Cisco Cisco Firepower Management Center 4000 Entwickleranleitung
4-9
FireSIGHT eStreamer Integration Guide
Chapter 4 Understanding Discovery & Connection Data Structures
Metadata for Discovery Events
Vulnerability Record
The eStreamer service transmits metadata containing vulnerability information for an event within a
Vulnerability record, the format of which is shown below. (Vulnerability information is sent when one
of the metadata flags—bits 1, 14, 15, or 20 in the Request Flags field of a request message—is set. See
Vulnerability record, the format of which is shown below. (Vulnerability information is sent when one
of the metadata flags—bits 1, 14, 15, or 20 in the Request Flags field of a request message—is set. See
.) Note that the Record Type field, which appears after the Message Length
field, has a value of
57
, indicating a Vulnerability record.
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Header Version (1)
Message Type (4)
Message Length
Record Type (57)
Record Length
Vulnerability ID
Impact
Exploits
Remote
Entry Date Length
Entry Date Length Cont.
Entry Date...
Published Date Length
Published Date...
Modified Date Length
Modified Date...
Title Length
Title...
Short Description Length
Short Description...
Description Length
Description...
Technical Description Length
Technical Description...