Cisco Cisco Firepower Management Center 2000 Entwickleranleitung

If you are not familiar with how supported MySQL syntax is expressed, see the following table for tips.

Any 

SELECT

 statement syntax not listed above is not supported. In particular, the FireSIGHT System 

database access feature does not support:

SELECT *

, that is, you must explicitly specify fields

unions

subqueries

the 

WITH ROLLUP

 modifier to the 

GROUP BY

 clause

the 

INTO

 clause

the 

FOR UPDATE

 clause

The joins you can perform on Cisco database tables are limited, for performance and other practical 
reasons. Cisco does not allow you to perform joins where the result is not likely to be useful for event 
analysis.

You can perform only inner joins and left (outer) joins. Nested joins, cross joins, natural joins, right 
(outer) joins, full (outer) joins, and joins with the 

USING

 clause are not supported.

The schema documentation indicates the supported joins for each table. Joins not listed are not 
supported. For example, you cannot join the 

 and 

 tables on IP 

address fields, even though both tables contain IP address information. In addition, joins on deprecated 
tables and deprecated fields are not listed.

The Cisco database stores some data in formats that may not be display-friendly. The following sections 
detail how to perform queries on various fields so your queries are successful and your results appear as 
expected:

brackets

[]

an optional clause or argument

curly brackets

{}

a required clause or argument

pipe

|

a choice between clauses or arguments