Cisco Cisco Firepower Management Center 2000 Guía Del Desarrollador
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
222
Understanding Discovery & Connection Data Structures
Metadata for Discovery Events
Chapter 4
This event uses the following format:
Identity Conflict and Identity Timeout System Messages
The Identity Conflict and Identity Timeout event messages each have a standard
discovery event header (as documented in
page 198) followed by an Identity data block (as documented in
on page 294). These messages are generated when there are conflicts or
timeouts in a fingerprint source identity.
This event uses the following format:
This event uses the following format:
User Data Structures by Event Type
eStreamer builds user event messages based on the event type indicated in the
discovery event header. The following sub-sections describe the high-level
structure for each event type:
•
•
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Discovery Event Header
Operating System Fingerprint Data Block
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Discovery Event Header
Identity Data Block