Cisco Cisco Firepower Management Center 4000 Guía Del Desarrollador

The eStreamer service uses the Security Intelligence Category data block in access control rule metadata 
messages to stream Security Intelligence information. The Security Intelligence Category data block has 
a block type of 22 in the series 2 group of blocks.

The following graphic shows the structure of the Security Intelligence Category data block:

The following table describes the fields in the Security Intelligence Category data block.

Byte

0

1

2

3

Bit

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

Security Intelligence Category Block Type (22)

Security Intelligence Category Block Length

Security Intelligence List ID

AC Policy 

UUID

Access Control Policy UUID

Access Control Policy UUID, continued

Access Control Policy UUID, continued

Access Control Policy UUID, continued

Rule Name

String Block Type (0)

String Block Length

Security Intelligence List Name...

Security Intelligence 
Category Block Type

uint32

Initiates an Security Intelligence Category data block. This 
value is always 

22

.

Security Intelligence 
Category Block 
Length

uint32

Total number of bytes in the Security Intelligence Category 
block, including eight bytes for the Security Intelligence 
Category block type and length fields, plus the number of 
bytes of data that follows.

Security Intelligence 
List ID

uint32

The ID of the IP blacklist or whitelist triggered by the 
connection.

Access Control 
Policy UUID

uint8[16]

The UUID of the access control policy configured for 
Security Intelligence.

String Block Type

uint32

Initiates a String data block containing the descriptive name 
associated with the access control rule reason. This value is 
always 

0

.