Cisco Cisco Firepower Management Center 2000 Guía Del Desarrollador
![Cisco](https://files.manualsbrain.com/attachments/7380d0050044647c30f5c24bbbf5d0c0b6d9bb84/common/fit/150/50/faa183d287233c52228cfea3dbc2a127fe780f60564fcb0955d9c3d1cd23/brand_logo.png)
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
468
Understanding Legacy Data Structures
Legacy Intrusion Data Structures
Appendix B
The
Intrusion Event (IPv4) Record Fields
table describes each intrusion event
record data field.
Interface Egress UUID
Interface Egress UUID, continued
Interface Egress UUID, continued
Interface Egress UUID, continued
Security Zone Ingress UUID
Security Zone Ingress UUID, continued
Security Zone Ingress UUID, continued
Security Zone Ingress UUID, continued
Security Zone Egress UUID
Security Zone Egress UUID, continued
Security Zone Egress UUID, continued
Security Zone Egress UUID, continued
Intrusion Event (IPv4) Record Fields
F
IELD
D
ATA
T
YPE
D
ESCRIPTION
Device ID
unit32
Contains the identification number of the
detecting managed device. You can obtain the
managed device name by requesting Version 3
or 4 metadata. See
on page 99 for more information.
Event ID
uint32
Event identification number.
Event Second
uint32
UNIX timestamp (seconds since 01/01/1970) of
the event’s detection.
Event
Microsecond
uint32
Microsecond (one millionth of a second)
increment of the timestamp of the event’s
detection.
Rule ID
(Signature ID)
uint32
Rule identification number that corresponds with
the event.
Generator ID
uint32
Identification number of the Sourcefire 3D
System preprocessor that generated the event.