Cisco Cisco Firepower Management Center 4000 Guida Dello Sviluppatore

The following table describes the fields of the Connection Statistics data block for 5.0 - 5.0.2.

Application Protocol ID, continued

URL Category

URL Category, continued

URL Reputation

URL Reputation, continued

Client App ID

Client Application ID, continued

Web App ID

Web Application ID, continued

String Block Type (0)

Client 

App URL

String Block Type, continued

String Block Length

String Block Length, continued

Client Application 

URL...

NetBIOS

Name

String Block Type (0)

String Block Length

NetBIOS Name....

Client 

App Version

String Block Type (0)

String Block Length

Client Application Version...

Byte

0

1

2

3

Bit

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

Connection 
Statistics Data 
Block Type

uint32

Initiates a Connection Statistics data block for 5.0 to 5.0.2. The value 
is always 

115

.

Connection 
Statistics Data 
Block Length

uint32

Number of bytes in the Connection Statistics data block, including 
eight bytes for the connection statistics block type and length fields, 
plus the number of bytes in the connection data that follows.

Device ID

uint32

The device that detected the connection event.

Ingress Zone

uint8[16]

Ingress security zone in the event that triggered the policy violation.

Egress Zone

uint8[16]

Egress security zone in the event that triggered the policy violation.

Ingress 
Interface

uint8[16]

Interface for the inbound traffic.

Egress Interface uint8[16]

Interface for the outbound traffic.

Initiator IP 
Address

uint8[16]

IP address of the host that initiated the session described in the 
connection event, in IP address octets.