Cisco Cisco Firepower Management Center 2000 Entwickleranleitung

The eStreamer service transmits a number of data record types to deliver requested events and metadata 
to the client. This chapter describes the structures of data records for the following types of event data:

intrusion events data and event extra data generated by managed devices

correlation (compliance) events generated by the Defense Center

metadata records

The following section in this chapter define the event message structures:

.

For a general overview of eStreamer’s message format for transmitting data records, see 

.

The table that follows lists all currently supported record types for intrusion events, intrusion event extra 
data, and metadata messages. The data for these record types is in fixed-length fields. By contrast, 
correlation event records contain one or more levels of nested data blocks with variable lengths. The 
table below provides a link to the chapter subsection that defines the associated data record structure.

For some record types, eStreamer supports more than one version. The table indicates the status of each 
version (current or legacy). A current record is the latest version. A legacy record has been superseded 
by a later version but can still be requested from eStreamer.

2

N/A

N/A

Packet Data (Version 
4.8.0.2+)

Current

4

N/A

N/A

Priority Metadata

Current

9

20

1

Intrusion Impact Alert

Legacy

9

153

1

Intrusion Impact Alert

Current

62

N/A

N/A

User Metadata

Current