Cisco Cisco Firepower Management Center 2000 Guia Do Programador

4-79

FireSIGHT eStreamer Integration Guide

Chapter 4 Understanding Discovery & Connection Data Structures

Host Discovery and Connection Data Blocks

Operating System Data Block 3.5+

The operating system data block for Version 3.5+ has a block type of 53 in the series 1 group of blocks.
The block includes a fingerprint Universally Unique Identifier (UUID). The following diagram shows
the format of an operating system data block in 3.5+.

Generic List
Block Length

uint32

Number of bytes in the Generic List data block, including the list
header and all encapsulated Host Vulnerability data blocks.

VDB Host
Vulnerability
Data Blocks *

variable

Host Vulnerability data blocks containing information about host
vulnerabilities identified by Cisco. See

Host Vulnerability Data Block

4.9.0+, page 4-106

for a description of this data block.

Generic List
Block Type

uint32

Initiates a Generic List data block comprising Host Vulnerability data
blocks conveying Third-Party Scan Vulnerability data. This value is
always

Generic List
Block Length

uint32

Number of bytes in the Generic List data block, including the list
header and all encapsulated Host Vulnerability data blocks.

Third-Party Scan
Host
Vulnerability
Data Blocks *

variable

Host Vulnerability data blocks containing information about host
vulnerabilities identified by a third-party vulnerability scanner. See

Host Vulnerability Data Block 4.9.0+, page 4-106

for a description of

this data block.

Table 4-42

Full Sub-Server Data Block Fields (continued)

Field

Data Type

Description

Byte

Bit

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

Operating System Block Type (53)

Operating System Block Length

Confidence

OS Fingerprint

UUID

Fingerprint UUID

Fingerprint UUID, continued