Cisco Cisco Firepower Management Center 2000 Guia Do Programador
4-36
FireSIGHT eStreamer Integration Guide
Chapter 4 Understanding Discovery & Connection Data Structures
Metadata for Discovery Events
Tip
For information about the data structure used for each event type/subtype, see
.
Host Discovery Structures by Event Type
eStreamer builds host discovery event messages based on the event type indicated in the discovery event
header. The following sub-sections describe the high-level structure for each event type:
header. The following sub-sections describe the high-level structure for each event type:
•
•
Delete Protocol
1002
14
Delete Client Application
1002
15
User Set Operating System
1002
16
User Account Seen
1002
17
User Account Update
1002
18
User Set Server
1002
19
User Delete Address (Current)
1002
20
User Delete Server (Current)
1002
21
User Set Valid Vulnerabilities (Current)
1002
22
User Set Invalid Vulnerabilities (Current)
1002
23
User Host Criticality
1002
24
Host Attribute Set Value (Current)
1002
25
Host Attribute Delete Value (Current)
1002
26
User Add Host
1002
27
User Add Server
1002
28
User Add Client Application
1002
29
User Add Protocol
1002
30
Reload App
1002
31
Account Delete
1002
32
Connection Statistics
1003
1
Connection Chunks
1003
2
New User Identity
1004
1
User Login
1004
2
Delete User Identity
1004
3
User Identity Dropped: User Limit Reached
1004
4
Full Host Profile
1050
N/A
Table 4-26
Discovery and Connection Events by Type and Subtype (continued)
Event Name
Event Type
Event Subtype