Cisco Cisco Firepower Management Center 2000 Guía Del Desarrollador
B-162
FireSIGHT eStreamer Integration Guide
Appendix B Understanding Legacy Data Structures
Legacy Host Data Structures
Host Profile Data Block for 5.1.x
The following diagram shows the format of a Host Profile data block. The data block also does not
include a host criticality value, but does include a VLAN presence indicator. In addition, a data block
can convey a NetBIOS name for the host. The Host Profile data block has a block type of 132.
include a host criticality value, but does include a VLAN presence indicator. In addition, a data block
can convey a NetBIOS name for the host. The Host Profile data block has a block type of 132.
Note
An asterisk(*) next to a block type field in the following diagram indicates the message may contain zero
or more instances of the series 1 data block.
or more instances of the series 1 data block.
List Block
Length
Length
uint32
Number of bytes in the List data block, including the list header and
all encapsulated data blocks.
all encapsulated data blocks.
Attribute Value
Data Blocks *
Data Blocks *
variable
List of Attribute Value data blocks. See
for a description of the data blocks in this list.
Mobile
uint8
A true-false flag indicating whether the operating system is running on
a mobile device.
a mobile device.
Jailbroken
uint8
A true-false flag indicating whether the mobile device operating
system is jailbroken.
system is jailbroken.
Table B-33
Full Host Profile Record 5.2.x Fields (continued)
Field
Data Type
Description
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Host Profile Block Type (132)
Host Profile Block Length
IP Address
Server
Fingerprints
Hops
Primary/Secondary
Generic List Block Type (31)
Generic List Block Type, continued
Generic List Block Length
Generic List Block Length, continued
Server Fingerprint Data Blocks*
Client
Fingerprints
Generic List Block Type (31)
Generic List Block Length
Client Fingerprint Data Blocks*
SMB
Fingerprints
Generic List Block Type (31)
Generic List Block Length
SMB Fingerprint Data Blocks*