Cisco Cisco Firepower Management Center 2000 Guía Del Desarrollador

Cisco

Version 5.3

Sourcefire 3D System eStreamer Integration Guide

515

Understanding Legacy Data Structures

Legacy Discovery Data Structures

Appendix B

The

Discovery Event Header Fields

table describes the discovery event header.

Dis

covery Event Header

Device ID

IP Address

MAC Address

MAC Address, continued

Reserved for future use

Event Second

Event Microsecond

Reserved (Internal)

Event Type

Event Subtype

File Number (Internal Use Only)

File Position (Internal Use Only)

Discovery Event Header Fields

F

IELD

D

ATA

T

YPES

D

ESCRIPTION

Device ID

uint32

ID number of the device that generated the

discovery event. You can obtain the metadata

for the device by requesting Version 3 and 4

metadata. See

Managed Device Record

on page 99 for more information.

IP Address

uint32

IP address of the host involved in the event.

MAC Address

uint8[6]

MAC address of the host involved in the event.

Reserved for

future use

byte[2]

Two bytes of padding with values set to 0.

Event Second

uint32

UNIX timestamp (seconds since 01/01/1970)

that the system generated the event.

Event

Microsecond

uint32

Microsecond (one millionth of a second)

increment that the system generated the

event.

Reserved

(Internal)

byte

Internal data from Sourcefire and can be

disregarded.