Cisco Cisco Firepower Management Center 2000 Guia Do Programador
B-109
FireSIGHT eStreamer Integration Guide
Appendix B Understanding Legacy Data Structures
Legacy File Event Data Structures
Legacy File Event Data Structures
See the following sections for more information:
•
•
•
•
File Event for 5.1.1.x
The file event contains information on files that are sent over the network. This includes the connection
information, whether the file is malware, and specific information to identify the file. The file event has
a block type of 23 in the series 2 group of blocks.
information, whether the file is malware, and specific information to identify the file. The file event has
a block type of 23 in the series 2 group of blocks.
The following graphic shows the structure of the File Event data block.:
Destination
Autonomous
System
Autonomous
System
uint32
Autonomous system number of the destination, either origin or
peer.
peer.
SNMP Input
uint16
SNMP index of the input interface.
SNMP Output
uint16
SNMP index of the output interface.
Source TOS
uint8
Type of Service byte setting for the incoming interface.
Destination TOS
uint8
Type of Service byte setting for the outgoing interface.
Source Mask
uint8
Source address prefix mask.
Destination Mask
uint8
Destination address prefix mask.
Table B-24
Connection Statistics Data Block 5.3+ Fields (continued)
Field
Data Type
Description
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
File Event Block Type (23)
File Event Block Length
Device ID
Connection Instance
Connection Counter
Connection Timestamp
File Event Timestamp