Cisco Cisco Firepower Management Center 4000 Guide Du Développeur
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
225
Understanding Discovery & Connection Data Structures
Host Discovery and Connection Data Blocks
Chapter 4
Series 1 Primitive Data Blocks
Both series 1 and series 2 blocks include a set of primitives that encapsulate lists
of variable-length blocks as well as variable-length strings and BLOBs within
messages. These primitive blocks have the standard series 1 block header
discussed above. These primitives appear only within other series 1 data blocks.
Any number can be included in a given block type. For details on the structure of
the primitive blocks, see the following:
•
•
•
•
Host Discovery and Connection Data Blocks
For the list of block types in host discovery and connection events, see the
on page 225. The block types in
user events are described in the
User Data Block Type table
on page 363. These
are all series 1 data blocks.
Each entry in the table below contains a link to the subsection where the data
Each entry in the table below contains a link to the subsection where the data
block is defined. For each block type, the status (current or legacy) is indicated. A
current data block is the latest version. A legacy data block is one that is used for
an older version of the product, and the message format can still be requested
from eStreamer.
Host Discovery and Connection Data Block Types
T
YPE
C
ONTENT
D
ATA
B
LOCK
S
TATUS
D
ESCRIPTION
0
String
Current
on page 237 for more
information.
1
Sub-Server
Current
Contains information about a sub-
server detected on a server. See
for more information.
4
Protocol
Current
Contains protocol data. See
on page 243 for more
information.
7
Integer Data
Current
Contains integer (numeric) data. See
page 244 for more information.