Cisco Cisco Firepower Management Center 4000 Guía Del Desarrollador
![Cisco](https://files.manualsbrain.com/attachments/7380d0050044647c30f5c24bbbf5d0c0b6d9bb84/common/fit/150/50/faa183d287233c52228cfea3dbc2a127fe780f60564fcb0955d9c3d1cd23/brand_logo.png)
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
61
Understanding the eStreamer Application Protocol
Message Bundle Format
Chapter 2
Streaming Request Message
Below is a Streaming Request message where the client requests service type
6667 (eStreamer) and specifies two event types: version 6 of connection events
(event type 71) and version 4 of metadata (event type 21).
Message Bundle Format
The eStreamer server sends messages in a bundle format when the client
submits an extended request.
The client responds with a NULL message to acknowledge receipt of an entire
The client responds with a NULL message to acknowledge receipt of an entire
bundle. The client should not acknowledge receipt of individual messages in a
bundle.
Message bundles have a message type of 4002.
The graphic below shows the structure of a message bundle. The shaded fields
Message bundles have a message type of 4002.
The graphic below shows the structure of a message bundle. The shaded fields
are specific to the bundle message type. The following table describes the
content of the fields and data structures.
Header Version:
1
/*always 1*/
Message Type:
2049
/*stream request msg*/
Message Length
28
/*payload bytes*/
Service[1].Type
6667
/*eStreamer service ID*/
Service[1].Length
20
Service[1].Flags
30
/*original flags value*/
Service[1].Initial Timestamp
0
/*original timestamp*/
Service[1].Event[1].Version
6
/*version 6*/
Service[1].Event[1].Type
71
/*connection events*/
Service[1].Event[2].Version
4
/* version 4*/
Service[1].Event[2].Type
21
/*metadata*/
Service[1].Event[3].Version
0
/*terminate event list*/
Service[1].Event[3].Type
0
/*terminate event list*/