Cisco Cisco Firepower Management Center 2000 Guía Del Desarrollador

sandboxed

Indicates whether the file was sent for dynamic analysis. Possible values are: 

Sent for Analysis

Failed to Send

File Size is Too Small

File Size is Too Large

Sent for Analysis

Analysis Complete

Failure (Network Issue)

Failure (Rate Limit)

Failure (File Too Large)

Failure (File Read Error)

Failure (Internal Library Error)

File Not Sent, Disposition Unavailable

Failure (Cannot Run File)

Failure (Analysis Timeout)

File Not Supported

score

A numeric value from 

0

 to 

100

 based on the potentially malicious behaviors 

observed during dynamic analysis.

security_context

Description of the security context (virtual firewall) that the traffic passed 
through. Note that the system only populates this field for ASA FirePOWER 
devices in multi-context mode.

sensor_address

A binary representation of the IP address of the device that provided the event.

sensor_id

ID for the device that provided the event. 

sensor_name

The text name of the managed device that generated the event record. This field is 

null

 when the event refers to the reporting device itself, rather than to a connected 

device.

sensor_uuid

A unique identifier for the managed device, or 

0

 if 

sensor_name

 is 

null

.

signature_processed

Indicated whether the file’s signature was processed.

src_continent_name

The name of the continent of the source host.

**

 - Unknown

na

 - North America

as

 - Asia

af

 - Africa

eu

 - Europe

sa

 - South America

au

 - Australia

an

 - Antarctica

src_country_id

Code for the country of the source host.

src_country_name

Name of the country of the source host.