Cisco Cisco Firepower Management Center 2000 Entwickleranleitung
4-127
FireSIGHT eStreamer Integration Guide
Chapter 4 Understanding Discovery & Connection Data Structures
Host Discovery and Connection Data Blocks
Server Information Data Block for 4.10.x, 5.0 - 5.0.2
The Server Information data block conveys information about a server, including the server ID, server
vendor and version, and source information. The Server Information data block has a block type of 105
in the series 1 group of blocks for 4.10.x and a block type of 117 in the series 1 group of blocks for 5.0
- 5.0.2. Server information data blocks are conveyed in lists within Host Server blocks and Full Host
server data blocks. For more information see
vendor and version, and source information. The Server Information data block has a block type of 105
in the series 1 group of blocks for 4.10.x and a block type of 117 in the series 1 group of blocks for 5.0
- 5.0.2. Server information data blocks are conveyed in lists within Host Server blocks and Full Host
server data blocks. For more information see
and
.
The following diagram shows the format of the Server Information data block:
Generic List Block Type uint32
Initiates a Generic List data block comprising Host
Vulnerability data blocks conveying third-party host
vulnerability data generated by a third-party scanner. This
value is always
Vulnerability data blocks conveying third-party host
vulnerability data generated by a third-party scanner. This
value is always
31
.
Generic List Block
Length
Length
uint32
Number of bytes in the Generic List data block, including the
list header and all encapsulated Host Vulnerability data blocks.
list header and all encapsulated Host Vulnerability data blocks.
Third Party Scan Host
Vulnerability Data
Blocks *
Vulnerability Data
Blocks *
variable
Host Vulnerability data blocks containing third-party
vulnerability data for vulnerabilities identified by a third-party
scanner but not cataloged in the VDB. See
vulnerability data for vulnerabilities identified by a third-party
scanner but not cataloged in the VDB. See
for a description of this data
block.
Generic List Block Type uint32
Initiates a Generic List data block. This value is always
31
.
Generic List Block
Length
Length
uint32
Number of bytes in the Generic List block and encapsulated
Web Application data blocks. This number includes the eight
bytes of the generic list block header fields, plus the number of
bytes in all of the encapsulated data blocks.
Web Application data blocks. This number includes the eight
bytes of the generic list block header fields, plus the number of
bytes in all of the encapsulated data blocks.
Web Application Data
Blocks*
Blocks*
variable
Encapsulated Web Application data blocks up to the maximum
number of bytes in the list block length.
number of bytes in the list block length.
Table 4-71
Full Server Data Block 4.10.0+ Fields (continued)
Field
Data Type
Description
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Server Information Block Type (105 | 117)
Server Information Block Length
Application ID
String Block Type (0)
String Block Length
Server Vendor Name String...