Cisco Cisco Firepower Management Center 4000 Guía Del Desarrollador

app_ids_stats_current_timeframe Joins

The following table describes the joins you can perform on the 

timeframe 

tables.

app_ids_stats_current_timeframe Sample Query

The following query returns up to 25 application records from the 

 table. 

Each record contains the number of blocked connections and intrusion events for the application over 
the time interval.

SELECT from_unixtime(start_time_sec), sum(blocked) 

FROM app_ids_stats_current_day 

WHERE start_time_sec = unix_timestamp("2013-12-15");

risk_description

A description of the estimated risk (

very low

, 

low

, 

medium

, 

high

, 

critical

).

sensor_address

The IP address of the managed device that generated the event. Format is 

.

sensor_id

ID of the device that provided the event.

sensor_name

The name of the managed device that generated the intrusion event.

sensor_uuid

A unique identifier for the managed device, or 

0

 if 

sensor_name

 is 

null

.

start_time_sec

The UNIX timestamp of the date and time the measurement interval starts. 
For detailed information, see 

.

would_have_dropped

Number of packets that would have been dropped if the intrusion policy had 
been configured to drop packets in an inline deployment.

application_id