Cisco Cisco Firepower Management Center 2000 Guía Del Desarrollador

Version 5.3

Sourcefire 3D System eStreamer Integration Guide

12

Introduction

Prerequisites

Chapter 1

Descriptions of the data structures returned by eStreamer make up the majority 

of this book. The chapters in the book are:

, which 

provides an overview of eStreamer communications, details some of the 

requirements for writing eStreamer client applications, and describes the 

four types of messages used to send commands to and receive data from 

the eStreamer service.

, which 

documents the data formats used to return event data generated by the 

intrusion detection and correlation components and the data formats used 

to represent the intrusion and correlation events.

, which 

documents the data formats used to return discovery, user, and connection 

event data.

, which documents the data 

formats that eStreamer uses to return full host information data when it 

receives a host information request message.

, which documents how to configure the 

eStreamer on a Defense Center or managed device. The chapter also 

documents the eStreamer command-line switches and provides 

instructions for manually starting and stopping the eStreamer service and 

for configuring the Defense Center or managed device to start eStreamer 

automatically.

, which provides examples of 

eStreamer message packets in binary format.

, which documents the 

structure of legacy data structures that are no longer in use by the currently 

shipping product but may be used by older clients.

Prerequisites

To understand the information in this guide, you should be familiar with the 

features and nomenclature of the Sourcefire 3D System and the function of its 

components in general, and with the different types of event data these 

components generate in particular. Definitions of unfamiliar or product-specific 

terms can frequently be obtained from the Sourcefire 3D System eStreamer 

Integration Guide.