Cisco Cisco Firepower Management Center 2000 Guía Del Desarrollador
4-15
FireSIGHT eStreamer Integration Guide
Chapter 4 Understanding Discovery & Connection Data Structures
Metadata for Discovery Events
The following table describes the fields in the Server record.
Source Type Record
The eStreamer service transmits metadata containing information about the source application for an
event within a Source Type record, the format of which is shown below. (Source type information is sent
when one of the metadata flags—bits 1, 14, 15, or 20 in the Request Flags field of a request message—is
set. See
event within a Source Type record, the format of which is shown below. (Source type information is sent
when one of the metadata flags—bits 1, 14, 15, or 20 in the Request Flags field of a request message—is
set. See
.) Note that the Record Type field, which appears after the Message
Length field, has a value of
90
, indicating a Source Type record.
The following table describes the fields in the Source Type record.
Table 4-9
Server Record Fields
Field
Data Type
Description
Application ID
uint32
The application ID number of the application protocol.
Name Length
uint32
The number of bytes included in the server name.
Name
string
The name of the application protocol. For application ID 65535, the
name is
name is
unknown
.
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Header Version (1)
Message Type (4)
Message Length
Record Type (90)
Record Length
Source Type ID
Name Length
Name...
Table 4-10
Source Type Record Fields
Field
Data Type
Description
Source Type ID
uint32
The identification number for the source type.
Name Length
uint32
The number of bytes included in the source type name.
Name
string
The name of the source type.