Cisco Cisco Firepower Management Center 4000 Guía Del Desarrollador
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
655
Understanding Legacy Data Structures
Legacy Correlation Event Data Structures
Appendix B
The
Event Defined Values
table describes each Event Defined Mask value.
Ingress Zone
UUID
uint8[16]
A zone ID that acts as the unique identifier for
the ingress security zone associated with
correlation event.
Egress Zone
UUID
uint8[16]
A zone ID that acts as the unique identifier for
the egress security zone associated with
correlation event.
Correlation Event 5.0 - 5.0.2 Data Fields (Continued)
F
IELD
D
ATA
T
YPE
D
ESCRIPTION
Event Defined Values
D
ESCRIPTION
M
ASK
V
ALUE
Event Impact Flags
0x00000001
IP Protocol
0x00000002
Network Protocol
0x00000004
Source IP
0x00000008
Source Host Type
0x00000010
Source VLAN ID
0x00000020
Source Fingerprint ID
0x00000040
Source Criticality
0x00000080
Source Port
0x00000100
Source Server
0x00000200
Destination IP
0x00000400
Destination Host Type
0x00000800
Destination VLAN ID
0x00001000
Destination Fingerprint ID
0x00002000
Destination Criticality
0x00004000