Cisco Cisco Firepower Management Center 2000 Guía Del Desarrollador
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
513
Understanding Legacy Data Structures
Legacy Discovery Data Structures
Appendix B
Legacy Discovery Data Structures
•
•
•
•
•
•
•
Web Application ID
uint32
The internal identification number of
the detected web application, if
applicable.
Client Application
ID
uint32
The internal identification number of
the detected client application, if
applicable.
Action
uint8
The action taken on the file based on
the file type. Can have the following
values:
•
•
1
— Detect
•
2
— Block
•
3
— Malware Cloud Lookup
•
4
— Malware Block
•
5
— Malware Whitelist
Protocol
uint8
IANA protocol number specified by the
user. For example:
•
•
1
— ICMP
•
4
— IP
•
6
— TCP
•
17
— UDP
This is currently only TCP.
Malware Event Data Block for 5.2.x Fields (Continued)
F
IELD
D
ATA
T
YPE
D
ESCRIPTION