Manualsbrain.com
  1. Manuales
  2. Marcas
  3. Cisco
  4. Cisco Firepower Management Center 4000
  5. Guía Del Desarrollador

Cisco Cisco Firepower Management Center 4000 Guía Del Desarrollador

Descargar
Página de 726
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
21
Understanding the eStreamer Application Protocol
Understanding eStreamer Communication Stages
Chapter 2
Requesting Host Data
Once you have established a session, you can submit a request for host data at 
any time. eStreamer generates information for the requested hosts from the 
Sourcefire 3D System network map.
Changing a Request
To change request parameters for an established session, the client must 
disconnect and request a new session.
Accepting Data from eStreamer
IMPORTANT!
The eStreamer server does not keep a history of the events it 
sends. Your client application must check for duplicate events, which can 
inadvertently occur for a number of reasons. For example, when starting up a 
new streaming session, the time specified by the client as the starting point for 
the new session can have multiple messages, some of which may have been 
sent in the previous session and some of which were not. eStreamer sends all 
message that meet the specified request criteria. Your application should detect 
any resulting duplicates.
During periods of inactivity, eStreamer sends periodic null messages to the client 
to keep the connection open. If it receives an error message from the client or an 
intermediate host, it closes the connection.
eStreamer transmits requested data to the client differently, depending on the 
request mode.
Event Stream Requests
If the client submits an event stream request, eStreamer returns data message 
by message. It may send multiple messages in a row without waiting for a client 
acknowledgment. At a certain point, it pauses and waits for the client. The client 
operating system buffers received data and lets the client process it at its own 
pace.
If the client request includes a request for metadata, eStreamer sends the 
metadata first. The client should store it in memory to be available when 
processing the event records that follow.
Extended Requests
If the client submits an extended request, eStreamer queues up messages and 
sends them in bundles. eStreamer may send multiple bundles in a row without 
waiting for a client acknowledgment. At a certain point, it pauses and waits for 
the client. The client operating system buffers received data and lets the client 
read it off at its own pace.