Cisco Cisco Firepower Management Center 2000 Entwickleranleitung

Version 5.3

Sourcefire 3D System eStreamer Integration Guide

180

Understanding Discovery & Connection Data Structures

Metadata for Discovery Events

Chapter 4

The 

 table describes the fields in the Network 

Protocol record.

Attribute Record

The eStreamer service transmits metadata containing attribute information for an 

event within an Attribute record, the format of which is shown below. (Attribute 

information is sent when one of the metadata flags—bits 1, 14, 15, or 20 in the 

Request Flags field of a request message—is set. See 

page 30.) Note that the Record Type field, which appears after the Message 

Length field, has a value of 60, indicating an Attribute record.

Byte

0

1

2

3

Bit

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

Header Version (1)

Message Type (4)

Message Length

Record Type (59)

Record Length

Network Protocol ID

Name Length

Name...

Network Protocol Record Fields 

Network 

Protocol ID

uint32

The network protocol ID number.

Name Length

uint32

The number of bytes included in the network 

protocol name.

Name

string

The name of the network protocol.