Cisco Cisco Firepower Management Center 2000 Entwickleranleitung

Version 5.3

Sourcefire 3D System eStreamer Integration Guide

Understanding the eStreamer Application Protocol

Event Data Message Format

Chapter 2

the current discovery event types and subtypes, see the

Discovery and

Connection Events by Type and Subtype table

on page 201.

Discovery Event Message Headers

The shaded section in the following graphic shows the fields of the record header

in the discovery event data message format, and shows the location of the event

header that follows it. The table below defines the fields of the discovery event

message headers.

Byte

Bit

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

Message Header

See

eStreamer Message Header

on page 24

Discovery Event Record Header

See

Discovery Event Message Headers

on page 41 for field details.

Discovery Event Header

See

Discovery Event Header 5.2+

on page 198 for field details.

Series 1 Data Block

See

Understanding Discovery (Series 1) Blocks

on page 224

...

Byte

Bit

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

Header Version (1)

Message Type (3)

Message Length

Record Type

See

Discovery and Connection Event Record Types

on page 166

Record Length

eStreamer Server Timestamp

(for events only)

Reserved for Future Use

(for events only)

Discovery Event Header

See

Discovery Event Header Fields

on page 200

Series 1 Data Block

See

Understanding Discovery (Series 1) Blocks

on page 224

...