Cisco Cisco Firepower Management Center 4000 Guía Del Desarrollador
B-161
FireSIGHT eStreamer Integration Guide
Appendix B Understanding Legacy Data Structures
Legacy Host Data Structures
Full Host Client
Application Data
Blocks *
Application Data
Blocks *
variable
List of Client Application data blocks. See
for a description of this data
block.
String Block
Type
Type
uint32
Initiates a String data block for the host NetBIOS name. This value is
always
always
0
.
String Block
Length
Length
uint32
Number of bytes in the String data block, including eight bytes for the
string block type and length fields, plus the number of bytes in the
NetBIOS name string.
string block type and length fields, plus the number of bytes in the
NetBIOS name string.
NetBIOS Name
string
Host NetBIOS name string.
String Block
Type
Type
uint32
Initiates a String data block for host notes. This value is always
0
.
String Block
Length
Length
uint32
Number of bytes in the notes String data block, including eight bytes
for the string block type and length fields, plus the number of bytes in
the notes string.
for the string block type and length fields, plus the number of bytes in
the notes string.
Notes
string
Contains the contents of the Notes host attribute for the host.
Generic List
Block Type
Block Type
uint32
Initiates a Generic List data block comprising Host Vulnerability data
blocks conveying VDB vulnerability data. This value is always
blocks conveying VDB vulnerability data. This value is always
31
.
Generic List
Block Length
Block Length
uint32
Number of bytes in the Generic List data block, including the list
header and all encapsulated data blocks.
header and all encapsulated data blocks.
(VDB) Host
Vulnerability
Data Blocks *
Vulnerability
Data Blocks *
variable
List of Host Vulnerability data blocks for vulnerabilities identified in
the Cisco vulnerability database (VDB). See
the Cisco vulnerability database (VDB). See
for a description of this data block.
Generic List
Block Type
Block Type
uint32
Initiates a Generic List data block comprising Host Vulnerability data
blocks conveying third-party scan vulnerability data. This value is
always
blocks conveying third-party scan vulnerability data. This value is
always
31
.
Generic List
Block Length
Block Length
uint32
Number of bytes in the Generic List data block, including the list
header and all encapsulated data blocks.
header and all encapsulated data blocks.
(Third
Party/VDB) Host
Vulnerability
Data Blocks *
Party/VDB) Host
Vulnerability
Data Blocks *
variable
Host Vulnerability data blocks sourced from a third party scanner and
containing information about host vulnerabilities cataloged in the
Cisco vulnerability database (VDB). See
containing information about host vulnerabilities cataloged in the
Cisco vulnerability database (VDB). See
for a description of this data block.
Generic List
Block Type
Block Type
uint32
Initiates a Generic List data block comprising Host Vulnerability data
blocks conveying third party scan vulnerability data. This value is
always
blocks conveying third party scan vulnerability data. This value is
always
31
.
Generic List
Block Length
Block Length
uint32
Number of bytes in the Generic List data block, including the list
header and all encapsulated data blocks.
header and all encapsulated data blocks.
(Third Party
Scan) Host
Vulnerability
Data Blocks *
Scan) Host
Vulnerability
Data Blocks *
variable
Host Vulnerability data blocks sourced from a third party scanner.
Note that the host vulnerability IDs for these data blocks are the third
party scanner IDs, not Cisco-detected IDs. See
Note that the host vulnerability IDs for these data blocks are the third
party scanner IDs, not Cisco-detected IDs. See
for a description of this data block.
List Block Type
uint32
Initiates a List data block comprising Attribute Value data blocks
conveying attribute data. This value is always
conveying attribute data. This value is always
11
.
Table B-33
Full Host Profile Record 5.2.x Fields (continued)
Field
Data Type
Description