Cisco Cisco Firepower Management Center 4000 개발자 가이드

Version 5.3

Sourcefire 3D System eStreamer Integration Guide

579

Understanding Legacy Data Structures

Legacy Connection Data Structures

Appendix B

The 

 table describes the fields 

of the Connection Statistics data block returned by version 4.7.

Client  App URL

String Block Type (0)

String Block Length

Client Application URL...

Domain  Name

String Block Type (0)

String Block Length

Domain Name....

Byte

0

1

2

3

Bit

0 1 2 3 4 5 6 7 8 9 10 11

1

2

1

3

1

4

1

5

1

6

1

7

1

8

1

9

2

0

2

1

2

2

2

3

2

4

2

5

2

6

2

7

2

8

2

9

3

0

3

1

Connection Statistics Data Block 4.7 - 4.9.0.x Fields 

Connection 

Statistics 

Data Block 

Type

uint32

Initiates a Connection Statistics data block for 

4.7+. The value is always 56.

Connection 

Statistics 

Data Block 

Length

uint32

Number of bytes in the Connection Statistics 

data block, including eight bytes for the 

connection statistics block type and length fields, 

plus the number of bytes in the connection data 

that follows.

Initiator IP 

Address

uint8[4]

IP address of the host that initiated the session 

described in the connection event, in IP address 

octets.

Responder IP 

Address

uint8[4]

IP address of the host that responded to the 

initiating host, in IP address octets.

Initiator Port

uint16

Port used by the initiating host.

Responder 

Port

uint16

Port used by the responding host.

First Packet 

Timestamp

uint32

UNIX timestamp that represents the date and 

time that the first packet was exchanged in the 

session.