Cisco Cisco Firepower Management Center 4000 Entwickleranleitung

The following table describes the joins you can perform on the 

 table.

The following query returns up to 25 records generated before a specified time. The records include 
white list event information such as the compliance policy name, timestamp the event was generated, 
white list name, and so on.

SELECT policy_name, policy_time_sec, ipaddr, user_name, port, description, 

white_list_name, priority, host_criticality, sensor_name 

FROM white_list_event WHERE policy_time_sec <= UNIX_TIMESTAMP("2011-10-01 00:00:00") 

ORDER BY policy_time_sec DESC LIMIT 0, 25;

The 

 table track compliance white list violations, which track the ways that the 

hosts on your network violate the compliance white lists in active compliance policies.

For more information, see the following sections:

user_last_updated_sec

The UNIX timestamp of the date and time the user’s information was last updated.

user_name

The login user name for the user.

user_phone

The phone number for the user.

vlan_id

The VLAN identification number, if applicable.

white_list_name

The white list that was violated.

white_list_uuid

A unique identifier for the white list.

ipaddr