Cisco Cisco Firepower Management Center 4000 開発者ガイド
A-9
FireSIGHT eStreamer Integration Guide
Appendix A Data Structure Examples
Intrusion Event Data Structure Examples
In the preceding example, the following event information appears:
6
0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 1 0 1 1 1 0 1 0 0 0 1 1 1 0 0 1 0
0 1 1 0 1 1 1 1 0 1 1 0 1 0 1 0 0 1 1 0 0 0 0 1 0 1 1 0 1 1 1 0
0 0 1 0 1 1 0 1 0 1 1 0 0 0 0 1 0 1 1 0 0 0 1 1 0 1 1 1 0 1 0 0
0 1 1 0 1 0 0 1 0 1 1 1 0 1 1 0 0 1 1 0 1 0 0 1 0 1 1 1 0 1 0 0
7
0 1 1 1 1 0 0 1 0 0 0 0 0 0 0 0 0 0 0 1 1 1 0 1 0 1 0 0 0 0 0 1
0 0 1 0 0 0 0 0 0 1 0 0 1 1 1 0 0 1 1 0 0 1 0 1 0 1 1 1 0 1 0 0
0 1 1 1 0 1 1 1 0 1 1 0 1 1 1 1 0 1 1 1 0 0 1 0 0 1 1 0 1 0 1 1
0 0 1 0 0 0 0 0 0 1 0 1 0 1 0 0 0 1 1 1 0 0 1 0 0 1 1 0 1 1 1 1
0 1 1 0 1 0 1 0 0 1 1 0 0 0 0 1 0 1 1 0 1 1 1 0 0 0 1 0 0 0 0 0
0 1 1 1 0 1 1 1 0 1 1 0 0 0 0 1 0 1 1 1 0 0 1 1 0 0 1 0 0 0 0 0
0 1 0 0 0 1 0 0 0 1 1 0 0 1 0 1 0 1 1 1 0 1 0 0 0 1 1 0 0 1 0 1
0 1 1 0 0 0 1 1 0 1 1 1 0 1 0 0 0 1 1 0 0 1 0 1 0 1 1 0 0 1 0 0
8
1 0 0 1 1 1 0 1 1 1 0 0 0 1 1 0 0 0 0 0 0 1 0 1 1 1 1 0 1 0 0 0
1 1 0 0 1 0 1 1 1 0 1 0 0 0 1 0 0 0 0 1 0 0 0 1 1 1 0 1 1 0 0 1
1 0 0 0 1 0 0 1 1 1 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 1 0 1 0 0 0 0
0 1 0 1 0 1 1 0 0 0 0 0 0 1 0 0 0 0 0 0 0 1 0 1 0 0 0 0 0 0 0 1
9
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Number Description
1
The first two bytes of the line indicate the standard header value of
1
. The second two bytes
indicate that the message is a data message (message type four).
2
This line indicates that the message that follows is
92
bytes long.
3
This line indicates a record type value of
67
, which represents a classification record.
4
This line indicates that the classification record that follows is
84
bytes long.