Cisco Cisco Firepower Management Center 2000 开发者指南
4-17
FireSIGHT eStreamer Integration Guide
Chapter 4 Understanding Discovery & Connection Data Structures
Metadata for Discovery Events
The following table describes the fields in the Source Detector record.
Third Party Scanner Vulnerability Record
The eStreamer service transmits metadata containing third-party vulnerability information for an event
within a Third Party Scanner Vulnerability record, the format of which is shown below. (Vulnerability
information is sent when one of the metadata flags—bits 1, 14, 15, or 20 in the Request Flags field of a
request message—is set. See
within a Third Party Scanner Vulnerability record, the format of which is shown below. (Vulnerability
information is sent when one of the metadata flags—bits 1, 14, 15, or 20 in the Request Flags field of a
request message—is set. See
.) Note that the Record Type field, which appears
after the Message Length field, has a value of
106
, indicating a Third Party Scanner Vulnerability record.
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Header Version (1)
Message Type (4)
Message Length
Record Type (96)
Record Length
Source Detector ID
Name Length
Name...
Table 4-12
Source Detector Record Fields
Field
Data Type
Description
Source Detector ID uint32
The ID string for the source detector.
Name Length
uint32
The number of bytes included in the source type name.
Name
string
The name of the source detector.
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Header Version (1)
Message Type (4)
Message Length
Record Type (106)
Record Length
Vulnerability ID