Manualsbrain.com
  1. Manuales
  2. Marcas
  3. Cisco
  4. Cisco Firepower Management Center 2000
  5. Guía Del Desarrollador

Cisco Cisco Firepower Management Center 2000 Guía Del Desarrollador

Descargar
Página de 536
 
3-58
FireSIGHT eStreamer Integration Guide
 
Chapter 3      Understanding Intrusion and Correlation Data Structures 
  Understanding Series 2 Data Blocks
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
File Event Block Type (43)
File Event Block Length
Device ID
Connection Instance
Connection Counter
Connection Timestamp
File Event Timestamp
Source IP Address
Source IP Address, continued
Source IP Address, continued
Source IP Address, continued
Destination IP Address
Destination IP Address, continued
Destination IP Address, continued
Destination IP Address, continued
Disposition
SPERO Disposition
File Storage Status
File Analysis Status
Archive File Status
Threat Score
Action
SHA Hash
SHA Hash, continued
SHA Hash, continued
SHA Hash, continued
SHA Hash, continued
SHA Hash, continued
SHA Hash, continued
SHA Hash, continued
SHA Hash, continued
File Type ID