Cisco Cisco Firepower Management Center 4000 Entwickleranleitung

Version 5.3

Sourcefire 3D System eStreamer Integration Guide

184

Understanding Discovery & Connection Data Structures

Metadata for Discovery Events

Chapter 4

The 

 table describes the fields in the Source Type 

record.

Source Application Record

The eStreamer service transmits metadata containing information about the 

source application for a host discovery event within a Source Application record, 

the format of which is shown below. (Source application information is sent when 

one of the metadata flags—bits 1, 14, 15, or 20 in the Request Flags field of a 

request message—is set. See 

 on page 30.) Note that the Record 

Type field, which appears after the Message Length field, has a value of 91, 

indicating a Source Application record.

Byte

0

1

2

3

Bit

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

Header Version (1)

Message Type (4)

Message Length

Record Type (90)

Record Length

Source Type ID

Name Length

Name...

Source Type Record Fields 

Source Type ID

uint32

The identification number for the source type.

Name Length

uint32

The number of bytes included in the source 

type name.

Name

string

The name of the source type.