Cisco Cisco Firepower Management Center 4000 Guía Del Desarrollador
4-23
FireSIGHT eStreamer Integration Guide
Chapter 4 Understanding Discovery & Connection Data Structures
Metadata for Discovery Events
The following table describes the fields in the URL Category record.
URL Reputation Record Metadata
The eStreamer service transmits metadata containing the reputation (that is, risk level) associated with
a URL in a connection log within a URL Reputation record, the format of which is shown below. (URL
reputation information is sent when the version 4 metadata flag—bit 20 in the Request Flags field of a
request message—is set. See
a URL in a connection log within a URL Reputation record, the format of which is shown below. (URL
reputation information is sent when the version 4 metadata flag—bit 20 in the Request Flags field of a
request message—is set. See
.) Note that the URL Reputation metadata record
field, which appears after the Message Length field, has a value of
122
, indicating a URL Reputation
metadata record.
Name Length
Name...
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Table 4-18
URL Category Record Fields
Field
Data Type
Description
URL Category ID
uint32
ID number of the URL category.
Name Length
uint32
The number of bytes included in the name.
Name
string
The URL category name.
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Header Version (1)
Message Type (4)
Message Length
Record Type (122)
Record Length
URL Reputation ID
Name Length
Name...