Cisco Cisco Firepower Management Center 2000 Entwickleranleitung
4-13
FireSIGHT eStreamer Integration Guide
Chapter 4 Understanding Discovery & Connection Data Structures
Metadata for Discovery Events
The following table describes the fields in the Attribute record.
Scan Type Record
The eStreamer service transmits metadata containing scan type information for an event within a Scan
Type record, the format of which is shown below. (Scan type information is sent when one of the
metadata flags—bits 1, 14, 15, or 20 in the Request Flags field of a request message—is set. See
Type record, the format of which is shown below. (Scan type information is sent when one of the
metadata flags—bits 1, 14, 15, or 20 in the Request Flags field of a request message—is set. See
.) Note that the Record Type field, which appears after the Message Length field, has a
value of
61
, indicating a Scan Type record.
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Header Version (1)
Message Type (4)
Message Length
Record Type (60)
Record Length
Attribute ID
Name Length
Name...
Table 4-7
Attribute Record Fields
Field
Data Type
Description
Attribute ID
uint32
The attribute ID number.
Name Length
uint32
The number of bytes included in the attribute name.
Name
string
The name of the attribute.
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Header Version (1)
Message Type (4)
Message Length
Record Type (61)
Record Length
Scan Type ID