Cisco Cisco Firepower Management Center 2000 Developer's Guide
![Cisco](https://files.manualsbrain.com/attachments/7380d0050044647c30f5c24bbbf5d0c0b6d9bb84/common/fit/150/50/faa183d287233c52228cfea3dbc2a127fe780f60564fcb0955d9c3d1cd23/brand_logo.png)
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
464
Understanding Legacy Data Structures
Legacy Intrusion Data Structures
Appendix B
Rule ID
(Signature ID)
uint32
Rule identification number that corresponds with
the event.
Generator ID
uint32
Identification number of the Sourcefire 3D
System preprocessor that generated the event.
Rule Revision
uint32
Rule revision number.
Classification
ID
uint32
Identification number of the event classification
message.
Priority ID
uint32
Identification number of the priority associated
with the event.
Source IPv6
Address
uint16[8]
Source IPv6 address used in the event, in
address octets.
Destination
IPv6 Address
uint16[8]
Destination IPv6 address used in the event, in
address octets.
Source Port/
ICMP Type
uint16
If the event protocol type is TCP or UDP, this
indicates the source port number. If the protocol
type is ICMP, this indicates the ICMP type.
Destination
Port/ICMP
Code
uint16
If the event protocol type is TCP or UDP, this
indicates the destination port number. If the
protocol type is ICMP, this indicates the ICMP
code.
IP Protocol
Number
uint8
IANA-specified protocol number. For example:
• 0 — IP
• 0 — IP
• 1 — ICMP
• 6 — TCP
• 17 — UDP
and so on.
and so on.
Intrusion Event (IPv6) Record 4.10.2.3+ Fields (Continued)
F
IELD
D
ATA
T
YPE
D
ESCRIPTION