Cisco Cisco Firepower Management Center 2000 Guia Do Programador
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
122
Understanding Intrusion and Correlation Data Structures
Understanding Series 2 Data Blocks
Chapter 3
The
String Block Fields
table describes the fields of the String data block.
BLOB Data Block
The eStreamer service uses the BLOB data block to convey binary data. For
example, host discovery records use the BLOB block to hold captured server
banners. The BLOB data block has a block type of 1 in the series 2 group of
blocks.
The following diagram shows the format of the BLOB data block:
The following diagram shows the format of the BLOB data block:
String Block Fields
F
IELD
D
ATA
T
YPE
D
ESCRIPTION
Data Block
Type
uint32
Initiates a String data block. This value is always
0.
Data Block
Length
uint32
Combined length in bytes of the string data block
header and string data.
String Data
string
Contains the string data and may contain a
terminating character (null byte) at the end of the
string.
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Data Block Type (1)
Data Block Length
Binary Data...