Cisco Cisco Firepower Management Center 4000 Guia Do Programador
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
118
Understanding Intrusion and Correlation Data Structures
Understanding Series 2 Data Blocks
Chapter 3
16
Malware Event
Legacy
Contains information on malware
events, such as the malware
detected or quarantined within a
FireAMP cloud, the detection
method, and hosts and users
affected by the malware. See
page 492. Deprecated by block 24,
19
ICMP Type Data
Block
Current
Contains metadata describing ICMP
types. See
20
ICMP Code
Data Block
Current
Contains metadata describing ICMP
codes. See
21
Access Control
Policy Rule
Reason Data
Block
Current
Contains information explaining
access control policy rule reasons.
See
22
IP Reputation
Category Data
Block
Current
Contains information on IP
reputation categories explaining why
an IP address was blocked. See
23
File Event
Legacy
Contains information on file events,
such as the source, SHA hash, and
the disposition of the file. See
Series 2 Block Types (Continued)
T
YPE
C
ONTENT
D
ATA
B
LOCK
S
TATUS
D
ESCRIPTION