Cisco Cisco Firepower Management Center 2000 Guida Dello Sviluppatore
4-18
FireSIGHT eStreamer Integration Guide
Chapter 4 Understanding Discovery & Connection Data Structures
Metadata for Discovery Events
The following table describes the fields in the Vulnerability record.
User Record
The eStreamer service transmits metadata containing information about users detected by the system
within a User record, the format of which is shown below. (User information is sent when the Version 4
metadata and the policy event request flag—bits 20 and 22, respectively, in the Request Flags field of a
request message—is set. See
within a User record, the format of which is shown below. (User information is sent when the Version 4
metadata and the policy event request flag—bits 20 and 22, respectively, in the Request Flags field of a
request message—is set. See
.) Note that the Record Type field, which appears
after the Message Length field, has a value of
98
, indicating a User record.
Scanner Type
Title Length
Title...
Description Length
Description...
CVE ID Length
CVE ID...
BugTraq Length
BugTraq ID...
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Table 4-13
Third Party Scanner Vulnerability Record Fields
Field
Data Type
Description
Vulnerability ID
uint32
The third-party vulnerability ID number.
Scanner Type
uint32
The third-party scanner type.
Title Length
uint32
The length of the title field.
Title
string
The title of the vulnerability.
Description Length uint32
The length of the description field.
Description
string
A general description of the vulnerability.
CVE ID Length
uint32
The length of the CVE ID field.
CVE ID
string
The Common Vulnerabilities and Exposures (CVE) ID number for
the vulnerability.
the vulnerability.
BugTraq ID Length uint32
The length of the BugTraq ID field.
BugTraq ID
string
The BugTraq ID number for the vulnerability.