Cisco Cisco Firepower Management Center 2000 Guía Del Desarrollador
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
185
Understanding Discovery & Connection Data Structures
Metadata for Discovery Events
Chapter 4
The
table describes the fields in the Source
Application record.
Source Detector Record
The eStreamer service transmits metadata containing information about the
source application for a host discovery event within a Source Type record, the
format of which is shown below. (Source type information is sent when one of
the metadata flags—bits 1, 14, 15, or 20 in the Request Flags field of a request
message—is set. See
on page 30.) Note that the Record Type
field, which appears after the Message Length field, has a value of 96, indicating a
Source Detector record.
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Header Version (1)
Message Type (4)
Message Length
Record Type (91)
Record Length
Source Application ID
Name Length
Name...
Source Application Record Fields
F
IELD
D
ATA
T
YPE
D
ESCRIPTION
Source
Application ID
uint32
The ID number for the source application.
Name Length
uint32
The number of bytes included in the source
application name.
Name
string
The name of the source application.