Cisco Cisco Firepower Management Center 4000 Guía Del Desarrollador
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
125
Understanding Intrusion and Correlation Data Structures
Understanding Series 2 Data Blocks
Chapter 3
The
table describes the fields of the Generic List data
block.
UUID String Mapping Data Block
The eStreamer service uses the UUID String Mapping data block in various
metadata messages to map UUID values to descriptive strings. The UUID String
Mapping data block has a block type of 14 in series 2.
The following diagram shows the structure of the UUID String Mapping data
The following diagram shows the structure of the UUID String Mapping data
block.
Generic List Data Block Fields
F
IELD
N
UMBER
OF
B
YTES
D
ESCRIPTION
Data Block
Type
uint32
Initiates a Generic List data block. This value is
always 3.
Data Block
Length
uint32
Number of bytes in the Generic List block and
encapsulated data blocks. This number includes
the eight bytes of the generic list block header
fields, plus the total number of bytes in all of the
encapsulated data blocks.
Encapsulated
Data Blocks
variable
Encapsulated data blocks up to the maximum
number of bytes in the Generic List block length.
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
UUID String Mapping Block Type (14)
UUID String Mapping Block Length
UUID
UUID, continued
UUID, continued
UUID, continued
String Block Type (0)
String Block Length
Name...