Cisco Cisco Firepower Management Center 4000 Guía Del Desarrollador
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
336
Understanding Discovery & Connection Data Structures
Host Discovery and Connection Data Blocks
Chapter 4
User Vulnerability Data Block 5.0+
The User Vulnerability data block describes a vulnerability and is used within User
Vulnerability Change data blocks. These in turn are used in User Set Valid
Vulnerabilities events and User Set Invalid Vulnerabilities events. The User
Vulnerability data block for 5.0+ has a block type of 124 in the series 1 group of
blocks. It supersedes block type 79. For more information on User Vulnerability
Change data blocks, see
Hits
uint32
Number of times the system has detected the
client application in use.
Last Used
uint32
UNIX timestamp that represents the last time the
system detected the client in use.
ID
uint32
Identification number of the detected client
application, if applicable.
String Block
Type
uint32
Initiates a String data block for the client
application version. This value is always 0.
String Block
Length
uint32
Number of bytes in the String data block for the
client application version, including eight bytes
for the string block type and length, plus the
number of bytes in the client application version.
Version
string
Client application version.
Generic List
Block Type
uint32
Initiates a Generic List data block. This value is
always 31.
Generic List
Block Length
uint32
Number of bytes in the Generic List block and
encapsulated Web Application data blocks. This
number includes the eight bytes of the generic
list block header fields, plus the number of bytes
in all of the encapsulated data blocks.
Web
Application
Data Blocks
variable
Encapsulated Web Application data blocks up to
the maximum number of bytes in the list block
length. See
on page 299 for information on the encapsulated
data blocks (block type 123).
Host Client Application Data Block Fields (Continued)
F
IELD
D
ATA
T
YPE
D
ESCRIPTION