Cisco Cisco Firepower Management Center 4000 Entwickleranleitung
4-102
FireSIGHT eStreamer Integration Guide
Chapter 4 Understanding Discovery & Connection Data Structures
Host Discovery and Connection Data Blocks
User Criticality Change Data Block 4.7+
The User Criticality data block is used to contain a list of IP address range specifications for hosts where
the host criticality changed, the identification number for the user who updated the criticality value,
information about the source that supplied the criticality value, and the criticality value. The User
Criticality data block has a block type of 81 in the series 1 group of blocks. Changes from the previous
User Criticality data block include a new source type field and the use of the Generic list data block
instead of the List data block to store IP addresses.
the host criticality changed, the identification number for the user who updated the criticality value,
information about the source that supplied the criticality value, and the criticality value. The User
Criticality data block has a block type of 81 in the series 1 group of blocks. Changes from the previous
User Criticality data block include a new source type field and the use of the Generic list data block
instead of the List data block to store IP addresses.
The User Criticality data block is used in user set host criticality messages as documented in
.
The following diagram shows the basic structure of a User Criticality data block:
Generic List Block
Length
Length
uint32
Number of bytes in the Generic List block and encapsulated data
blocks. This number includes the eight bytes of the generic list block
header fields, plus the number of bytes in all of the encapsulated
data blocks.
blocks. This number includes the eight bytes of the generic list block
header fields, plus the number of bytes in all of the encapsulated
data blocks.
User Vulnerability
Data Blocks
Data Blocks
variable
Encapsulated User Vulnerability data blocks up to the maximum
number of bytes in the list block length. For more information, see
number of bytes in the list block length. For more information, see
Table 4-59
User Vulnerability Change Data Block Fields (continued)
Field
Number of
Bytes
Bytes
Description
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
User Criticality Data Block Type (81)
User Criticality Block Length
IP Address
Range Blocks
Generic List Block Type (31)
Generic List Block Length
IP Address Range Specification Data Blocks...
Source ID
Source Type
Criticality Value...