Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3954
Views
5
Helpful
2
Replies

Cisco_Firepower_Estreamer event types

Kalana Kaushanga
Level 1
Level 1

‎09-10-2020 09:19 AM

Hi Community,

 

I have Cisco_Firepower_Estreamer and forwarded all the logs in to my SIEM (QRadar). from there I have identified below event type. Can someone please help me on clear these events activities.

 

Event type -  IOC_STATE_RECORD (what this means)

iocState.value= (have different values) like 51, 52, 16, 2. What this means ? any reference link to get idea 

recordType=IOC_STATE_RECORD 

eventType=HOST_IOC_SET_TYPE for all events this event type is same.

detectionEngineRef= 1,0,4,etc. what this meant any reference link to get idea on this.

 

 

 

 

 

0 Helpful
2 Replies 2

Kalana Kaushanga
Level 1
Level 1

‎09-29-2020 03:57 AM

Event details for FMC 6.1.0

ioc.png

MSS_PROOF
Level 1
Level 1

‎07-21-2021 09:57 AM

Can you provide us with official documentation for this issue?

0 Helpful
Customers Also Viewed These Support Documents