09-10-2020 09:19 AM
Hi Community,
I have Cisco_Firepower_Estreamer and forwarded all the logs in to my SIEM (QRadar). from there I have identified below event type. Can someone please help me on clear these events activities.
Event type - IOC_STATE_RECORD (what this means)
iocState.value= (have different values) like 51, 52, 16, 2. What this means ? any reference link to get idea
recordType=IOC_STATE_RECORD
eventType=HOST_IOC_SET_TYPE for all events this event type is same.
detectionEngineRef= 1,0,4,etc. what this meant any reference link to get idea on this.
09-29-2020 03:57 AM
Event details for FMC 6.1.0
07-21-2021 09:57 AM
Can you provide us with official documentation for this issue?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide