Cisco Cisco Firepower Management Center 4000 Entwickleranleitung
4-6
FireSIGHT eStreamer Integration Guide
Chapter 4 Understanding Discovery & Connection Data Structures
Metadata for Discovery Events
Metadata for Discovery Events
You request metadata by metadata version number. For the metadata version that corresponds to your
version of the FireSIGHT System, see
version of the FireSIGHT System, see
. For important information
on how eStreamer streams metadata records, see
For information on the structures of the various metadata records types for host discovery and user event
records, see:
records, see:
•
•
•
•
•
•
•
•
•
•
•
•
•
•
119
14
2
Access Control Rule ID
Record
Record
Current
120
N/A
N/A
Access Control Rule
Action Record
Action Record
Current
121
N/A
N/A
URL Category Record
Current
122
N/A
N/A
URL Reputation
Metadata
Metadata
Current
124
21
2
Access Control Rule
Reason Metadata
Reason Metadata
Current
160
150
1
IOC State Data Block
Current
161
39
2
IOC Name Data Block
Current
280
22
2
Security Intelligence
Category Metadata
Category Metadata
Current
281
N/A
N/A
Security Intelligence
Source/Destination
Metadata
Source/Destination
Metadata
Current
Table 4-1
Discovery and Connection Event Record Types (continued)
Record
Type
Type
Contains
Block Type Series
Block Type Series
Description
Record
Status
Status
Data Format Described in...