Events for Attack (firewall).Possible values are as follows:
207 = Active Response
211 = Active Response disengaged
219 = Active Response canceled
217 = Executable file change accepted
218 = Executable file change denied
220 = Application Hijack
201 = N/A (invalid traffic by rule)
202 = Port Scan
203 = Denial-of-service attack
204 = Trojan horse
206 = Intrusion Prevention
208 = MAC Spoofing