Cisco Cisco Firepower Management Center 4000 Developer's Guide
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
343
Understanding Discovery & Connection Data Structures
Host Discovery and Connection Data Blocks
Chapter 4
The describes the fields of the Mobile Device Information data block returned by
5.1+.
Host Profile Data Block for 5.2+
The following diagram shows the format of a Host Profile data block. The data
block also does not include a host criticality value, but does include a VLAN
presence indicator. In addition, a data block can convey a NetBIOS name for the
Mobile Device Information Data Block 5.1+ Fields
F
IELD
D
ATA
T
YPE
D
ESCRIPTION
Mobile Device
Information Block Type
(131)
uint32
Initiates the operating system data
block. This value is always 131.
Mobile Device
Information Block Length
uint32
Number of bytes in the Mobile
Device Information data block,
including eight bytes for the Mobile
Device Information Data Block
block type and length, plus the
number of bytes in the Mobile
Device Information data that
follows.
String Block Type
uint32
Initiates a string data block for the
mobile device string. This value is
set to 0 to indicate string data.
String Block Length
uint32
Indicates the number of bytes in
the mobile device string data block,
including eight bytes for the string
block type and length fields, plus
the number of bytes in the mobile
device string data that follows.
Mobile Device String
Data
Variable
Contains the mobile device
hardware information of the host
detected.
Mobile Device Last Seen
uint32
Contains the time stamp the
mobile device was last seen.
Mobile
uint32
True-false flag indicating whether
the host is a mobile device.
Jailbroken
uint32
True-false flag indicating whether
the host is a mobile device that is
jailbroken.