Cisco Cisco Firepower Management Center 4000 Entwickleranleitung

Version 5.3

Sourcefire 3D System eStreamer Integration Guide

193

Understanding Discovery & Connection Data Structures

Metadata for Discovery Events

Chapter 4

The 

 table describes the fields in the URL Category 

record.

URL Reputation Record Metadata

The eStreamer service transmits metadata containing the reputation (that is, risk 

level) associated with a URL in a connection log within a URL Reputation record, 

the format of which is shown below. (URL reputation information is sent when 

the version 4 metadata flag—bit 20 in the Request Flags field of a request 

message—is set. See 

 on page 30.) Note that the URL Reputation 

metadata record field, which appears after the Message Length field, has a value 

of 122, indicating a URL Reputation metadata record.

Byte

0

1

2

3

Bit

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

Header Version (1)

Message Type (4)

Message Length

Record Type (121)

Record Length

URL Category ID

Name Length

Name...

URL Category Record Fields 

URL Category ID

uint32

ID number of the URL category.

Name Length

uint32

The number of bytes included in the name.

Name

string

The URL category name.