Cisco Cisco Firepower Management Center 2000 Guía Del Desarrollador
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
333
Understanding Discovery & Connection Data Structures
Host Discovery and Connection Data Blocks
Chapter 4
The
table describes the fields
of the Full Host Client Application data block.
Full Host Client Application Data Block 5.0+ Fields
F
IELD
D
ATA
T
YPE
D
ESCRIPTION
Full Host
Client
Application
Block Type
uint32
Initiates a Full Host Client Application data block.
This value is always 112.
Full Host
Client
Application
Block Length
uint32
Number of bytes in the Full Host Client
Application data block, including eight bytes for
the client application block type and length, plus
the number of bytes in the client application data
that follows.
Hits
uint32
Number of times the system has detected the
client application in use.
Last Used
uint32
UNIX timestamp that represents the last time the
system detected the client in use.
Application ID
uint32
Application ID of the detected client application,
if applicable. For more information on client
applications, see the Sourcefire 3D System
eStreamer Integration Guide.
String Block
Type
uint32
Initiates a String data block for the client
application version. This value is always 0.
String Block
Length
uint32
Number of bytes in the String data block for the
client application name, including eight bytes for
the string block type and length, plus the number
of bytes in the client application version.
Version
string
Client application version.
Generic List
Block Type
uint32
Initiates a Generic List data block. This value is
always 31.
Generic List
Block Length
uint32
Number of bytes in the Generic List block and the
encapsulated Web Application data blocks. This
number includes the eight bytes of the generic
list block header fields, plus the number of bytes
in all of the encapsulated data blocks.