Cisco Cisco Firepower Management Center 2000 Entwickleranleitung

Version 5.3

Sourcefire 3D System eStreamer Integration Guide

196

Understanding Discovery & Connection Data Structures

Metadata for Discovery Events

Chapter 4

Security Intelligence Category Metadata

The eStreamer service transmits metadata containing information about the 

Security Intelligence category within a Security Intelligence Category record, the 

format of which is shown below. Access control rule reason metadata is sent 

when the Version 4 metadata flag—bit 20 in the Request Flags field of a request 

message—is set. See 

 on page 30. Note that the Record Type field, 

which appears after the Message Length field, has a value of 280, indicating a 

Security Intelligence Category record.

The 

 table describes the fields in 

the Security Intelligence Category record.

Byte

0

1

2

3

Bit

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

Header Version (1)

Message Type (4)

Message Length

Record Type (280)

Record Length

Security Intelligence Category Block Type (22)

Security Intelligence Category Block Length

Security Intelligence List ID

Access Control Policy UUID

Access Control Policy UUID, continued

Access Control Policy UUID, continued

Access Control Policy UUID, continued

String Block Type (0)

String Block Length

Security Intelligence List Name...