Cisco Cisco Firepower Management Center 2000 Entwickleranleitung

Version 5.3

Sourcefire 3D System eStreamer Integration Guide

590

Understanding Legacy Data Structures

Legacy Connection Data Structures

Appendix B

Connection Statistics Data Block 5.0 - 5.0.2

The Connection Statistics data block is used in Connection Data messages. 

Changes to the Connection data block between 4.10.x and 5.0 include addition of 

new fields with configuration parameters introduced in 5.0 (security zone, ingress 

and egress interface, URL category and reputation, and user, plus fields for 

additional tracking information such as violated policy and rule). The Connection 

Statistics data block for version 5.0 - 5.0.2 has a block type of 115. For more 

information on the Connection Statistics Data message, see 

The following diagram shows the format of a Connection Statistics data block for 

5.0 - 5.0.2:

::

Payload Type

uint32

Indicates the type of the payload data.

Payload ID

uint32

Indicates the ID of the payload.

Connection Statistics Data Block 4.10.2 Fields (Continued)

Byte

0

1

2

3

Bit

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

Connection Data Block Type (115)

Connection Data Block Length

Device ID

Ingress Zone

Ingress Zone, continued

Ingress Zone, continued

Ingress Zone, continued

Egress Zone

Egress Zone, continued

Egress Zone, continued

Egress Zone, continued

Ingress Interface

Ingress Interface, continued