Cisco Cisco Firepower Management Center 4000 Guía Del Desarrollador
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
380
Understanding Discovery & Connection Data Structures
User Data Blocks
Chapter 4
The
User Login Information Data Block Fields
table describes the components of
the User Login Information data block.
User Login Information Data Block Fields
F
IELD
D
ATA
T
YPE
D
ESCRIPTION
User Login
Information
Block Type
uint32
Initiates a User Login Information data block.
This value is 127 for version 5.1+.
User Login
Information
Block Length
uint32
Total number of bytes in the User Login
Information data block, including eight bytes for
the user login information block type and length
fields, plus the number of bytes in the user
login information data that follows.
Timestamp
uint32
Timestamp of the event.
IPv4 Address
uint32
IPv4 address from the host where the user
was detected logging in, in IP address octets.
String Block
Type
uint32
Initiates a String data block containing the
username for the user. This value is always 0.
String Block
Length
uint32
Number of bytes in the username String data
block, including eight bytes for the block type
and length fields, plus the number of bytes in
the username.
Username
string
The user name for the user.
User ID
uint32
Identification number of the user.
Application ID
uint32
The application ID for the application protocol
used in the connection that the login
information was derived from.
String Block
Type
uint32
Initiates a String data block containing the
email address for the user. This value is always
0.
String Block
Length
uint32
Number of bytes in the email address String
data block, including eight bytes for the block
type and length fields, plus the number of
bytes in the email address.
Email
string
The email address for the user.