Cisco Cisco Firepower Management Center 2000 Guía Del Desarrollador
6-10
FireSIGHT eStreamer Integration Guide
Chapter 6 Configuring eStreamer
Configuring the eStreamer Reference Client
Step 4
Make and install the compiled source.
Loading General Prerequisites for the Perl Reference Client
Before you can run the eStreamer Perl reference client, you must install the
IO::Socket::SSL
Perl
module on the client computer. You can install the module manually or use
cpan
to do so.
Note
If the
Net::SSLeay
module is not installed on the client computer, install that module as well.
Net::SSLeay
is required for communication with OpenSSL.
You also must install and configure OpenSSL to support an SSL connection to the eStreamer server. For
more information, see
more information, see
Loading Prerequisites for the Perl SNMP Reference Client
Before you can run the eStreamer SNMP module of the Perl reference client, you must install the latest
net-snmp
Perl modules available for the client operating system on the client computer.
Downloading and Unpacking the Perl Reference Client
You can download the
EventStreamerSDK.zip
file that contains the eStreamer Perl reference client the
Unpack the zip file to a computer running the Linux operating system, where you plan to run the client.
Understanding the Data Requested by a Test Script
By default, when you use the
ssl_test -o
setting in the reference client, you request data as indicated
in the following table.
Table 6-3
Default Requests Made by Output Plugins
This syntax...
Calls plugin...
And sends...
To request the following data...
./ssl_test.pl
eStreamerServerName -h
HostIPAddresses
N/A
Host request,
message type 5,
with bit 11 set to
message type 5,
with bit 11 set to
1
Host data (see
./ssl_test.pl
eStreamerServerName -o
print -f TextFile
OutputPlugins/pri
nt.pm
nt.pm
Event stream
request, message
type 2, with bits 2
and 20-24 set to
request, message
type 2, with bits 2
and 20-24 set to
1
Event data (see
,
,
eStreamer transmits type 1 intrusion events because bit
2 is set on the event stream request.
2 is set on the event stream request.