Cisco Cisco Firepower Management Center 2000 Guía Del Desarrollador
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
719
Understanding Legacy Data Structures
Legacy Metadata Structures
Appendix B
The
IP Range Specification Data Block Fields
table describes the components of
the IP Range Specification data block.
Legacy Metadata Structures
The following legacy data structures apply to versions of the system before 5.1:
Detection Engine Record for 4.6.1 - 4.10.x
The eStreamer service transmits metadata containing device information for an
event within a Detection Engine record, the format of which is shown below.
The Detection Engine for 4.6.1+ contains the same fields as the Detection Engine
The Detection Engine for 4.6.1+ contains the same fields as the Detection Engine
record for 4.6 but has a new UUID field. Detection Engine information is sent
when the Version 3 or Version 4 metadata flag—bit 15 or bit 20 in the Request
Flags field of a request message—is set. See
on page 30. The
Record Type field has a value of 68.
IP Range Specification Data Block Fields
F
IELD
D
ATA
T
YPE
D
ESCRIPTION
IP Range
Specification
Block Type
uint32
Initiates a IP Range Specification data block.
This value is always 61.
IP Range
Specification
Block Length
uint32
Total number of bytes in the IP Range
Specification data block, including eight bytes
for the IP Range Specification block type and
length fields, plus the number of bytes of IP
range specification data that follows.
IP Range
Specification
Start
uint32
The starting IP address for the IP address
range.
IP Range
Specification
End
uint32
The ending IP address for the IP address range.