where does Cisco Mention the 100 Files, and is this per license, for eg if you have an Active pair of Firewalls runnings Firepower, do you 100 x 2 per 24 hours.

How does Firepower indicate when the 100 file  limit is exceeded? Is it via the word of 'unknown' as a classification type?

Sorry the correct number is currently 200. See the link I posted on 11/152017. It is 200 for your organization. You need to purchase ThreatGrid Analysis packs to exceed that number.

When you exceed it you will get a warning message in your FMC. If you're not a current ThreatGrid customer, you can also request access to a mini-ThreatGrid portal if you want to see exactly how many files are being submitted.

Assuming you have your File policy in FMC set to submit unknown files to the cloud for analysis, Cisco will analyze them on the backend (up to 200 per day) using the ThreatGrid sandbox and other techniques.

You do not have access to the sandbox videos and detailed dynamic analysis data for files submitted thus - only the disposition that is reported back to your FMC.

If you submit manually using ThreatGrid then you have access to the full analysis details.

Is this information for FireAMP for Networks, file submission to the threatgrid?  We already have a threatgrid.  But we are not getting the expected results.