Cisco Cisco Firepower Management Center 2000 Entwickleranleitung
4-137
FireSIGHT eStreamer Integration Guide
Chapter 4 Understanding Discovery & Connection Data Structures
Host Discovery and Connection Data Blocks
Full Host Client Application Data Block 5.0+
The Full Host Client Application data block for version 5.0+ describes a client application, plus an
appended list of associated web applications and vulnerabilities. The Full Host Client Application data
block is used within the Full Host Profile data block (type 111). It has a block type of 112 in the series
1 group of blocks.
appended list of associated web applications and vulnerabilities. The Full Host Client Application data
block is used within the Full Host Profile data block (type 111). It has a block type of 112 in the series
1 group of blocks.
The following diagram shows the basic structure of a Full Host Client Application data block for 5.0+:
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Full Host Client Application Block Type (112)
Full Host Client Application Block Length
Hits
Last Used
Application ID
Version
String Block Type (0)
String Block Length
Version...
Generic List Block Type (31)
Generic List Block Length
Web
Application
Web Application Block Type (123)*
Web Application Block Length
Web Application Data...
Generic List Block Type (31)
Generic List Block Length
Vulnerability
Vulnerability Block Type (85)*
Vulnerability Block Length
Vulnerability Data...