Cisco Cisco Firepower Management Center 4000 Guía Del Desarrollador
4-41
FireSIGHT eStreamer Integration Guide
Chapter 4 Understanding Discovery & Connection Data Structures
Metadata for Discovery Events
16 bytes are used for the IP address in the following cases:
•
New IPv6 to IPv6 Traffic
•
Host IP Address Changed, when the RNA event version is 10
Operating System Update Messages
The OS Information Update event message has a standard discovery event header (as documented in
) followed by an Operating System data block (as documented
in
, block type 53 in series 1).
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Discovery Event Header
IP Address
IP Address, continued
IP Address, continued
IP Address, continued
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Discovery Event Header
Operating System Data Block