Cisco Cisco Firepower Management Center 2000 Guía Del Desarrollador
3-2
FireSIGHT eStreamer Integration Guide
Chapter 3 Understanding Intrusion and Correlation Data Structures
Intrusion Event and Metadata Record Types
66
N/A
N/A
Rule Message Metadata
(Version 4.6.1+)
(Version 4.6.1+)
Current
67
N/A
N/A
Classification Metadata
(Version 4.6.1+)
(Version 4.6.1+)
Current
69
N/A
N/A
Correlation Policy Metadata
(Version 4.6.1+)
(Version 4.6.1+)
Current
70
N/A
N/A
Correlation Rule Metadata
(Version 4.6.1+)
(Version 4.6.1+)
Current
104
N/A
N/A
Intrusion Event (IPv4)
Record 4.9 - 4.10.x
Record 4.9 - 4.10.x
Legacy
earlier versions of the product
105
N/A
N/A
Intrusion Event (IPv6)
Record 4.9-4.10.x
Record 4.9-4.10.x
Legacy
earlier versions of the product
110
4
2
Intrusion Event Extra Data
(Version 4.10.0+)
(Version 4.10.0+)
Current
111
5
2
Intrusion Event Extra Data
Metadata (Version 4.10.0+)
Metadata (Version 4.10.0+)
Current
112
128
1
Correlation Event for 5.1+
Current
115
14
2
Security Zone Name
Metadata
Metadata
Current
116
14
2
Interface Name Metadata
Current
117
14
2
Access Control Policy Name
Metadata
Metadata
Current
118
15
2
Intrusion Policy Name
Metadata
Metadata
Current
119
15
2
Access Control Rule ID
Metadata
Metadata
Current
120
N/A
N/A
Access Control Rule Action
Metadata
Metadata
Current
121
N/A
N/A
URL Category Metadata
Current
122
N/A
N/A
URL Reputation Metadata
Current
123
N/A
N/A
Managed Device Metadata
Current
125
N/A
2
Malware Event Record
(Version 5.1.1+)
(Version 5.1.1+)
Current
125
24
2
Malware Event (Version
5.1.1+)
5.1.1+)
Current
125
33
2
Malware Event (Version
5.2.x)
5.2.x)
Legacy
125
35
2
Malware Event (Version 5.3) Legacy
125
44
2
Malware Event (Version
5.3.1+)
5.3.1+)
Current
Table 3-1
Intrusion Event and General Metadata Record Types (continued)
Record
Type
Type
Block
Type
Type
Series
Description
Record
Status
Status
Data Format Described in...