A-5
User Guide for Cisco Security MARS Local Controller
78-17020-01
Appendix A Cisco Security MARS XML API Reference
XML Incident Notification Data File and Schema
<IPAddress>133.67.205.96</IPAddress>
<MAC />
<DNSName />
<DynamicInfo>
<HostName />
<MACAddress />
<AAAUser />
<EnforcementDeviceAndPort />
<ReportingDevice />
<StartTime>Dec 31, 1969 4:00:00 PM PST</StartTime>
<EndTime>Dec 31, 1969 4:00:00 PM PST</EndTime>
<UpdateTime>Dec 31, 1969 4:00:00 PM PST</UpdateTime>
</DynamicInfo>
</NetworkAddressObj>
<NetworkAddressObj id="167981768">
<IPAddress>10.3.50.200</IPAddress>
<MAC />
<DNSName />
<DynamicInfo>
<HostName />
<MACAddress />
<AAAUser />
<EnforcementDeviceAndPort />
<ReportingDevice />
<StartTime>Dec 31, 1969 4:00:00 PM PST</StartTime>
<EndTime>Dec 31, 1969 4:00:00 PM PST</EndTime>
<UpdateTime>Dec 31, 1969 4:00:00 PM PST</UpdateTime>
</DynamicInfo>
</NetworkAddressObj>
<NetworkAddressObj id="1766489909">
<IPAddress>105.74.127.53</IPAddress>
<MAC />
<DNSName />
<DynamicInfo>
<HostName />
<MACAddress />
<AAAUser />
<EnforcementDeviceAndPort />
<ReportingDevice />
<StartTime>Dec 31, 1969 4:00:00 PM PST</StartTime>
<EndTime>Dec 31, 1969 4:00:00 PM PST</EndTime>
<UpdateTime>Dec 31, 1969 4:00:00 PM PST</UpdateTime>
</DynamicInfo>
</NetworkAddressObj>
<EventTypeObj id="1139">
<Name>1106022</Name>
<Description>Denied spoofed packet - different ingress interface</Description>
<Severity>HIGH</Severity>
<CVE />
</EventTypeObj>
<EventTypeObj id="1135">
<Name>1106001</Name>
<Description>Deny packet due to security policy</Description>
<Severity>LOW</Severity>
<CVE />
</EventTypeObj>
<EventTypeObj id="1137">
<Name>1106016</Name>
<Description>Denied IP spoof</Description>
<Severity>MEDIUM</Severity>
<CVE />
</EventTypeObj>
<DeviceObj id="128783">
<Name>pixie</Name>
