Manualsbrain.com
  1. Manuales
  2. Marcas
  3. Cisco
  4. Cisco Firepower Management Center 4000
  5. Guía Del Desarrollador

Cisco Cisco Firepower Management Center 4000 Guía Del Desarrollador

Descargar
Página de 726
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
629
Understanding Legacy Data Structures
Legacy File Event Data Structures
Appendix B
The following diagram shows the structure of a file event hash data block:
The 
File Event SHA Hash 5.1.1-5.2.x Data Block Fields
 table describes the fields in 
the file event SHA hash data block.
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
File Event SHA Hash Block Type (26)
File Event SHA Hash Block Length
SHA Hash
SHA Hash, continued
SHA Hash, continued
SHA Hash, continued
SHA Hash, continued
SHA Hash, continued
SHA Hash, continued
SHA Hash, continued
Fil
e Name
String Block Type (0)
String Block Length
File Name or Disposition...
File Event SHA Hash 5.1.1-5.2.x Data Block Fields 
F
IELD
D
ATA
 T
YPE
D
ESCRIPTION
File Event SHA 
Hash Block 
Type
uint32
Initiates a File Event SHA Hash block. This 
value is always 26.
File Event SHA 
Hash Block 
Length
uint32
Total number of bytes in the File Event SHA 
Hash block, including eight bytes for the File 
Event SHA Hash block type and length fields, 
plus the number of bytes of data that follows. 
SHA Hash
uint8[32]
The SHA-256 hash of the file in binary format. 
String Block 
Type
uint32
Initiates a String data block containing the 
descriptive name associated with the file. This 
value is always 0.