Cisco Cisco Firepower Management Center 4000 Entwickleranleitung
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
132
Understanding Intrusion and Correlation Data Structures
Understanding Series 2 Data Blocks
Chapter 3
IP Reputation Category Data Block
The eStreamer service uses the IP Reputation Category Data block to contain
information about rule reputation categories. This data block has a block type of
22 in series 2.
The following diagram shows the structure of the IP Reputation Category data
The following diagram shows the structure of the IP Reputation Category data
block.
String Block
Length
uint32
The number of bytes included in the name
String data block, including eight bytes for the
block type and header fields plus the number
of bytes in the Description field.
Description
string
Description of the reason for the rule.
Access Control Policy Rule Reason Data Block Fields (Continued)
F
IELD
D
ATA
T
YPE
D
ESCRIPTION
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
IP Reputation Category Data Block Type (22)
IP Reputation Category Data Block Length
Rule ID
Policy UUID
Policy UUID, continued
Policy UUID, continued
Policy UUID, continued
Description
String Block Type (0)
String Block Length
Category Name...