Cisco Cisco Firepower Management Center 4000 Developer's Guide
B-132
FireSIGHT eStreamer Integration Guide
Appendix B Understanding Legacy Data Structures
Legacy Host Data Structures
Legacy Host Data Structures
To request these structures, you must use a Host Request Message. To request a legacy structure, the Host
Request Message must use an older format. See
Request Message must use an older format. See
for more
information.
The following topics describe legacy host data structures, including both host profile and full host profile
structures:
structures:
•
•
•
•
•
Full Host Profile Data Block 5.0 - 5.0.2
The Full Host Profile data block for version 5.0 - 5.0.2 contains a full set of data describing one host. It
has the format shown in the graphic below and explained in the following table. Note that, except for
List data blocks, the graphic does not show the fields of the encapsulated data blocks. These
encapsulated data blocks are described separately in
has the format shown in the graphic below and explained in the following table. Note that, except for
List data blocks, the graphic does not show the fields of the encapsulated data blocks. These
encapsulated data blocks are described separately in
. The Full Host Profile data block a block type value of 111.
Note
An asterisk(*) next to a block name in the following diagram indicates that multiple instances of the data
block may occur.
block may occur.
Source User
0x00020000
Destination User
0x00040000
Table B-30
Event Defined Values (continued)
Description
Mask Value
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Full Host Profile Data Block (111)
Data Block Length
IP Address
Hops
Generic List Block Type (31)
Generic List Block
Type, continued
Generic List Block Length