Cisco Cisco Firepower Management Center 2000 Entwickleranleitung
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
10
C
HAPTER
1
I
NTRODUCTION
The Sourcefire Event Streamer (also known as eStreamer) allows you to stream
Sourcefire 3D System intrusion, discovery, and connection data from the
Sourcefire Defense Center or managed device (also referred to as the eStreamer
server) to external client applications.
Note that eStreamer is not supported on virtual devices. To stream events from a
Note that eStreamer is not supported on virtual devices. To stream events from a
virtual device, you can configure eStreamer on the Defense Center that the
device reports to.
eStreamer uses a custom application layer protocol to communicate with
eStreamer uses a custom application layer protocol to communicate with
connected client applications. As the purpose of eStreamer is simply to return
data that the client requests, the majority of this guide describes the eStreamer
formats for the requested data.
There are three major steps to creating and integrating an eStreamer client with a
There are three major steps to creating and integrating an eStreamer client with a
Sourcefire 3D System:
1. Write a client application that exchanges messages with the Defense Center
1. Write a client application that exchanges messages with the Defense Center
or managed device using the eStreamer application protocol. The eStreamer
SDK includes a reference client application.
2. Configure a Defense Center or device to send the required type of events to
your client application.
3. Connect your client application to the Defense Center or device and begin
exchanging data.
This guide provides the information you need to successfully create and run an
eStreamer Version 5.3 client application.