Cisco Cisco Firepower Management Center 4000 Entwickleranleitung
4-91
FireSIGHT eStreamer Integration Guide
Chapter 4 Understanding Discovery & Connection Data Structures
Host Discovery and Connection Data Blocks
Host IP Address Data Block
The Host IP Address data block conveys an individual IP address. The IP address may be either an IPv4
or IPv6 address. Host IP Address data blocks are used in User Protocol, Address Specification, and User
Host data blocks. The Host IP data block has a block type of 143 in the series 1 group of blocks.
or IPv6 address. Host IP Address data blocks are used in User Protocol, Address Specification, and User
Host data blocks. The Host IP data block has a block type of 143 in the series 1 group of blocks.
The following diagram shows the format of the Host IP Address data block:
The following table describes the components of the Host IP Address data block.
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Host IP Address Specification Block Type (143)
Host IP Address Block Length
IP Address
IP Address, continued
IP Address, continued
IP Address, continued
Last Seen
Table 4-51
Host IP Address Data Block Fields
Field
Data Type
Description
Host IP Address
Block Type
Block Type
uint32
Initiates a Host IP Address data block. This value is always
143
.
Host IP Block
Length
Length
uint32
Total number of bytes in the Host IP Address data block, including
eight bytes for the Host IP block type and length fields, plus the
number of bytes of Host IP Address data that follows.
eight bytes for the Host IP block type and length fields, plus the
number of bytes of Host IP Address data that follows.
IP Address
uint8[16]
The IP address. This can be IPv4 or IPv6.
Last Seen
uint32
UNIX timestamp that represents the last time the IP address was
detected.
detected.