Manualsbrain.com
  1. Handbücher
  2. Marken
  3. Cisco
  4. Cisco Firepower Management Center 2000
  5. Entwickleranleitung

Cisco Cisco Firepower Management Center 2000 Entwickleranleitung

Download
Seite von 180
 
3-10
FireSIGHT System Database Access Guide
 
Chapter 3      Schema: System-Level Tables 
  sru_import_log
sru_import_log
The 
sru_import_log
 table contains information on rule update processes that have been run on your 
appliances. The 
sru_import_log
 table supersedes the deprecated 
seu_import_log
 table starting with 
Version 5.0 of the FireSIGHT System.
For more information, see the following sections:
  •
  •
  •
sru_import_log Fields
The following table describes the database fields you can access in the 
sru_import_log
 table.
Table 3-6
sru_import_log Fields 
Field
Description
action
Indicates the action that has occurred for the imported rule update object type:
  •
apply
 - the 
Reapply intrusion policies after the Rule Update import completes
 option was enabled for the 
import
  •
changed
 - for a rule update component or rule, the rule update component was modified, or 
the rule has a higher revision number and the same GID and SID
  •
collision
 - for a rule update component or rule, import was skipped because its revision 
conflicts with an existing component or rule on the appliance
  •
deleted
 - for rules, the rule has been deleted from the rule update
  •
disabled
 - for rules, the rule has been disabled in a default policy provided by Cisco
  •
drop
 - for rules, the rule has been set to 
Drop and Generate Events 
in a default policy provided by 
Cisco
  •
enabled
 - for a rule update, edit, a preprocessor, rule, or other feature provided by the rule 
update has been enabled in a default policy provided by Cisco
  •
error
 - for a rule update or local rule file, the import failed
  •
new
 - for a rule, this is the first time the object has been stored on this appliance
detail
Either a comment string unique for the change applied by the imported rule update to the 
component or rule, or blank, for a rule that has not changed.
generator_id
The GID for the generator for a rule.
import_time_sec
The UNIX timestamp of the date and time the rule update import was logged.
name
The name of the imported object. For rules, this corresponds to the rule message. For rule update 
components, this is the component name, such as online help or Snort.
policy
All
, indicating that a rule is included in all default policies.
revision
Revision number for a rule.
signature_id
The SID for a rule or set of rules, decoder, or preprocessor.
sru_name
Descriptive name of the rule update.