Symantec 10521146 - Network Security 7120 Administration Manual page 335

Table B-4 MySQL Event Table
Field Name Type
clusterID integer
contextBuffer text
contextDesc text
crtTime integer
custID varchar(41)
dips varchar(195)
dst_etheraddr varchar(33)
dvName varchar(41)
endTime integer
eventCode varchar(65)
eventNum integer
flowcookie text
fmly varchar(33)
guiTxt varchar(65)
Description
Indicates the user-defined Network Security
cluster ID where the incident originated.
Indicates additional information sent by the
sensor. Not every event will have context
information.
Indicates the description of the data in
contextBuffer.
Indicates the time when this event was realized in
the analysis framework.
Indicates the Customer ID that this event is
associated with.
Indicates a list of destination IPs for this event.
Indicates the destination ethernet address.
Indicates the name of the network device where
the event was detected.
Indicates the end time for this event, according to
the sensor.
Indicates the Symantec standard code
representing the event.
Indicates the event number for this incident. The
first event in an incident will have an eventNum
of 1. The eventNum will be incremented by 1 for
each subsequent event.
Indicates the flowcookie.
Indicates the event family.
Deprecated.
SQL reference 335
Using MySQL tables
Notes
Example: For HTTP
events, this may be a
URL. For FTP events,
this may be a
username.
Base-64 encoded.
Standard UNIX time
format (seconds since
1970 GMT)
Standard UNIX time
format.
For class=sniffer
events, this is
integrity or
availability. For
class=generic
events, this is
fnotice or notice