Cisco Cisco Firepower Management Center 2000 Guia Do Programador

The following table describes the components of the Policy Engine Control Message data block.

The Attribute Definition data block contains the attribute definition in an attribute creation, change, or 
deletion event and is used within Host Attribute Add events (event type 1002, subtype 6), Host Attribute 
Update events (event type 1002, subtype 7), and Host Attribute Delete events (event type 1002, subtype 
8). It has a block type of 55 in the series 1 group of blocks.

For more information on those events, see 

.

The following diagram shows the basic structure of an Attribute Definition data block:

Policy Engine Control 
Message Block Type

uint32

Initiates a Policy Engine Control Message data block. This 
value is always 

54

.

Policy Engine Control 
Message Length

uint32

Total number of bytes in the Policy Engine Control Message 
data block, including eight bytes for the policy engine control 
block type and length fields, plus the number of bytes of policy 
engine control data that follows.

Type

uint32

Indicates the type of policy for the event.

String Block Type

uint32

Initiates a String data block that contains the control message. 
This value is always 

0

.

String Block Length

uint32

Number of bytes in the control message String data block, 
including eight bytes for the block type and length fields, plus 
the number of bytes in the control message.

Control Message

uint32

The control message from the policy engine.

Byte

0

1

2

3

Bit

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

Attribute Definition Block Type (55)

Attribute Definition Block Length

Source ID

UUID

UUID, continued

UUID, continued

UUID, continued

ID