Cisco Cisco Firepower Management Center 2000 Entwickleranleitung
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
30
Understanding the eStreamer Application Protocol
Event Stream Request Message Format
Chapter 2
Request Flags
You set bits 0 through 29 in the event data request flag field to select the types of
events you want eStreamer to send. You set bit 30 to activate the extended
request mode. Setting bit 30 does not directly request any data. Extended
request flags must be sent if this bit is set. Your client requests data during the
server-client message dialog that follows submission of the Event Stream
Request message. For information on extended requests, see
See the
on page 31 for definitions of the bit settings in the
Request Flags field. Different flags request different versions of the event data.
For example, to obtain data in Sourcefire 3D 4.9 format instead of 4.10 format you
set a different flag bit. For specific information on the flags to use when
requesting data for particular product versions, see the
Note that you request metadata by version, not by the individual metadata record.
page 30.
The following diagram shades the bits in the flags field that are currently used:
The following diagram shades the bits in the flags field that are currently used:
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0
0 0 1 1 1 1 1 0 1 1 1 1 1 1 1 1 1 0 1 0 1 1 1 0 1 1 0 1 0 0 0 1
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 1 1
Flag Bit 3
0
2
9
2
8
2
7
2
6
2
5
2
4
2
3
2
2
2
1
2
0
1
9
1
8
1
7
1
6
1
5
1
4
1
3
1
2
1
1
1
0
9 8 7 6 5 4 3 2 1 0