Manualsbrain.com
  1. Handbücher
  2. Marken
  3. Cisco
  4. Cisco Firepower Management Center 4000
  5. Entwickleranleitung

Cisco Cisco Firepower Management Center 4000 Entwickleranleitung

Download
Seite von 726
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
407
Configuring eStreamer
Configuring eStreamer on the eStreamer Server
Chapter 6
3. Select the check boxes next to the types of events you want eStreamer to 
capture and forward to requesting clients. Note that if a check box is currently 
unchecked, that data is not being captured. Unchecking a check box does not 
delete data that has already been captured.
You can select any or all of the following on a Device or Defense Center:
Intrusion Events to transmit intrusion events generated by managed 
devices.
Intrusion Event Packet Data to transmit packets associated with intrusion 
events.
Intrusion Event Extra Data to transmit additional data associated with 
intrusion events, such as the URI associated with the originating IP 
address of a client connecting to a web server through an HTTP proxy 
or load balancer. 
You can also select any or all of the following on a Defense Center:
Discovery Events to transmit host discovery events 
TIP!
If you want connection events, then you must enable discovery events.
Correlation Events to transmit correlation and white list events.
Impact Flag Alerts to transmit impact alerts generated by the Defense 
Center.
User Activity Events to transmit user events.
Intrusion Event Extra Data to transmit additional data for intrusion events, 
such as the URI associated with the originating IP address of a client 
connecting to a web server through an HTTP proxy or load balancer. 
IMPORTANT!
Note that this controls which events the eStreamer server can 
transmit. Your client application must still specifically request the types of 
events you want it to receive. For more information, see 
4. Click Save.
Your settings are saved and the events you selected will be forwarded to 
eStreamer clients when requested.
Adding Authentication for eStreamer Clients
L
ICENSE
Any
Before eStreamer can send events to a client, you must add the client to the 
eStreamer server’s peers database. You must also copy the authentication 
certificate generated by the eStreamer server to the client.