Cisco Cisco Firepower Management Center 2000 Guida Dello Sviluppatore

Version 5.3

Sourcefire 3D System eStreamer Integration Guide

566

Understanding Legacy Data Structures

Legacy Discovery Data Structures

Appendix B

The 

 table describes the 

components of the User Login Information data block.

Email

String Block Type (0)

String Block Length

Email...

Byte

0

1

2

3

Bit

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

User Login Information Data Block Fields 5.0 - 5.0.2 

User Login 

Information 

Block Type

uint32

Initiates a User Login Information data block. 

This value is 121 for version 5.0 - 5.0.2.

User Login 

Information 

Block Length

uint32

Total number of bytes in the User Login 

Information data block, including eight bytes for 

the user login information block type and length 

fields, plus the number of bytes in the user 

login information data that follows.

Timestamp

uint32

Timestamp of the event. 

IP Address

uint8[4]

IP address from the host where the user was 

detected logging in, in IP address octets.

String Block 

Type

uint32

Initiates a String data block containing the 

username for the user. This value is always 0.

String Block 

Length

uint32

Number of bytes in the username String data 

block, including eight bytes for the block type 

and length fields, plus the number of bytes in 

the username.

Username

string

The user name for the user.

User ID

uint32

Identification number of the user.

Application ID

uint32

The application ID for the application protocol 

used in the connection that the login 

information was derived from.