Руководство Разработчика для Cisco Cisco Firepower Management Center 4000

4-147

FireSIGHT eStreamer Integration Guide

Chapter 4 Understanding Discovery & Connection Data Structures

Host Discovery and Connection Data Blocks

IPv6 DHCP

Fingerprints

Generic List Block Type (31)

Generic List Block Length

IPv6 DHCP Fingerprint Data Blocks*

User Agent

Fingerprints

Generic List Block Type (31)

Generic List Block Length

User Agent Fingerprint Data Blocks*

TCP Server

Block*

List Block Type (11)

List of TCP

Servers

List Block Length

TCP Server Data Blocks

UDP Server

Block*

List Block Type (11)

List of UDP

Servers

List Block Length

UDP Server Data Blocks

Network

Protocol Block*

List Block Type (11)

List of Network

Protocols

List Block Length

Network Protocol Data Blocks

Transport

Protocol Block*

List Block Type (11)

List of Transport

Protocols

List Block Length

Transport Protocol Data Blocks

MAC Address

Block*

List Block Type (11)

List of MAC

Addresses

List Block Length

Host MAC Address Data Blocks

Host Last Seen

Host Type

Mobile

Jailbroken

VLAN Presence

VLAN ID

Byte

Bit

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31