Cisco Cisco Firepower Management Center 4000 Entwickleranleitung

Version 5.3

Sourcefire 3D System eStreamer Integration Guide

174

Understanding Discovery & Connection Data Structures

Metadata for Discovery Events

Chapter 4

The 

 table describes the fields in the Fingerprint record.

Client Application Record

The eStreamer service transmits the client application metadata for an event 

within a Client Application record, the format of which is shown below. (Client 

application metadata is sent when one of the metadata flags—bits 1, 14, 15, or 

20 in the Request Flags field of a request message—is set. See 

page 30.) Note that the Record Type field, which appears after the Message 

Length field, has a value of 55, indicating a Client Application record.

Fingerprint Record Fields 

Fingerprint UUID

uint8[16]

A fingerprint ID number that acts as a unique 

identifier for the operating system.

OS Name 

Length

uint32

The number of bytes included in the operating 

system name.

OS Name

string

The name of the operating system for the 

fingerprint.

OS Vendor 

Length

uint32

The number of bytes included in the operating 

system vendor name.

OS Vendor

string

The name of the operating system vendor for 

the fingerprint.

OS Version 

Length

uint32

The number of bytes included in the operating 

system version.

OS Version

string

The version of the operating system for the 

fingerprint.