Cisco Cisco Firepower Management Center 4000 Entwickleranleitung
7-18
FireSIGHT System Database Access Guide
Chapter 7 Schema: Connection Log Tables
si_connection_log
si_connection_log Sample Query
The following query returns up to 25 connection event records from the
si_connection_log
table, sorted
in descending order based on packet timestamps.
SELECT first_packet_sec, last_packet_sec, initiator_ipaddr, responder_ipaddr,
security_zone_ingress_name, security_zone_egress_name, initiator_port, protocol_name,
responder_port, application_protocol_id, client_application_id, web_application_id, url,
url_category, url_reputation
FROM si_connection_log
WHERE first_packet_sec <= UNIX_TIMESTAMP("2011-10-01 00:00:00") ORDER BY
first_packet_sec
DESC, last_packet_sec DESC LIMIT 0, 25;