Cisco Cisco Firepower Management Center 2000 Entwickleranleitung

The following table describes the fields in the Interface Name data block.

The eStreamer service transmits metadata on the name of the access control policy that triggered an 
intrusion event or connection event within an Access Control Policy Name record, the format of which 
is shown below. (Access control policy name information is sent when the Version 4 metadata flag—bit 
20 in the Request Flags field of a request message—is set. See 

.) Note that the 

Record Type field, which appears after the Message Length field, has a value of 

117

, indicating an 

Access Control Policy Name record. It contains a UUID String data block, block type 14 in the series 2 
set of data blocks.

String Block Length

Interface Name...

Byte

0

1

2

3

Bit

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

Interface Name Data 
Block Type

uint32

Initiates an Interface Name data block. This value is always 

14

. 

The block type is a series 2 block.

Interface Name Data 
Block Length

uint32

Length of the data block. Includes the number of bytes of data plus 
the 8 bytes in the two data block header fields.

Interface UUID

uint8[16]

An interface ID number that acts as a unique identifier for the 
interface associated with the connection event.

String Block Type

uint32

Initiates a String data block containing the name of the interface. 
This value is always 

0

.

String Block Length uint32

The number of bytes included in the interface name String data 
block, including eight bytes for the block type and header fields 
plus the number of bytes in the interface name.

Interface Name

string

The interface name.

Byte

0

1

2

3

Bit

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

Header Version (1)

Message Type (4)

Message Length

Record Type (117)

Record Length