Cisco Cisco Firepower Management Center 2000 Guía Del Desarrollador
4-153
FireSIGHT eStreamer Integration Guide
Chapter 4 Understanding Discovery & Connection Data Structures
Host Discovery and Connection Data Blocks
User Product Data Block 5.1+
The User Product data block conveys host input data imported from a third-party application, including
third-party application string mappings. This data block is used in
third-party application string mappings. This data block is used in
. The User Product data block
has a block type of 65 in the series 1 group of blocks for versions up to 4.7-4.10.1, a block type of 118
for 4.10.2-5.0.x, and a block type of 134 in the series 1 group of blocks for 5.1+. Block types 65 and 118
have the same structure.
for 4.10.2-5.0.x, and a block type of 134 in the series 1 group of blocks for 5.1+. Block types 65 and 118
have the same structure.
Note
An asterisk(*) next to a data block name in the following diagram indicates that multiple instances of
the data block may occur.
the data block may occur.
The following diagram shows the format of the User Product data block:
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
User Product Data Block Type (134)
User Product Block Length
Source ID
Source Type
IP Address
Ranges
Generic List Block Type (31)
Generic List Block Length
IP Range Specification Data Blocks*
Port
Protocol
Drop User Product
Custom
Vendor String
String Block Type (0)
String Block Length
Custom Vendor String...
Custom
Product String
String Block Type (0)
String Block Length
Custom Product String...