Cisco Cisco Firepower Management Center 4000 개발자 가이드
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
636
Understanding Legacy Data Structures
Legacy Correlation Event Data Structures
Appendix B
Source VLAN
ID
uint16
Source host’s VLAN identification number, if
applicable.
Source OS
Fingerprint
UUID
uint8[16]
A fingerprint ID number that acts a unique
identifier for the source host’s operating system.
See
See
on page 182 for information
about obtaining the values that map to the
fingerprint IDs.
Source
Criticality
uint16
User-defined criticality value for the source host:
• 0 — None
• 0 — None
• 1 — Low
• 2 — Medium
• 3 — High
Source User
ID
uint32
Identification number for the user logged into the
source host, as identified by the system.
Source Port
uint16
Source port in the event.
Source
Server ID
uint32
Identification number for the server running on
the source host.
Destination IP
Address
uint8[4]
IP address of the destination host associated
with the policy violation (if applicable). This value
will be 0 if there is no destination IP address.
Destination
Host Type
uint8
Destination host’s type:
• 0 — Host
• 0 — Host
• 1 — Router
• 2 — Bridge
Destination
VLAN ID
uint16
Destination host’s VLAN identification number, if
applicable.
Destination
OS
Fingerprint
UUID
uint8[16]
A fingerprint ID number that acts as a unique
identifier for the destination host’s operating
system.
See
See
on page 182 for information
about obtaining the values that map to the
fingerprint IDs.
Correlation Event Data 4.8.0.2 - 4.9.1.x Fields (Continued)
F
IELD
D
ATA
T
YPE
D
ESCRIPTION