Cisco Cisco Firepower Management Center 2000 Guía Del Desarrollador
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
584
Understanding Legacy Data Structures
Legacy Connection Data Structures
Appendix B
Last Packet
Timestamp
uint32
UNIX timestamp that represents the date and
time that the last packet was exchanged in the
session.
Connection
Type
uint8
Indicates the type of connection.
Source
Device IP
Address
uint8[4]
IP address of the sensor that detected the
connection event, in IP address octets.
TCP Flags
uint8
Indicates any TCP flags for the connection event.
Packets Sent
uint32
Indicates the number of packets transmitted by
the initiating host.
Packets
Received
uint32
Number of packets transmitted by the
responding host.
Bytes Sent
uint32
Number of bytes transmitted by the initiating
host.
Bytes
Received
uint32
Number of bytes transmitted by the responding
host.
Protocol
uint8
Protocol used within the session.
Server ID
uint32
Indicates the identification number for the server.
Client
Application
Type ID
uint32
Identification number of the detected client
application type, if applicable.
Client
Application ID
uint32
Identification number of the detected client
application, if applicable.
String Block
Type
uint32
Initiates a String data block for the client
application version. This value is always 0.
String Block
Length
uint32
Number of bytes in the client application version
String data block, including eight bytes for the
string block type and length fields, plus the
number of bytes in the client application version
string.
Connection Statistics Data Block 4.9.1 - 4.10.1 Fields (Continued)
F
IELD
D
ATA
T
YPE
D
ESCRIPTION