Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi All, I am observing the event File_Malware_Event triggered from the Cisco Source File console. On SIEM console , I have checked the payload fileEventData.direction = 2 and fileeventData.action=3. Traffic observed from the source IP 10.13.x.x tow...
Hi All, I have received quarantine event failed with the error code 3221225531 in AMP console. I couldn't able to get the exact details for the corresponding event id. Can some one help me to understand the meaning of this error code.
Hi All, I have observed a internal to internal machine traffic and observed the event IOC_STATE_RECORD on my SIEM console. This event flagged by the cisco firepower center (FMC), checked the traffic logs between the these two internal machines. Obser...
Thank you for your reply.Yes I have found iocState.value=11 on my payload. I have searched the valueof 11 from the link which you have provided.its says New TCP Server for the value 11.Please correct me am I referring to the correct content.
