Cisco Cisco Firepower Management Center 4000 Guia Do Programador
7-10
FireSIGHT System Database Access Guide
Chapter 7 Schema: Connection Log Tables
connection_summary
initiator_user_last_updated_sec
The UNIX timestamp of the date and time the FireSIGHT System last
updated the user record for the user who last logged into the initiator host.
updated the user record for the user who last logged into the initiator host.
initiator_user_name
The user name of the user who last logged into the initiator host.
initiator_user_phone
The phone number of the user who last logged into the initiator host.
interface_egress_name
The ingress interface associated with the connection.
interface_ingress_name
The egress interface associated with the connection.
num_connections
The number of connections in the summary. For long-running connections,
that is, connections that span multiple connection summary intervals, only
the first connection summary is incremented.
that is, connections that span multiple connection summary intervals, only
the first connection summary is incremented.
packets_recv
The total number of packets transmitted by the session responder.
packets_sent
The total number of packets transmitted by the session initiator.
protocol_name
The name of the protocol used in the aggregated sessions.
protocol_num
http://www.iana.org/assignments/protocol-numbers
.
responder_ip_address
Field deprecated in Version 5.2. Returns
null
for all queries.
responder_ipaddr
A binary representation of the IP address of the host that responded to the
initiator of the aggregated sessions.
initiator of the aggregated sessions.
responder_port
The port used by the responder in the aggregated sessions.
responder_user_dept
The department of the user who last logged into the host that responded to
the initiator of the aggregated sessions.
the initiator of the aggregated sessions.
responder_user_email
The email address of the user who last logged into the host that responded
to the initiator of the aggregated sessions.
to the initiator of the aggregated sessions.
responder_user_first_name
The first name of the user who last logged into the host that responded to
the initiator of the aggregated sessions.
the initiator of the aggregated sessions.
responder_user_id
An internal identification number for the user who last logged into the host
that responded to the initiator of the aggregated sessions.
that responded to the initiator of the aggregated sessions.
responder_user_last_name
The last name of the user who last logged into the host that responded to the
initiator of the aggregated sessions.
initiator of the aggregated sessions.
responder_user_last_seen_sec
The UNIX timestamp of the date and time the FireSIGHT System last
detected user activity for the user who last logged into the host that
responded to the initiator of the aggregated sessions.
detected user activity for the user who last logged into the host that
responded to the initiator of the aggregated sessions.
responder_user_last_updated_sec
The UNIX timestamp of the date and time the FireSIGHT System last
updated the user record for the user who last logged into the host that
responded to the session initiator.
updated the user record for the user who last logged into the host that
responded to the session initiator.
responder_user_name
The user name of the user who last logged into the host that responded to
the initiator of the aggregated sessions.
the initiator of the aggregated sessions.
responder_user_phone
The phone number of the user who last logged into the host that responded
to the initiator of the aggregated sessions.
to the initiator of the aggregated sessions.
security_zone_egress_name
The egress security zone in the connection event.
security_zone_ingress_name
The ingress security zone in the connection event.
Table 7-4
connection_summary Fields (continued)
Field
Description