Cisco Cisco Firepower Management Center 2000 Guida Dello Sviluppatore

The eStreamer service transmits metadata containing malware event type information for an event within 
a malware event type record, the format of which is shown below. (Malware event type information is 
sent when the metadata flag, bit 20 in the request flags field of a request message, is set. See 

.) Note that the record type field, which appears after the message length field, has a 

value of 

128

, indicating a malware event type record.

The following table describes the fields in the malware event type record.

String Block 
Length

uint32

The number of bytes included in the Collective Security 
Intelligence Cloud Name String data block, including eight bytes 
for the block type and header fields plus the number of bytes in the 
Collective Security Intelligence Cloud name.

Collective 
Security 
Intelligence Cloud 
Name

string

The Collective Security Intelligence Cloud name.

Byte

0

1

2

3

Bit

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

Header Version (1)

Message Type (4)

Message Length

Record Type (128)

Record Length

Malware Event Type ID

Malware Event Type Length

Malware Event Type...

Malware Event Type ID

uint32

The malware event type ID number.

Malware Event Type Length uint32

The number of bytes included in the malware event type.

Malware Event Type

string

The type of malware event.