Manualsbrain.com
  1. Handbücher
  2. Marken
  3. Cisco
  4. Cisco Firepower Management Center 2000
  5. Entwickleranleitung

Cisco Cisco Firepower Management Center 2000 Entwickleranleitung

Download
Seite von 180
 
5-6
FireSIGHT System Database Access Guide
 
Chapter 5      Schema: Statistics Tracking Tables 
  app_stats_current_timeframe
app_stats_current_timeframe
The 
app_stats_current_
timeframe
 tables contain statistics on bandwidth usage and access control 
actions (connection allowed or denied), by application and by device that monitored the traffic. You can 
filter these statistics by the business relevance, estimated risk, and type of the application.
For an understanding of the 
current_day
current_month
, and 
current_year
 statistics tables, see 
.
For more information on the 
app_stats_current_
timeframe
 tables,
 
see the following sections:
  •
  •
  •
app_stats_current_timeframe Fields
The following table describes the fields you can access in the 
app_stats_current_
timeframe
 tables.
Table 5-5
app_stats_current_timeframe Fields 
Field
Description
application_id
The internal identification number for the application.
application_name
The application name that appears in the user interface.
business_relevance
An index (from 
1
 to 
5
) of the application’s relevance to business productivity 
where 
1
 is very low and 
5
 is very high.
business_relevance_description
A description of business relevance (
very low
low
medium
high
very high
).
bytes_in
The bytes of inbound traffic for the application during the specified interval.
bytes_out
The bytes of outbound traffic for the application during the specified 
interval.
connections_allowed
The number of connections allowed. 
connections_denied
The number of connections denied due to violation of an access control 
policy.
is_client_application
A true-false flag that indicates if the detected application is a client 
application.
is_server_application
A true-false flag that indicates if the detected application is an application 
protocol.
is_web_application
A true-false flag that indicates if the detected application is a web 
application.
risk
An index (from 
1
 to 
5
) of the application’s estimated risk where 
1
 is very low 
risk and 
5
 is critical risk.
risk_description
A description of the estimated risk (
very low
low
medium
high
critical
).
sensor_address
The IP address of the managed device that monitored the traffic. Format is 
ipv4_address,ipv6_address
.
sensor_id
The internal identification number of the managed device that detected the 
traffic.
sensor_name
The name of the managed device that detected the traffic.