Cisco Cisco Firepower Management Center 2000 Entwickleranleitung
4-134
FireSIGHT eStreamer Integration Guide
Chapter 4 Understanding Discovery & Connection Data Structures
Host Discovery and Connection Data Blocks
Scan Vulnerability Data Block for 4.10.0+
The Scan Vulnerability data block describes a vulnerability and is used within Scan Result data blocks,
which in turn are used in Add Scan Result events (event type 1002, subtype 11). For more information,
see
which in turn are used in Add Scan Result events (event type 1002, subtype 11). For more information,
see
and
. The Scan
Vulnerability data block has a block type of 109 in the series 1 group of blocks.
The following diagram shows the format of a Scan Vulnerability data block:
String Block Length
uint32
Number of bytes in the value String data block, including eight
bytes for the block type and length fields, plus the number of bytes
in the value.
bytes for the block type and length fields, plus the number of bytes
in the value.
Scan Result Value
string
Scan result value (unformatted).
Table 4-74
Generic Scan Result Data Block Fields (continued)
Field
Number of
Bytes
Bytes
Description
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Scan Vulnerability Block Type (109)
Scan Vulnerability Block Length
Port
Protocol
ID
String Block Type (0)
String Block Length
ID
Name
String Block Type (0)
String Block Length
Vulnerability Name...
Description
String Block Type (0)
String Block Length
Description...
Name Clean
String Block Type (0)
String Block Length
Vulnerability Name Clean...