Cisco Cisco Firepower Management Center 2000 Guía Del Desarrollador
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
463
Understanding Legacy Data Structures
Legacy Intrusion Data Structures
Appendix B
The
table describes each intrusion
event record data field.
Rule ID (Signature ID)
Generator ID
Rule Revision
Classification ID
Priority ID
Source IPv6 Address
Source IPv6 Address, continued
Source IPv6 Address, continued
Source IPv6 Address, continued
Destination IPv6 Address
Destination IPv6 Address, continued
Destination IPv6 Address, continued
Destination IPv6 Address, continued
Source Port/ICMP Type
Destination Port/ICMP Code
IP Protocol ID
Impact Flags
Impact
Blocked
Reserved
VLAN ID
Pad
Intrusion Event (IPv6) Record 4.10.2.3+ Fields
F
IELD
D
ATA
T
YPE
D
ESCRIPTION
Detection
Engine ID
unit32
Contains the detection engine identification
number.
Event ID
uint32
Event identification number.
Event Second
uint32
UNIX timestamp (seconds since 01/01/1970) of
the event’s detection.
Event
Microsecond
uint32
Microsecond (one millionth of a second)
increment of the timestamp of the event’s
detection.