Cisco Cisco Firepower Management Center 4000 Entwickleranleitung

You cannot perform joins on the 

 table.

The following query returns up to 25 records generated before a given date. These records include 
remediation status information such as the remediation timestamp, the status message, and so on. 

SELECT policy_time_sec, remediation_time_sec, remediation_name, policy_name, 

policy_rule_name, status_text 

FROM remediation_status WHERE remediation_time_sec <= UNIX_TIMESTAMP("2011-10-01 

00:00:00") 

ORDER BY policy_time_sec 

DESC LIMIT 0, 25;

The 

 table contains white list events that are generated when the system detects a host 

not compliant with a white list in an active white list compliance policy.

Note that starting in Version 5.0, the FireSIGHT System records the detection of network and user 
activity at the managed device level, no longer by detection engine. The 

detection_engine_name

 and 

detection_engine_uuid

 fields in the 

 table now return only 

null

, and queries that join 

on those fields return zero records. Querying on the 

sensor_uuid

 field instead of 

detection_engine_uuid

 provides the equivalent information.

For more information, see the following sections:

remediation_time_sec

The UNIX timestamp of the date and time the Defense Center launched the remediation.

status_text

A message that describes what happened when the remediation was launched, such as 
“

successful completion of remediation

.”