Cisco Cisco Firepower Management Center 4000 Entwickleranleitung
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
135
Understanding Intrusion and Correlation Data Structures
Understanding Series 2 Data Blocks
Chapter 3
File Name
File Type ID, cont.
String Block Type (0)
String Block Type (0), cont.
String Block Length
String Block Length, cont.
File Name...
File Size
File Size, continued
Direction
Application ID
App ID, cont.
User ID
UR
I
User ID, cont.
String Block Type (0)
String Block Type (0),
cont.
String Block Length
String Block Length,
cont.
URI...
Signature
String Block Type (0)
String Block Length
Signature...
Source Port
Destination Port
Protocol
Access Control Policy UUID
Access Control Policy UUID, continued
Access Control Policy UUID, continued
Access Control Policy UUID, continued
AC Pol UUID, cont.
Source Country
Dst. Country
Dst. Country, cont.
Web Application ID
Web App. ID, cont.
Client Application ID
Client App. ID, cont.