Cisco Cisco Firepower Management Center 4000 Entwickleranleitung
5-15
FireSIGHT System Database Access Guide
Chapter 5 Schema: Statistics Tracking Tables
url_category_stats_current_timeframe
transmission_stats_by_file_type_current_timeframe Joins
You cannot perform joins on the
transmission_stats_current_
timeframe
tables.
transmission_stats_by_file_type_current_timeframe Sample Query
The following query returns the number of dropped and sent connections for each sensor, in descending
order by
order by
file_type
during the current day.
SELECT sensor_name, number_dropped, number_sent, file_type
FROM transmission_stats_by_file_type_current_day
ORDER BY file_type DESC;
url_category_stats_current_timeframe
The
url_category_stats_current_
timeframe
tables contain statistics on the bandwidth usage and
connections associated with requests to URLs in specified URL categories. You can also constrain
queries on the managed device that monitored the traffic.
queries on the managed device that monitored the traffic.
For an understanding of the
current_day
,
current_month
, and
current_year
statistics tables, see
.
For more information on the
url_category_stats_current_
timeframe
tables, see the following sections:
•
•
•
number_dropped
Number of files of this type dropped.
number_sent
Number of files of this type sent.
sensor
ID of the device that detected the file.
sensor_address
The IP address of the managed device that generated the event. Format is
ipv4_address,ipv6_address
.
sensor_name
The name of the managed device that generated the intrusion event.
sensor_uuid
A unique identifier for the managed device, or
0
if
sensor_name
is
null
.
start_time_sec
The UNIX timestamp of the date and time the measurement interval starts.
For detailed information, see
For detailed information, see
.
Table 5-12
transmission_stats_by_file_type_current_timeframe Fields (continued)
Field
Description