Cisco Cisco Firepower Management Center 4000 Entwickleranleitung
4-11
FireSIGHT eStreamer Integration Guide
Chapter 4 Understanding Discovery & Connection Data Structures
Metadata for Discovery Events
Criticality Record
The eStreamer service transmits metadata containing host criticality information for an event within a
Criticality record, the format of which is shown below. (Criticality information is sent when one of the
metadata flags—bits 1, 14, 15, or 20 in the Request Flags field of a request message—is set. See
Criticality record, the format of which is shown below. (Criticality information is sent when one of the
metadata flags—bits 1, 14, 15, or 20 in the Request Flags field of a request message—is set. See
.) Note that the Record Type field, which appears after the Message Length field, has a
value of
58
, indicating a Criticality record.
The following table describes the fields in the Criticality record.
Technical
Description Length
Description Length
uint32
The length of the technical description field.
Technical
Description
Description
string
The technical description of the vulnerability.
Solution Length
uint32
The length of the solution field.
Solution
string
The solution to the vulnerability.
Table 4-4
Vulnerability Record Fields (continued)
Field
Data Type
Description
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Header Version (1)
Message Type (4)
Message Length
Record Type (58)
Record Length
Criticality ID
Name Length
Name...
Table 4-5
Criticality Record Fields
Field
Data Type
Description
Criticality ID
uint32
The criticality ID number.
Name Length
uint32
The number of bytes included in the criticality
level.
level.
Name
string
The criticality level.