Руководство Разработчика для Cisco Cisco Firepower Management Center 2000
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
41
Understanding the eStreamer Application Protocol
Event Data Message Format
Chapter 2
the current discovery event types and subtypes, see the
Discovery Event Message Headers
The shaded section in the following graphic shows the fields of the record header
in the discovery event data message format, and shows the location of the event
header that follows it. The table below defines the fields of the discovery event
message headers.
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Message Header
See
Discovery Event Record Header
Discovery Event Header
Series 1 Data Block
See
...
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Header Version (1)
Message Type (3)
Message Length
Record Type
See
Record Length
eStreamer Server Timestamp
(for events only)
Reserved for Future Use
(for events only)
Discovery Event Header
Series 1 Data Block
See
...