Cisco Cisco Firepower Management Center 2000 開発者ガイド
2-33
FireSIGHT eStreamer Integration Guide
Chapter 2 Understanding the eStreamer Application Protocol
Streaming Event Type Structure
The following table lists the event types and versions that clients can specify in extended requests. The
table indicates the Defense Center software versions that correspond to each event type version. For
example, to request the correlation events that were supported by the Defense Center in version 4.8.0.2
- 4.9.1, you should request Event Type 31, Version 5. If an event was recorded with a different event type,
it will be upgraded or downgraded to match the format of the requested event type.
table indicates the Defense Center software versions that correspond to each event type version. For
example, to request the correlation events that were supported by the Defense Center in version 4.8.0.2
- 4.9.1, you should request Event Type 31, Version 5. If an event was recorded with a different event type,
it will be upgraded or downgraded to match the format of the requested event type.
Table 2-20
Event Types and Versions for Extended Request
To request...
Use this event version number...
And this event code
intrusion events
1
- 4.8.x and earlier
2
- 4.9 - 4.10.x
3
- 5.0 - 5.1
4
- 5.1.1.x
5
- 5.2.x
6
- 5.3
7
- 5.3.1+
12
metadata
1
- 3.2 - 4.5.x
2
- 4.6.0.x
3
- 4.6.1 - 4.6.x
4
- 4.7+
21
correlation and compliance
white list events
white list events
1
- 3.2 and earlier
2
- 4.0 - 4.4.x
3
- 4.5 - 4.6.1
4
- 4.7 - 4.8.0.1
5
- 4.8.0.2 - 4.9.1.x
6
- 4.10.0 - 4.10.x
7
- 5.0 - 5.0.2
8
- 5.1+
31
discovery events
1
- 3.2 and earlier
2
- 3.0 - 3.4.x
3
- 3.5 - 4.6.x
4
- 4.7 - 4.8.x
5
- 4.9.0.x
6
- 4.9.1 - 4.9.x.x
7
- 4.10.0 - 4.10.x
8
- 5.0.x
9
- 5.1.x
10
- 5.2 - 5.3
11
- 5.3.1+
61
connection events
1
- 4.0 - 4.1
3
- 4.5 - 4.6.1
4
- 4.7 - 4.9.0.x
5
- 4.9.1 - 4.10.x
6
- 5.0.x
7
- 5.1.0.x
8
- 5.1.1.x
9
- 5.2.x
10
- 5.3
11
- 5.3.1+
71