Cisco Cisco Firepower Management Center 2000 Entwickleranleitung

The following table describes the joins you can perform using the 

 table.

The following query returns discovery event records that include the user, detecting device name, 
timestamp, host IP address, and so on within the specified times.

SELECT sensor_name, event_time_sec, event_time_usec, event_type, ipaddr, user_id,

hex(mac_address), mac_vendor, port, confidence FROM network_discovery_event 

WHERE event_time_sec 

BETWEEN UNIX_TIMESTAMP("2013-01-01 00:00:00") AND UNIX_TIMESTAMP("2013-01-01 23:59:59") 

ORDER BY event_time_sec DESC, event_time_usec DESC;

sensor_name

The managed device that generated the discovery event.

sensor_uuid

A unique identifier for the managed device, or 

0

 if 

sensor_name

 is 

null

.

user_dept

The department of the user who last logged into the host.

user_email

The email address of the user who last logged into the host.

user_first_name

The first name of the user who last logged into the host.

user_id

The internal identification number for the user who last logged into the host.

user_last_name

The last name of the user who last logged into the host.

user_last_seen_sec

The UNIX timestamp of the date and time the FireSIGHT System last detected user 
activity for the user who last logged into the host.

user_last_updated_sec

The UNIX timestamp of the date and time the FireSIGHT System last updated the user 
record for the user who last logged into the host.

user_name

The user name of the user who last logged into the host.

user_phone

The phone number of the user who last logged into the host.

ipaddr