Cisco Cisco Firepower Management Center 4000 Guide Du Développeur
4-12
FireSIGHT eStreamer Integration Guide
Chapter 4 Understanding Discovery & Connection Data Structures
Metadata for Discovery Events
Network Protocol Record
The eStreamer service transmits metadata containing network protocol information for an event within
a Network Protocol record, the format of which is shown below. (Network protocol information is sent
when one of the metadata flags—bits 1, 14, 15, or 20 in the Request Flags field of a request message—is
set. See
a Network Protocol record, the format of which is shown below. (Network protocol information is sent
when one of the metadata flags—bits 1, 14, 15, or 20 in the Request Flags field of a request message—is
set. See
.) Note that the Record Type field, which appears after the Message
Length field, has a value of
59
, indicating a Network Protocol record.
The following table describes the fields in the Network Protocol record.
Attribute Record
The eStreamer service transmits metadata containing attribute information for an event within an
Attribute record, the format of which is shown below. (Attribute information is sent when one of the
metadata flags—bits 1, 14, 15, or 20 in the Request Flags field of a request message—is set. See
Attribute record, the format of which is shown below. (Attribute information is sent when one of the
metadata flags—bits 1, 14, 15, or 20 in the Request Flags field of a request message—is set. See
.) Note that the Record Type field, which appears after the Message Length field, has a
value of
60
, indicating an Attribute record.
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Header Version (1)
Message Type (4)
Message Length
Record Type (59)
Record Length
Network Protocol ID
Name Length
Name...
Table 4-6
Network Protocol Record Fields
Field
Data Type
Description
Network Protocol
ID
ID
uint32
The network protocol ID number.
Name Length
uint32
The number of bytes included in the network
protocol name.
protocol name.
Name
string
The name of the network protocol.