Cisco Cisco Firepower Management Center 2000 Entwickleranleitung
2-4
FireSIGHT eStreamer Integration Guide
Chapter 2 Understanding the eStreamer Application Protocol
Understanding eStreamer Communication Stages
Submitting Event Stream Requests
Event stream requests use a simple process:
•
Your client sends a request message to the eStreamer service with a start date and time and a request
flag field that specifies the events and their version level to be included in the data stream.
flag field that specifies the events and their version level to be included in the data stream.
•
eStreamer streams events beginning at the specified time. For information about the streaming
protocol, see
protocol, see
.
For information on the format and content of the client’s Event Stream request message, see
.
For information on the event types and versions of events that the client can request, see
.
Submitting Extended Requests
If you set bit 30 in the request flags field of an Event Stream Request message, you initiate an extended
request, which starts a negotiation with the server. Extended request flags must be sent if this bit is set.
For the event types available by extended request, see
request, which starts a negotiation with the server. Extended request flags must be sent if this bit is set.
For the event types available by extended request, see
The steps for extended requests are as follows:
•
Your client sends an Event Streaming Request message to eStreamer with the request flags bit 30
set to 1, which signals an extended request. See
set to 1, which signals an extended request. See
for message format details.
•
eStreamer answers with a Streaming Information message that advertises the list of services
available to the client. For details about the Streaming Information message, see
available to the client. For details about the Streaming Information message, see
•
The client returns a Streaming Request message that indicates the service it wants to use, with a
request list of event types and versions available from that service. The request list corresponds to
setting bits in the request flag field when making a standard event stream request. For details about
how to use the Streaming Request message to request events, see
request list of event types and versions available from that service. The request list corresponds to
setting bits in the request flag field when making a standard event stream request. For details about
how to use the Streaming Request message to request events, see
.
•
eStreamer processes the client’s Streaming Request message and begins streaming the data at the
time specified in the message. For information about the streaming protocol, see
time specified in the message. For information about the streaming protocol, see
Requesting Host Data
Once you have established a session, you can submit a request for host data at any time. eStreamer
generates information for the requested hosts from the FireSIGHT System network map.
generates information for the requested hosts from the FireSIGHT System network map.
Changing a Request
To change request parameters for an established session, the client must disconnect and request a new
session.
session.