Cisco Cisco Firepower Management Center 2000 Guía Del Desarrollador
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
417
Configuring eStreamer
Configuring the eStreamer Reference Client
Chapter 6
Understanding the Data Requested by a Test Script
By default, when you use the ssl_test -o setting in the reference client, you
request data as indicated in the following table.
Default Requests Made by Output Plugins
T
HIS
SYNTAX
...
C
ALLS
PLUGIN
...
A
ND
SENDS
...
T
O
REQUEST
THE
FOLLOWING
DATA
...
./ssl_test.pl
eStreamerServerName
-h HostIPAddresses
N/A
Host request,
message type
5, with bit 11
set to 1
Host data (see
./ssl_test.pl
eStreamerServerName
-o print -f
TextFile
OutputPlugins/
print.pm
Event stream
request,
message type
2, with bits 2
and 20-24 set
to 1
eStreamer transmits type 1 intrusion
events because bit 2 is set on the
event stream request.
./ssl_test.pl
eStreamerServerName
-o pcap -f
TargetPCAPFile
OutputPlugins/
pcap.pm
Event stream
request,
message type
2, with bits 0
and 23 set to 1
on page 37 and
eStreamer transmits only packet data
because bit 0 is set on the event
stream request.