Cisco Cisco Firepower Management Center 4000 Guía Del Desarrollador
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
154
Understanding Intrusion and Correlation Data Structures
Understanding Series 2 Data Blocks
Chapter 3
String Block
Length
uint32
The number of bytes included in the name
String data block, including eight bytes for the
block type and header fields plus the number
of bytes in the Summary field.
Summary
string
Explanation of the threat or vulnerability.
String Block
Type
uint32
Initiates a String data block containing the
impact associated with the rule. This value is
always 0.
String Block
Length
uint32
The number of bytes included in the name
String data block, including eight bytes for the
block type and header fields plus the number
of bytes in the Impact field.
Impact
string
How a compromise that uses this vulnerability
may impact various systems.
String Block
Type
uint32
Initiates a String data block containing the
detailed information associated with the rule.
This value is always 0.
String Block
Length
uint32
The number of bytes included in the name
String data block, including eight bytes for the
block type and header fields plus the number
of bytes in the Detailed Information field.
Detailed
Information
string
Information regarding the underlying
vulnerability, what the rule actually looks for,
and what systems are affected.
String Block
Type
uint32
Initiates a String data block containing the list
of affected systems associated with the rule.
This value is always 0.
String Block
Length
uint32
The number of bytes included in the name
String data block, including eight bytes for the
block type and header fields plus the number
of bytes in the Affected Systems field.
Affected
Systems
string
Systems affected by the vulnerability.
String Block
Type
uint32
Initiates a String data block containing the
possible attack scenarios associated with the
rule. This value is always 0.
Rule Documentation Data Block Fields (Continued)
F
IELD
D
ATA
T
YPE
D
ESCRIPTION