Cisco Cisco Firepower Management Center 2000 Guida Dello Sviluppatore
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
433
Data Structure Examples
Intrusion Event Data Structure Examples
Appendix A
K. This line indicates that the packet data that follows is 953 bytes long.
L. This line and the following line show the actual payload data. Note that the
actual data is 953 bytes and has been truncated for the sake of this example.
Example of a Classification Record for 4.6.1+
The following diagram shows an example classification record:
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
A
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0
B
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 1 1 1 0 0
C
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 1 1
D
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 1 0 1 0 0
E
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0
F
0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 1 0 1 1 1 0 1 0 0 0 1 1 1 0 0 1 0
0 1 1 0 1 1 1 1 0 1 1 0 1 0 1 0 0 1 1 0 0 0 0 1 0 1 1 0 1 1 1 0
0 0 1 0 1 1 0 1 0 1 1 0 0 0 0 1 0 1 1 0 0 0 1 1 0 1 1 1 0 1 0 0
0 1 1 0 1 0 0 1 0 1 1 1 0 1 1 0 0 1 1 0 1 0 0 1 0 1 1 1 0 1 0 0
G
0 1 1 1 1 0 0 1 0 0 0 0 0 0 0 0 0 0 0 1 1 1 0 1 0 1 0 0 0 0 0 1
0 0 1 0 0 0 0 0 0 1 0 0 1 1 1 0 0 1 1 0 0 1 0 1 0 1 1 1 0 1 0 0
0 1 1 1 0 1 1 1 0 1 1 0 1 1 1 1 0 1 1 1 0 0 1 0 0 1 1 0 1 0 1 1
0 0 1 0 0 0 0 0 0 1 0 1 0 1 0 0 0 1 1 1 0 0 1 0 0 1 1 0 1 1 1 1
0 1 1 0 1 0 1 0 0 1 1 0 0 0 0 1 0 1 1 0 1 1 1 0 0 0 1 0 0 0 0 0
0 1 1 1 0 1 1 1 0 1 1 0 0 0 0 1 0 1 1 1 0 0 1 1 0 0 1 0 0 0 0 0
0 1 0 0 0 1 0 0 0 1 1 0 0 1 0 1 0 1 1 1 0 1 0 0 0 1 1 0 0 1 0 1
0 1 1 0 0 0 1 1 0 1 1 1 0 1 0 0 0 1 1 0 0 1 0 1 0 1 1 0 0 1 0 0
H
1 0 0 1 1 1 0 1 1 1 0 0 0 1 1 0 0 0 0 0 0 1 0 1 1 1 1 0 1 0 0 0
1 1 0 0 1 0 1 1 1 0 1 0 0 0 1 0 0 0 0 1 0 0 0 1 1 1 0 1 1 0 0 1
1 0 0 0 1 0 0 1 1 1 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 1 0 1 0 0 0 0
0 1 0 1 0 1 1 0 0 0 0 0 0 1 0 0 0 0 0 0 0 1 0 1 0 0 0 0 0 0 0 1