Cisco Cisco Firepower Management Center 4000 Guida Dello Sviluppatore

Version 5.3

Sourcefire 3D System eStreamer Integration Guide

269

Understanding Discovery & Connection Data Structures

Host Discovery and Connection Data Blocks

Chapter 4

The following diagram shows the basic structure of a User Client Application List 

data block:

The 

 table describes the fields of the 

User Client Application List data block.

Byte

0

1

2

3

Bit

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

User Client Application Block Type (60)

User Client Application Block Length

Source Type

Source ID

User Client  App Li

st 

Blocks

Generic List Block Type (31)

Generic List Block Length

User Client Application List Data Blocks...

User Client Application List Data Block Fields 

User Client 

Application 

List Block 

Type

uint32

Initiates a User Client Application List data block. 

This value is always 60.

User Client 

Application 

List Block 

Length

uint32

Total number of bytes in the User Client 

Application List data block, including eight bytes 

for the user client application list block type and 

length fields, plus the number of bytes of user 

client application list data that follows.

Source Type

uint32

Number that maps to the type of data source: 
•

0

 if the client data was detected by RNA 

1

 if the client data was provided by a user

2

 if the client data was detected by a third-

party scanner

3

 if the client data was provided by a command 

line tool such as nmimport.pl or the Host Input 

API client