Cisco Cisco Firepower Management Center 2000 Entwickleranleitung

Version 5.3

Sourcefire 3D System eStreamer Integration Guide

638

Understanding Legacy Data Structures

Legacy Correlation Event Data Structures

Appendix B

Correlation Event for 4.10.x

Correlation events contain information about policy violations and are transmitted 

when correlation policies are violated. The Defense Center uses the standard 

message header with a record type of 112, followed by a correlation data block 

with a type of 107. 

Destination IP

0x00000400

Destination Host Type

0x00000800

Destination VLAN ID

0x00001000

Destination Fingerprint ID

0x00002000

Destination Criticality

0x00004000

Destination Port

0x00008000

Destination Server

0x00010000

Source User

0x00020000

Destination User

0x00040000

Event Defined Values (Continued)