Cisco Cisco Firepower Management Center 4000 Guia Do Programador
4-122
FireSIGHT eStreamer Integration Guide
Chapter 4 Understanding Discovery & Connection Data Structures
Host Discovery and Connection Data Blocks
Note
An asterisk(*) next to a data block name in the following diagram indicates that multiple instances of
the data block may occur.
the data block may occur.
The following diagram shows the format of the Host Server data block:
The following table describes the fields of the Host Server data block.
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Server Block Type (103)
Server Block Length
Port
Hits
Hits, continued
Last Used
Sub-Server
Information
Last Used, continued
Generic List Block Type (31)
Generic List Block Type, continued
Generic List Block Length
Generic List Block Length, continued
Server Information Block Type (117)*
Confidence
Generic List Block Type (31)
Generic List Block Length
Web
Application
Web Application Block Type (123)*
Web Application Block Length
Web Application Data...
Table 4-70
Host Server Data Block Fields
Field
Data Type
Description
Host Server
Block Type
Block Type
uint32
Initiates a Host Server data block. This value is always
103
.
Host Server
Block Length
Block Length
uint32
Total number of bytes in the Host Server data block, including the
eight bytes in the Host Server block type and length fields, plus the
number of bytes of data that follows.
eight bytes in the Host Server block type and length fields, plus the
number of bytes of data that follows.
Port
uint16
Port number where the server runs.
Hits
uint32
Number of hits the server has received.
Last Used
uint32
UNIX timestamp that represents the last time the system detected the
server in use.
server in use.