820d-b82762c52975-15904746699129224-48707","confidenceId":"-1","confidenceName":"Unknown","correlatedSinkholeEvents":[{"configId":1041,"destinationPort":80,"eventId":"1590113794976#ac4bde1e-7d3d-4ff5-9cf8-772df0b1ce11#28301","eventTime":"2020-05-22T02:16:34Z","hitCount":1,"hostname":"akamaisiacncstage.com","internalIP":"192.0.2.114","l4Protocol":"TCP","l7Protocol":"HTTP","machineNames":["N/A"],"sinkholeIP":"192.0.2.184","sinkholeId":"ac4bde1e-7d3d-4ff5-9cf8-772df0b1ce11","sinkholeName":"SIA_DNS_SINKHOLE","sourcePort":48022,"url":"/","userAgent":"curl/7.47.0"}],"deepScanned":false,"deepscanReportPath":"","detectionTime":"2020-05-26T06:31:46Z","detectionType":"inline","deviceId":"c37a4c4e-a7cd-400f-820d-b82762c52975","deviceName":"BOS-WPX5E","httpUserAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 EtpClient:3.0.0","httpVersion":"1.1","internalClientIP":"192.0.2.218","listId":"-1","listIdentifiers":[{"categoryId":31,"categoryName":"Chat Site","confidenceId":-1,"confidenceName":"Unknown","listId":-1,"listName":"unknown","threatId":0,"threatName":"Unclassified"}],"listName":"unknown","matchedGroups":[],"onrampType":"etp_client","policyId":"38307","policyName":"E2E-CML-stage","reason":"Acceptable use policy","severityId":0,"severityLevel":"Unclassified","siteId":"51284","siteName":"E2E WIN 174.232 site","trigger":"null"},"id":"3","isEvent":true,"l7Protocol":"HTTPS","request":{"clientIp":"192.0.2.11","clientPort":41176,"connectionId":"0x3706B3154FAE084111637","destinationIP":"2001:db8:c08f:942:b49c:17a9:4f76:73ed","destinationPort":443,"domain":"c.go-mpulse.net.","headers":[{"name":"Accept","value":"*/*"},{"name":"Accept-Encoding","value":"gzip, deflate, br"},{"name":"Accept-Language","value":"en-US,en;q=0.9"},{"name":"Connection","value":"keep-alive"},{"name":"Host","value":"c.go-mpulse.net"},{"name":"Origin","value":"https://www.akamai.com"},{"name":"User-Agent","value":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36"}],"method":"GET","queryStrings":[{"name":"key","value":"FDSGP-LEB9B-T8Y2A-5V5ED-9WX2T"},{"name":"d","value":"www.akamai.com"},{"name":"t","value":"5301582"},{"name":"v","value":"1.667.0"},{"name":"if","value":""},{"name":"sl","value":"0"},{"name":"si","value":"876aebf5-a115-47de-973b-9ac2ba2cdd1c-qaqswv"},{"name":"r","value":""},{"name":"bcn","value":"%2F%2F173e2548.akstat.io%2F"},{"name":"acao","value":""},{"name":"ak.ai","value":"593889"}],"startTime":1590474706144,"uri":"/api/config.json","uuid":"8e86b32f-9a83-4162-a008-3e2c58b09f87"},"response":{"endTime":1590474706146,"hash":"","headers":[]},"userIdentity":{"encryptedUserID":"","encryptedUserName":"","groups":[]}},{"event":{"actionId":"5","actionName":"Allow","blockDescription":"The URL hosts malware.","categoryId":"73","categoryName":"73","clientRequestId":"c37a4c4e-a7cd-400f-820d-b82762c52975-15904746509095241-48705","confidenceId":"-1","confidenceName":"Unknown","correlatedSinkholeEvents":[{"configId":1041,"destinationPort":80,"eventId":"1590113794976#ac4bde1e-7d3d-4ff5-9cf8-772df0b1ce11#28301","eventTime":"2020-05-22T02:16:34Z","hitCount":1,"hostname":"akamaisiacncstage.com","internalIP":"192.0.2.210","l4Protocol":"TCP","l7Protocol":"HTTP","machineNames":["N/A"],"sinkholeIP":"192.0.2.155","sinkholeId":"ac4bde1e-7d3d-4ff5-9cf8-772df0b1ce11","sinkholeName":"SIA_DNS_SINKHOLE","sourcePort":48022,"url":"/","userAgent":"curl/7.47.0"}],"deepScanned":false,"deepscanReportPath":"","detectionTime":"2020-05-26T06:31:28Z","detectionType":"N/A","deviceId":"c37a4c4e-a7cd-400f-820d-b82762c52975","deviceName":"BOS-WPX5E","httpUserAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 EtpClient:3.0.0","httpVersion":"1.1","internalClientIP":"192.0.2.168","listId":"-1","listIdentifiers":[{"categoryId":73,"categoryName":"73","confidenceId":-1,"confidenceName":"Unknown","listId":-1,"listName":"unknown","threatId":0,"threatName":"Unclassified"}],"listName":"unknown","matchedGroups":[],"onrampType":"etp_client","policyId":"0","policyName":"0","reason":"Acceptable use policy","severityId":0,"severityLevel":"Unclassified","siteId":"51284","siteName":"E2E WIN 174.232 site","trigger":"null"},"id":"4","isEvent":false,"l7Protocol":"HTTPS","request":{"clientIp":"192.0.2.243","clientPort":43149,"connectionId":"0x3706B3124FADC2CF9570","destinationIP":"192.0.2.248","destinationPort":443,"domain":"d.la1-c2-ia4.salesforceliveagent.com.","headers":[{"name":"Accept","value":"*/*"},{"name":"Accept-Encoding","value":"gzip, deflate, br"},{"name":"Accept-Language","value":"en-US,en;q=0.9"},{"name":"Connection","value":"keep-alive"},{"name":"Host","value":"d.la1-c2-ia4.salesforceliveagent.com"},{"name":"User-Agent","value":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36"}],"method":"GET","queryStrings":[{"name":"sid","value":"409d47de-bf85-433c-9c88-79add325835a"},{"name":"r","value":"906"},{"name":"Availability.prefix","value":"Visitor"},{"name":"Availability.ids","value":"[5730f000000HhB2,5730f000000HhAJ,5730f000000HhAY]"},{"name":"callback","value":"liveagent._.handlePing"},{"name":"deployment_id","value":"5720f0000009HUh"},{"name":"org_id","value":"00DA0000000Hu5a"},{"name":"version","value":"43"}],"startTime":1590474688053,"uri":"/chat/rest/Visitor/Availability.jsonp","uuid":"7b33eedd-8b7d-463b-80d9-996b74a0a9ee"},"response":{"endTime":1590474688139,"hash":"","headers":[{"name":"Access-Control-Allow-Origin","value":"*"},{"name":"Cache-Control","value":"no-cache"},{"name":"Connection","value":"close"},{"name":"Content-Encoding","value":"gzip"},{"name":"Content-Type","value":"text/javascript"},{"name":"Expires","value":"-1"},{"name":"Pragma","value":"no-cache"},{"name":"X-Content-Type-Options","value":"nosniff"}]},"userIdentity":{"encryptedUserID":"","encryptedUserName":"","groups":[]}}],"pageInfo":{"pageNumber":1,"pageSize":5,"totalRecords":44583}}