Cisco Cisco Firepower Management Center 2000 Entwickleranleitung
B-75
FireSIGHT eStreamer Integration Guide
Appendix B Understanding Legacy Data Structures
Legacy Discovery Data Structures
List Block Type
uint32
Initiates a List data block comprising Protocol data blocks conveying
network protocol data. This value is always
network protocol data. This value is always
11
.
List Block
Length
Length
uint32
Number of bytes in the list. This number includes the eight bytes of
the list block type and length fields, plus all encapsulated Protocol
data blocks.
the list block type and length fields, plus all encapsulated Protocol
data blocks.
This field is followed by zero or more Protocol data blocks.
Protocol Block
Type
Type
uint32
Initiates a Protocol data block describing a network protocol. This
value is always
value is always
4
.
Protocol Block
Length
Length
uint32
Number of bytes in the Protocol data block, including eight bytes for
the protocol block type and length fields, plus the number of bytes in
the protocol data that follows.
the protocol block type and length fields, plus the number of bytes in
the protocol data that follows.
Network Protocol
Data
Data
uint16
Data field containing a network protocol number, as documented in
.
List Block Type
uint32
Initiates a List data block comprising Protocol data blocks conveying
transport protocol data. This value is always
transport protocol data. This value is always
11
.
List Block
Length
Length
uint32
Number of bytes in the list. This number includes the eight bytes of
the list block type and length fields, plus all encapsulated Protocol
data blocks.
the list block type and length fields, plus all encapsulated Protocol
data blocks.
This field is followed by zero or more transport protocol data blocks.
Protocol Block
Type
Type
uint32
Initiates a Protocol data block describing a transport protocol. This
value is always
value is always
4
.
Protocol Block
Length
Length
uint32
Number of bytes in the protocol data block, including eight bytes for
the protocol block type and length, plus the number of bytes in the
protocol data that follows.
the protocol block type and length, plus the number of bytes in the
protocol data that follows.
Transport
Protocol Data
Protocol Data
variable
Data field containing a transport protocol number, as documented in
.
List Block Type
uint32
Initiates a List data block comprising MAC Address data blocks.
This value is always
This value is always
11
.
List Block
Length
Length
uint32
Number of bytes in the list, including the list header and all
encapsulated MAC Address data blocks.
encapsulated MAC Address data blocks.
Host MAC
Address Block
Type
Address Block
Type
uint32
Initiates a Host MAC Address data block. This value is always
95
.
Host MAC
Address Block
Length
Address Block
Length
uint32
Number of bytes in the Host MAC Address data block, including
eight bytes for the Host MAC address block type and length fields,
plus the number of bytes in the Host MAC address data that follows.
eight bytes for the Host MAC address block type and length fields,
plus the number of bytes in the Host MAC address data that follows.
Host MAC
Address Data
Address Data
variable
.
Host Last Seen
uint32
UNIX timestamp that represents the last time the system detected
host activity.
host activity.
Table B-17
Host Profile Data Block for 5.0 - 5.0.2 Fields (continued)
Field
Data Type
Description