Руководство Разработчика для Cisco Cisco Firepower Management Center 4000

In the following table, the Data Block Status field indicates whether the block is current (the latest 
version) or legacy (used in an older version and can still be requested through eStreamer).

.

0

String

Current

Encapsulates variable string data. See 

 for more information.

1

BLOB

Current

Encapsulates binary data and is used specifically for 
banners. See 

 for more 

information.

2

List

Current

Encapsulates a list of other data blocks. See 

 for more information.

3

Generic  List

Current

Encapsulates a list of other data blocks. For deserialization, 
it is the equivalent of the List data block. See 

 for more information.

4

Event Extra Data

Current

Contains intrusion event extra data. See 

 for more information.

5

Extra Data Type

Current

Contains extra data metadata. See 

 for more information.

14

UUID String 
Mapping

Current

Block used by various metadata messages to map UUID 
values to descriptive strings. See 

15

Access Control 
Policy Rule ID 
Metadata

Current

Contains metadata for access control rules. See 

16

Malware Event

Legacy

Contains information on malware events, such as the 
malware detected or quarantined within a Collective 
Security Intelligence Cloud, the detection method, and 
hosts and users affected by the malware. See 

. Deprecated by block 24, 

.

19

ICMP Type Data 
Block

Current

Contains metadata describing ICMP types. See 

20

ICMP Code Data 
Block

Current

Contains metadata describing ICMP codes. See 

21

Access Control 
Policy Rule 
Reason Data Block

Current

Contains information explaining access control policy rule 
reasons. See 

22

IP Reputation 
Category Data 
Block

Current

Contains information on IP reputation categories 
explaining why an IP address was blocked. See 

23

File Event

Legacy

Contains information on file events, such as the source, 
SHA hash, and the disposition of the file. See 

. It is superseded by block 32,