Cisco Cisco Firepower Management Center 4000 Entwickleranleitung

The following table describes the joins you can perform on the 

 table.

The following query returns up to 25 user event records generated by a selected managed device since a 
particular date and time.

SELECT event_time_sec, ipaddr, sensor_name, event_type, user_name, user_last_seen_sec, 

user_last_updated_sec 

FROM user_discovery_event 

WHERE sensor_name = sensor_name 

AND user_last_seen_sec >= UNIX_TIMESTAMP("2011-10-01 00:00:00") ORDER BY event_type ASC 

LIMIT 0, 25;

user_id

The internal identification number of the user who last logged onto the host.

user_last_name

The last name of the user.

user_last_seen_sec

The UNIX timestamp of the date and time the system last reported a login for the 
user.

user_last_updated_sec

The UNIX timestamp of the date and time the user’s information was last updated.

user_name

The user name for the user who last logged onto the host.

user_phone

The phone number for the user who last logged onto the host.

ipaddr

user_id