Cisco Cisco Firepower Management Center 4000 Guide Du Développeur
C H A P T E R
5-1
FireSIGHT System Database Access Guide
5
Schema: Statistics Tracking Tables
This chapter contains information on the schema and supported joins for application and URL statistics
tracking tables. These tables collect statistical information on:
tracking tables. These tables collect statistical information on:
•
access control and intrusion events by application and by user
•
bandwidth usage and connection decisions by application and by user
•
bandwidth usage and connection decisions by URL reputation (risk) and by URL business relevance
For links to details on each table, see the following table.
Table 5-1
Application and URL Statistics Tables
See
For the table that stores statistics on...
Version
access control and intrusion protection activity, by
application and a range of application attributes.
application and a range of application attributes.
5.0+
traffic volume and system access control activity
(connections allowed or denied), by application and a
range of application attributes.
(connections allowed or denied), by application and a
range of application attributes.
5.0+
access control activity by location.
5.2+
statistics for intrusion events (connections blocked and
would have dropped) by impact levels.
would have dropped) by impact levels.
5.1.1+
contain statistics for all connections. Statistics can be
extracted based on bytes, connection, sensor, and time.
extracted based on bytes, connection, sensor, and time.
5.2+
contain statistics for files based on disposition. Statistics
can be extracted based on bytes, disposition, sensor, and
time.
can be extracted based on bytes, disposition, sensor, and
time.
5.3+
contain statistics for files based on file type. Statistics can
be extracted based on bytes, file type, sensor, and time.
be extracted based on bytes, file type, sensor, and time.
5.3+
contain statistics for connections based on file type.
Statistics can be extracted based on bytes, connection,
file type, sensor, and time.
Statistics can be extracted based on bytes, connection,
file type, sensor, and time.
5.3+
traffic volume and system access control activity
(connections allowed or denied), by the category of the
requested website.
(connections allowed or denied), by the category of the
requested website.
5.0+
traffic volume and system access control activity
(connections allowed or denied), by the reputation of the
requested website.
(connections allowed or denied), by the reputation of the
requested website.
5.0+