Cisco Cisco Firepower Management Center 4000 Guía Del Desarrollador

Version 5.3

Sourcefire 3D System eStreamer Integration Guide

513

Understanding Legacy Data Structures

Legacy Discovery Data Structures

Appendix B

Legacy Discovery Data Structures

•

Legacy Discovery Event Header

on page 514

•

Legacy Server Data Blocks

on page 516

•

Legacy Client Application Data Blocks

on page 537

•

Legacy Scan Result Data Blocks

on page 543

•

Legacy Vulnerability Blocks

on page 563

•

Legacy Host Profile Data Blocks

on page 567

•

Legacy OS Fingerprint Data Blocks

on page 575

Web Application ID

uint32

The internal identification number of

the detected web application, if

applicable.

Client Application

uint32

The internal identification number of

the detected client application, if

applicable.

Action

uint8

The action taken on the file based on

the file type. Can have the following

values:
•

— Detect

•

— Block

•

— Malware Cloud Lookup

•

— Malware Block

•

— Malware Whitelist

Protocol

uint8

IANA protocol number specified by the

user. For example:
•

— ICMP

•

— IP

•

— TCP

•

— UDP

This is currently only TCP.

Malware Event Data Block for 5.2.x Fields (Continued)

IELD

ATA

YPE

ESCRIPTION