Cisco Cisco Firepower Management Center 4000 Entwickleranleitung
4-46
FireSIGHT eStreamer Integration Guide
Chapter 4 Understanding Discovery & Connection Data Structures
Metadata for Discovery Events
Policy Control Message
The Policy Control Message event has a standard discovery event header (as documented in
) followed by a Policy Control Message data block. The format of the
Policy Control Message data block differs depending on the system version. For information on policy
control message data block format for the current version, see
control message data block format for the current version, see
.
Connection Statistics Data Message
The Connection Statistics event has a standard discovery event header (as documented in
) followed by a Connection Statistics data block. The documentation of
each version of the Connection Statistics data block includes the system versions that use it. For
information on the connection statistics data block format for version 5.3.1+, see
information on the connection statistics data block format for version 5.3.1+, see
Note
The Connection Statistics data block differs depending on which system version created the message.
For information on legacy versions, see the Connection Statistics data block in
For information on legacy versions, see the Connection Statistics data block in
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Discovery Event Header
Server Banner Data Block
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Discovery Event Header
Policy Control Message Data Block