Cisco Cisco Firepower Management Center 4000 Entwickleranleitung

Version 5.3

Sourcefire 3D System eStreamer Integration Guide

656

Understanding Legacy Data Structures

Legacy Host Data Structures

Appendix B

Legacy Host Data Structures

To request these structures, you must use a Host Request Message. To request a 

legacy structure, the Host Request Message must use an older format. See 

 on page 47 for more information.

The following topics describe legacy host data structures, including both host 

profile and full host profile structures:

Full Host Profile Data Block 4.8

The Full Host Profile data block contains a full set of data describing one host. The 

eStreamer server generates and transmits Full Host Profile data blocks in host 

request data messages, which it sends in response to host request messages 

submitted by the client. The full host profile data block for 4.8 has the format 

shown in the following graphic. Note that the graphic shows all fields in the 

record, but the content details of nested data blocks are omitted. For information 

about the fields in the encapsulated blocks, see the subsections of this guide that 

described the data block in question. The Full Host Profile Data Block for version 

4.8 has a data block type value of 47.

An asterisk(*) next to a data block name in the following diagram 

indicates that multiple instances of the data block may occur.

Destination Port

0x00008000

Destination Server

0x00010000

Source User

0x00020000

Destination User

0x00040000

Event Defined Values (Continued)