Cisco Cisco Firepower Management Center 4000 Guía Del Desarrollador

Version 5.3

Sourcefire 3D System eStreamer Integration Guide

188

Understanding Discovery & Connection Data Structures

Metadata for Discovery Events

Chapter 4

User Record

The eStreamer service transmits metadata containing information about users 

detected by the system within a User record, the format of which is shown 

below. (User information is sent when the Version 4 metadata and the policy 

event request flag—bits 20 and 22, respectively, in the Request Flags field of a 

request message—is set. See 

 on page 30.) Note that the Record 

Type field, which appears after the Message Length field, has a value of 98, 

indicating a User record.

The 

 table describes the fields in the User record.

Description

string

A general description of the vulnerability.

CVE ID Length

uint32

The length of the CVE ID field.

CVE ID

string

The Common Vulnerabilities and Exposures 

(CVE) ID number for the vulnerability.

BugTraq ID 

Length

uint32

The length of the BugTraq ID field.

BugTraq ID

string

The BugTraq ID number for the vulnerability.

Third Party Scanner Vulnerability Record Fields (Continued)

Byte

0

1

2

3

Bit

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

Header Version (1)

Message Type (4)

Message Length

Record Type (98)

Record Length

User ID

Protocol

Name Length

Name...