Cisco Cisco Firepower Management Center 2000 Guía Del Desarrollador
A-11
FireSIGHT eStreamer Integration Guide
Appendix A Data Structure Examples
Intrusion Event Data Structure Examples
Example of a Rule Message Record
The following example shows a sample rule record:
5
This line indicates that the priority ID is one.
6
The first two bytes of this line indicate that there are four bytes included in the priority
name. The second two bytes plus the two bytes on the following line show the priority name
itself (“high”).
name. The second two bytes plus the two bytes on the following line show the priority name
itself (“high”).
Number Description
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
1
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0
2
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 1
3
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 1 0
4
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 1 1 0 0 1
5
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1
6
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 1 1 0 1 1 0 1 0 0 1 0 1
7
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1
8
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 1 1 0 1 1 0 1 0 0 1 0 1
9
0 0 0 0 0 0 0 0 0 1 0 0 0 1 1 1 1 0 1 1 0 1 1 0 0 0 1 1 0 1 1 1
0 0 1 0 0 1 1 1 0 0 1 1 1 0 0 1 0 0 1 0 0 1 1 0 0 0 0 1 1 1 1 1
0 0 0 1 0 0 0 1 1 1 1 0 0 0 1 1 1 0 1 1 0 0 0 0 0 0 0 0 1 0 0 1
1 0 0 0 0 1 0 0 1 0 0 0 1 1 1 1 0 1 1 0 1 0 0 1 1 1 1 0 0 0 1 1
10
0 1 1 0 1 1 0 1 1 1 0 1 0 0 1 0 1 0 1 1 0 1 1 0 0 0 1 1 0 1 1 1
0 0 1 0 1 0 1 0 1 0 1 0 0 1 0 1 0 0 1 0 0 1 1 0 0 0 0 1 1 1 1 1
0 0 0 1 0 0 0 1 1 1 1 0 0 0 1 1 1 0 1 1 0 0 0 0 0 0 0 0 1 0 0 1
1 0 0 0 0 1 0 0 1 0 0 0 1 1 1 1 0 1 1 0 1 0 0 1 1 1 1 0 0 0 1 1
11
0 1 1 0 1 1 0 1 1 1 0 1 0 0 1 0 0 1 0 0 0 0 0 1 0 1 0 1 0 0 0 0
0 1 0 1 0 0 0 0 0 0 1 0 1 1 0 1 0 1 0 0 0 1 0 0 0 1 0 0 0 1 0 1
0 1 0 1 0 1 0 0 0 1 0 0 0 1 0 1 0 1 0 0 0 0 1 1 0 1 0 1 0 1 0 0