Netskope Help

Transaction Event Fields

The following tables list the transaction event type, field, description, and example.

Date / Time Transaction Events

Field

Description

Example

date

Date of generation, YY-MM-DD format.

08/07/19

time

Time of generation in HH:MM-SEC format in GMT.

01:02-39

time-taken

Delta (integer value in ms) when the request processing started and the full response was received.

589

Client Connector Device Information Transaction Events

Field

Description

Example

x-c-os

Operating system of the client.

Windows 10

x-c-browser

Client's browser.

Firefox

x-c-browser-version

Client's browser version.

50

x-c-device

Client's device type.

Windows device

x-cs-site

Destination site.

Google Maps

x-cs-timestamp

Date of the request as epoch time.

1480330369

x-cs-page-id

Identifier associated with the page event object.

1170730000000000000

x-cs-userip

The client IP address.

199.188.180.55

Client Transaction Events

Field

Description

Example

cs-bytes

Bytes received from the client.

1093

bytes

Sum of client bytes plus server bytes.

18177

Cloud Application Transaction Events

Field

Description

Example

x-cs-app

Cloud application name

Dropbox

x-category

Primary category name applicable for the url in this transaction.

"Cloud Storage"

x-other-category

Secondary categories applicable for the url in this transaction.

"News & Media; Entertainment"

x-cs-traffic-type

Type of traffic could be "Web" or "CloudApp".

Web

Geolocation Transaction Events

Field

Description

Example

x-s-country

Destination country

United States

x-s-latitude

Destination latitude

37.4192009

x-s-longitude

Destination longitude

-122.0574036

x-s-location

Destination location (e.g. city)

Mountain View

x-s-region

Destination region (e.g. state)

California

x-s-zipcode

Destination zip code.

94043

x-c-country

Country of the client (user).

United States

x-c-latitude

Latitude of the client.

37.3394

x-c-longitude

Longitude of the client.

-121.895

x-c-location

Location of the client.

Menlo Park

x-c-region

Region of the client.

California

x-c-zipcode

Zip code of the client.

94025

HTTP Transaction Events

Field

Description

Example

cs-method

The HTTP method (e.g. GET, POST).

POST

cs-uri-scheme

The protocol used.

https

cs-uri-query

The query string portion of the HTTP request.

q=a&b=c

cs-user-agent

The user-agent header in the HTTP request.

Mozilla/5.0 (Windows NT 10.0; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0

cs-content-type

The content-type header in the HTTP request.

application/json

sc-status

The HTTP status code received from the server.

200

sc-content-type

The content-type header from the response.

text/html

cs-dns

The destination domain requested.

google.co.in

cs-host

The value in the host header from the request.

google.co.in

cs-uri

Path information plus query string.

/home.html?key=123

cs-uri-port

Port specified in the request header.

443

cs-referer

The value of the referrer header.

https://www.google.com

x-cs-session-id

A session for the current user which consists of: user, device, OS, app, browser

50530900000000000

x-transaction-id

Transaction ID needed to correlate application events with transaction events.

1821255295454864980

Network Transaction Events

Field

Description

Example

c-ip

Client IP as seen by the Netskope proxy. This will be the machine IP if available, IPv4 address.

70.42.129.126

s-ip

The server IPv4 address.

216.58.193.67

x-cs-tunnel-id

VPN tunnel ID

998a4499-a5a6-4a55-b243-b67ce89dd870

Server Transaction Events

Field

Description

Example

sc-bytes

Bytes received from the server.

17084

x-type

Type of log message.

http_transaction

x-server-ssl-err

Description of SSL error between proxy and content servers.

Handshake error (error:141A318A:SSL routines: tls_process_ske_dhe:dh key too small) Blocked by SSL_HANDSHAKE_ERROR

x-client-ssl-err

Description of SSL error between client (browser) and proxy.

Handshake error (error:1417A0C1:SSL routines: tls_post_process_client_hello:no shared cipher)

Steering Transaction Event

Field

Description

Example

x-access-method

Steering method used to access the Netskope cloud.

Client

User Information Transaction Event

Field

Description

Example

cs-username

The client's username.

Bill@companyname.com