Руководство Разработчика для Cisco Cisco Firepower Management Center 4000
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
57
Understanding the eStreamer Application Protocol
Streaming Event Type Structure
Chapter 2
Streaming Event Type Structure
eStreamer clients use the Streaming Event Type structure to specify an event’s
version and version. Each event version/type combination is a request for an
event stream.
Lists of Streaming Event Type structures must be terminated with a structure
Lists of Streaming Event Type structures must be terminated with a structure
with all fields set to zero. That is:
Event Version = 0
Event Type = 0
The following diagram illustrates the format for the Streaming Event Type
structure.
Initial Timestamp
uint32
In eStreamer’s Streaming Information
messages: Always zero
In client’s Streaming Request
In client’s Streaming Request
message: replicates the timestamp in
the original Event Stream Request
message.
Streaming Event Type
array
In eStreamer’s Streaming Information
message:
• Reserved for future use. Has 0
• Reserved for future use. Has 0
length.
In client’s Streaming Request
message:
• One Streaming Event Type entry for
• One Streaming Event Type entry for
each requested event type. See
below.
• Terminate the request list with a
zero Event Type entry, with both
Event Type and Version set to 0.
See
Streaming Service Request Fields (Continued)
F
IELD
D
ATA
T
YPE
D
ESCRIPTION
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Event Version
Event Type