Manualsbrain.com
  1. Handbücher
  2. Marken
  3. Cisco
  4. Cisco Firepower Management Center 2000
  5. Entwickleranleitung

Cisco Cisco Firepower Management Center 2000 Entwickleranleitung

Download
Seite von 180
 
6-22
FireSIGHT System Database Access Guide
 
Chapter 6      Schema: Discovery Event and Network Map Tables 
  rna_host_ioc_state
rna_host_ioc_state Fields
The following table describes the fields you can access in the 
rna_host_ioc_state
 table.
Table 6-18
rna_host_ioc_state Fields 
Field
Description
first_seen
Unix timestamp when the compromise was first detected.
first_seen_sensor_address
The IP address of the managed device that first detected the compromise. Format is 
ipv4_address,ipv6_address
.
first_seen_sensor_name
The managed device that first detected the compromise.
host_id
ID number of the host.
ioc_category
The category for the compromise. Possible values include:
  •
CnC Connected
  •
Exploit Kit
  •
High Impact Attack
  •
Low Impact Attack
  •
Malware Detected
  •
Malware Executed
  •
Dropper Infection
  •
Java Compromise
  •
Word Compromise
  •
Adobe Reader Compromise
  •
Excel Compromise
  •
PowerPoint Compromise
  •
QuickTime Compromise
ioc_description
Description of the compromise.