Viewing context table records

To view a list of context table records:

1. In the KUMA Console, select the Resources section.
2. In the Services section, click the Active services button.
3. In the context menu of the correlator for which you want to view the context table, select Go to context tables.

   This opens the Correlator context tables window.

4. In the Name column, select the relevant context table.

The list of records for the selected context table is displayed.

The list contains the following data:

• Key is the composite key of the record. It is comprised by one or more values of key fields, separated by the "|" character. If one of the key field values is absent, the separator character is still displayed.

  For example, a record key consists of three fields: DestinationAddress, DestinationPort, and SourceUserName. If the last two fields do not contain values, the record key is displayed as follows: 43.65.76.98| | .

• Record repetitions is the total number of times the record was mentioned in events and identical records were downloaded when importing context tables to KUMA.
• Expiration date – date and time when the record must be deleted.

  If the TTL field had the value of 0 when the context table was created, the records of this context table are retained for 36,000 days (approximately 100 years).

• Updated is the date and time when the context table was updated.