Cisco Cisco Firepower Management Center 2000 Entwickleranleitung
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
385
Understanding Discovery & Connection Data Structures
Discovery and Connection Event Series 2 Data Blocks
Chapter 4
Security Intelligence Category Data Block 5.1+
The eStreamer service uses the Security Intelligence Category data block in
access control rule metadata messages to stream Security Intelligence
information. The Security Intelligence Category data block has a block type of 22
in the series 2 group of blocks.
The following graphic shows the structure of the Security Intelligence Category
The following graphic shows the structure of the Security Intelligence Category
data block:
The
table describes the fields in
the Security Intelligence Category data block.
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Security Intelligence Category Block Type (22)
Security Intelligence Category Block Length
Security Intelligence List ID
AC
Policy UU
ID
Access Control Policy UUID
Access Control Policy UUID, continued
Access Control Policy UUID, continued
Access Control Policy UUID, continued
Rul
e Name
String Block Type (0)
String Block Length
Security Intelligence List Name...
Security Intelligence Category Data Block fields
F
IELD
D
ATA
T
YPE
D
ESCRIPTION
Security
Intelligence
Category
Block Type
uint32
Initiates an Security Intelligence Category
data block. This value is always 22.
Security
Intelligence
Category
Block Length
uint32
Total number of bytes in the Security
Intelligence Category block, including eight
bytes for the Security Intelligence Category
block type and length fields, plus the
number of bytes of data that follows.