Manualsbrain.com
  1. Manuais
  2. Marcas
  3. Cisco
  4. Cisco Firepower Management Center 4000
  5. Guia Do Programador

Cisco Cisco Firepower Management Center 4000 Guia Do Programador

Download
Página de 180
 
3-7
FireSIGHT System Database Access Guide
 
Chapter 3      Schema: System-Level Tables
  fireamp_event
retroactive_
 
disposition
Disposition of the file if the disposition is updated. If the disposition is not updated, this 
field contains the same value as the 
disposition
 field. The possible values are the same 
as the 
disposition
 field.
security_context
Description of the security context (virtual firewall) that the traffic passed through. Note 
that the system only populates this field for ASA FirePOWER devices in multi-context 
mode.
score
A numeric value from 
0
 to 
100
 based on the potentially malicious behaviors observed 
during dynamic analysis.
sensor_address
IP address of the device that generated the event. 
sensor_id
ID of the device that generated the event.
sensor_name
The text name of the managed device that generated the event record. This field is 
null
 
when the event refers to the reporting device itself, rather than to a connected device.
sensor_uuid
A unique identifier for the managed device, or 
0
 if 
fireamp_event.sensor_name
 is 
null
.
src_continent_name
The name of the continent of the source host.
**
 - Unknown
na
 - North America
as
 - Asia
af
 - Africa
eu
 - Europe
sa
 - South America
au
 - Australia
an
 - Antarctica
src_country_id
Code for the country of the source host.
src_country_name
Name of the country of the source host.
src_ip_address_v6
Field deprecated in Version 5.2. Returns 
null
 for all queries.
src_ipaddr
A binary representation of the IPv4 or IPv6 address for the source of the connection.
src_port
Port number for the source of the connection. 
threat_name
Name of the threat.
timestamp
The FireAMP event generation timestamp.
url
The URL of the source of the connection.
user_id
An internal identification number for the user who last logged into the host that sent or 
received the file. This user is in the 
discovered_users
 table.
username
The name of the user who last logged into the host that sent or received the file.
web_application_id
The internal identification number for the web application, if applicable.
web_application_name
Name of the web application, if applicable.
Table 3-3
fireamp_event Fields (continued)
Field
Description