Cisco Cisco Firepower Management Center 2000 Entwickleranleitung

 describes the structure of the data record that 

eStreamer uses for the various host discovery event types.

 describes the structure of the data record that 

eStreamer uses for the various user event types.

 describes the series of data block structures 

that are used to convey complex records in discovery and connection event messages. Series 1 data 
blocks also appear in correlation events.

 describes other series 1 block structures that are 

used to convey complex user event records.

 for examples that illustrate sample discovery events.

eStreamer packages the data for discovery and connection events in the same message structure, which 
contains:

a record header that defines the record type

a discovery event header that identifies and characterizes the event, and specifically identifies the 
event type and subtype. For information, see 

a data record consisting of a block header and a data block. Discovery and connection event data 
messages use series 1 data blocks. For information, see 

 or 

.

The following table lists the event record types for host discovery and connection events, and provides 
links to the event message structure for each record type. The list includes metadata record types as well. 
Some records contain a single data block which stores a specific piece of data. These data blocks are 
broken up into series 1 blocks that contain most types of data, and series 2 blocks that specifically 
contain discovery data. The table also indicates the status of each version (current or legacy). A current 
record is the latest version. A legacy record has been superseded by a later version but can still be 
requested from eStreamer.

10

139

1

New Host Detected

Current

11

103

1

New TCP Server

Current

12

103

1

New UDP Server

Current

13

4

1

New Network Protocol

Current

14

4

1

New Transport Protocol

Current

15

122

1

New Client Application

Current