Cisco Cisco Firepower Management Center 2000 Guía Del Desarrollador
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
386
Understanding Discovery & Connection Data Structures
Discovery and Connection Event Series 2 Data Blocks
Chapter 4
Security
Intelligence
List ID
uint32
The ID of the IP blacklist or whitelist
triggered by the connection.
Access
Control Policy
UUID
uint8[16]
The UUID of the access control policy
configured for Security Intelligence.
String Block
Type
uint32
Initiates a String data block containing the
descriptive name associated with the
access control rule reason. This value is
always 0.
String Block
Length
uint32
The number of bytes included in the name
String data block, including eight bytes for
the block type and header fields plus the
number of bytes in the Security Intelligence
List Name field.
Security
Intelligence
List Name
string
The name of the Security Intelligence
category IP blacklist or whitelist triggered by
the connection.
Security Intelligence Category Data Block fields (Continued)
F
IELD
D
ATA
T
YPE
D
ESCRIPTION