Cisco Cisco Firepower Management Center 2000 Entwickleranleitung

Version 5.3

Sourcefire 3D System eStreamer Integration Guide

343

Understanding Discovery & Connection Data Structures

Host Discovery and Connection Data Blocks

Chapter 4

The describes the fields of the Mobile Device Information data block returned by 

5.1+.

Host Profile Data Block for 5.2+

The following diagram shows the format of a Host Profile data block. The data 

block also does not include a host criticality value, but does include a VLAN 

presence indicator. In addition, a data block can convey a NetBIOS name for the 

Mobile Device Information Data Block 5.1+ Fields 

Mobile Device 

Information Block Type 

(131)

uint32

Initiates the operating system data 

block. This value is always 131.

Mobile Device 

Information Block Length

uint32

Number of bytes in the Mobile 

Device Information data block, 

including eight bytes for the Mobile 

Device Information Data Block 

block type and length, plus the 

number of bytes in the Mobile 

Device Information data that 

follows.

String Block Type

uint32

Initiates a string data block for the 

mobile device string. This value is 

set to 0 to indicate string data.

String Block Length

uint32

Indicates the number of bytes in 

the mobile device string data block, 

including eight bytes for the string 

block type and length fields, plus 

the number of bytes in the mobile 

device string data that follows.

Mobile Device String 

Data

Variable

Contains the mobile device 

hardware information of the host 

detected.

Mobile Device Last Seen

uint32

Contains the time stamp the 

mobile device was last seen.

Mobile

uint32

True-false flag indicating whether 

the host is a mobile device.

Jailbroken

uint32

True-false flag indicating whether 

the host is a mobile device that is 

jailbroken.