Cisco Cisco Firepower Management Center 4000 Entwickleranleitung

geolocation_stats_current_timeframe Joins

You cannot perform joins on the 

 tables.

geolocation_stats_current_timeframe Sample Query

The following query returns source country and sensor name for the first 25 connection events from Asia 
during the current day.

SELECT sensor_name, source_continent 

FROM geolocation_stats_current_year 

WHERE destination_continent='as' 

LIMIT 20;

ids_impact_stats_current_timeframe

The 

 tables contain statistics regarding intrusion events based on impact 

levels. Statistics can be extracted based on impact level, device, and how the packets are handled.

For an understanding of the 

, 

, and 

 statistics tables, see 

.

For more information on the 

 tables, see the following sections:

ids_impact_stats_current_timeframe Fields

The following table describes the fields you can access in the 

 

tables. All tables of this type contain the same fields.

blocked

Number of connections blocked due to violation of an intrusion policy.

impact_level_1

The number of impact level 1 (vulnerable) intrusion events recorded for the 
application.

impact_level_2

The number of impact level 2 (potentially vulnerable) intrusion events.

impact_level_3

The number of impact level 3 (host currently not vulnerable) intrusion 
events.

impact_level_4

The number of impact level 4 (unknown target) intrusion events.

impact_level_5

The number of impact level 5 (unknown vulnerability) intrusion events.

sensor_address

The IP address of the managed device that generated the event. Format is 

.