Cisco Cisco Firepower Management Center 4000 Guía Del Desarrollador
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
201
Understanding Discovery & Connection Data Structures
Metadata for Discovery Events
Chapter 4
Discovery and Connection Event Types and Subtypes
The values in the Event Type and Event Subtype fields identify and classify the
event contained in a host discovery or user data message. They also identify the
structure of the data in the message.
The
The
table lists the event
types and event subtypes for discovery and connection events.
Discovery and Connection Events by Type and Subtype
E
VENT
N
AME
E
VENT
T
YPE
E
VENT
S
UBTYPE
New Host
1000
1
New TCP Server
1000
2
New Network Protocol
1000
3
New Transport Protocol
1000
4
New IP to IP Traffic
1000
5
New UDP Server
1000
6
New Client Application
1000
7
New OS
1000
8
New IPv6 to IPv6 Traffic
1000
9
Host IP Address Changed
1001
1
OS Information Update
1001
2
Host IP Address Reused
1001
3
Vulnerability Change
1001
4
Hops Change
1001
5
TCP Server Information Update
1001
6
Host Timeout
1001
7
TCP Port Closed
1001
8
UDP Port Closed
1001
9