Cisco Cisco Firepower Management Center 2000 Entwickleranleitung
B-73
FireSIGHT eStreamer Integration Guide
Appendix B Understanding Legacy Data Structures
Legacy Discovery Data Structures
The following table describes the fields of the host profile data block returned by version 4.9 to version
5.0.2.
5.0.2.
Table B-17
Host Profile Data Block for 5.0 - 5.0.2 Fields
Field
Data Type
Description
Host Profile
Block Type
Block Type
uint32
Initiates the Host Profile data block for 4.9 to 5.0.2. This data block
has a block type of
has a block type of
91
.
Host Profile
Block Length
Block Length
uint32
Number of bytes in the Host Profile data block, including eight bytes
for the host profile block type and length fields, plus the number of
bytes included in the host profile data that follows.
for the host profile block type and length fields, plus the number of
bytes included in the host profile data that follows.
IP Address
uint8[4]
IP address of the host described in the profile, in IP address octets.
Hops
uint8
Number of hops from the host to the device.
Primary/
Secondary
Secondary
uint8
Indicates whether the host is in the primary or secondary network of
the device that detected it:
the device that detected it:
•
0
- host is in the primary network.
•
1
- host is in the secondary network.
Generic List
Block Type
Block Type
uint32
Initiates a Generic List data block comprising Operating System
Fingerprint data blocks conveying fingerprint data identified using a
server fingerprint. This value is always
Fingerprint data blocks conveying fingerprint data identified using a
server fingerprint. This value is always
31
.
Generic List
Block Length
Block Length
uint32
Number of bytes in the Generic List data block, including the list
header and all encapsulated Operating System Fingerprint data
blocks.
header and all encapsulated Operating System Fingerprint data
blocks.
Operating
System
Fingerprint
(Server
Fingerprint) Data
Blocks *
System
Fingerprint
(Server
Fingerprint) Data
Blocks *
variable
Operating System Fingerprint data blocks containing information
about the operating system on a host identified using a server
fingerprint. See
about the operating system on a host identified using a server
fingerprint. See
for a description of this data block.
Generic List
Block Type
Block Type
uint32
Initiates a Generic List data block comprising Operating System
Fingerprint data blocks conveying fingerprint data identified using a
client fingerprint. This value is always 31.
Fingerprint data blocks conveying fingerprint data identified using a
client fingerprint. This value is always 31.
Generic List
Block Length
Block Length
uint32
Number of bytes in the Generic List data block, including the list
header and all encapsulated Operating System Fingerprint data
blocks.
header and all encapsulated Operating System Fingerprint data
blocks.
Operating
System
Fingerprint
(Client
Fingerprint) Data
Blocks *
System
Fingerprint
(Client
Fingerprint) Data
Blocks *
variable
Operating System Fingerprint data blocks containing information
about the operating system on a host identified using a client
fingerprint. See
about the operating system on a host identified using a client
fingerprint. See
for a description of this data block.
Generic List
Block Type
Block Type
uint32
Initiates a Generic List data block comprising Operating System
Fingerprint data blocks conveying fingerprint data identified using an
SMB fingerprint. This value is always
Fingerprint data blocks conveying fingerprint data identified using an
SMB fingerprint. This value is always
31
.
Generic List
Block Length
Block Length
uint32
Number of bytes in the Generic List data block, including the list
header and all encapsulated Operating System Fingerprint data
blocks.
header and all encapsulated Operating System Fingerprint data
blocks.