Cisco Cisco Firepower Management Center 4000 Entwickleranleitung
6-8
FireSIGHT System Database Access Guide
Chapter 6 Schema: Discovery Event and Network Map Tables
application_info
application_host_map Sample Query
The following query returns information about the applications detected on the host with a
host_id
of
8
.
SELECT host_id, application_id, application_name, business_relevance, risk
FROM application_host_map
WHERE HEX(host_id) = "00000000000000000000000000000008";
application_info
The
application_info
table contains information about the applications that can be detected on the
hosts in your monitored network.
You can retrieve the list of tags associated with an application from the
application_tag_map
table by
joining on
application_id
. Similarly, you can retrieve an application’s list of associated categories from
the
application_host_map
by joining on
application_id
.
For more information, see the following sections:
•
•
•
application_info Fields
The following table describes the fields you can access in the
application_info
table.
Table 6-4
application_info Fields
Field
Description
application_description
A description of the application.
application_id
The internal identification number for the application.
application_name
The application name that appears in the user interface.
business_relevance
An index (from
1
to
5
) of the application’s relevance to business
productivity, where
1
is very low and
5
is very high.
business_relevance_description
A description of business relevance (
very low
,
low
,
medium
,
high
,
very
high
).
is_client_application
A true-false flag that indicates if the detected application is a client.
is_server_application
A true-false flag that indicates if the detected application is a server
application.
application.
is_web_application
A true-false flag that indicates if the detected application is a web
application.
application.
risk
An index (from
1
to
5
) of the application’s estimated risk where
1
is very
low risk and
5
is critical risk.
risk_description
A description of the risk (
very low
,
low
,
medium
,
high
, and
critical
).