Руководство Разработчика для Cisco Cisco Firepower Management Center 2000
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
287
Understanding Discovery & Connection Data Structures
Host Discovery and Connection Data Blocks
Chapter 4
User Criticality Change Data Block 4.7+
The User Criticality data block is used to contain a list of IP address range
specifications for hosts where the host criticality changed, the identification
number for the user who updated the criticality value, information about the
source that supplied the criticality value, and the criticality value. The User
Criticality data block has a block type of 81 in the series 1 group of blocks.
Changes from the previous User Criticality data block include a new source type
field and the use of the Generic list data block instead of the List data block to
store IP addresses.
The User Criticality data block is used in user set host criticality messages as
The User Criticality data block is used in user set host criticality messages as
The following diagram shows the basic structure of a User Criticality data block:
Generic List
Block Length
uint32
Number of bytes in the Generic List block and
encapsulated data blocks. This number includes
the eight bytes of the generic list block header
fields, plus the number of bytes in all of the
encapsulated data blocks.
User
Vulnerability
Data Blocks
variable
Encapsulated User Vulnerability data blocks up to
the maximum number of bytes in the list block
length. For more information, see
User Vulnerability Change Data Block Fields (Continued)
F
IELD
N
UMBER
OF
B
YTES
D
ESCRIPTION
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
User Criticality Data Block Type (81)
User Criticality Block Length