Select Page

Welcome Forums Integrations Cisco FirePower eStreamer

Tagged: 

Viewing 1 post (of 1 total)
  • Author
    Posts
  • #1612
    Mike RiforgiateMike Riforgiate
    Keymaster

    On the Firepower Management Console

    • Log in and navigate to System -> Integrations -> eStreamer
    • Click Create Client
    • Enter the IP address of the WitFoo Precinct Streamer node or All-in-One Appliance
    • Optional: Set a password for the certificate
    • Save the certificate on your local machine as estreamer.pkcs12

    In the WitFoo Precinct web interface

    • Navigate to Admin -> Settings -> Cisco Firepower eStreamer
    • Input the server, port and password (if used)
    • Hit save

    SSH or Console into the WitFoo Precinct Processing node or All-in-One Appliance

    • Run sudo ./stop
    • Verify /data/ie exists and has 755 permissions with root as owner and group. If not, run sudo bash -c ‘mkdir -p /data/ie && chown root:root /data/ie && chmod 755 /data/ie’
    • Run sudo rm -rf /data/ie/estreamer.pkcs12
    • Run sudo rm -rf /data/ie/estreamer-server.der

    Without closing the SSH/Console session, upload estreamer.pkcs12 to the WitFoo Precinct Processing node or All-in-One Appliance via SFTP (using witfooadmin credentials) to /home/witfooadmin.

    SSH or Console into the WitFoo Precinct Processing node or All-in-One Appliance

    • Run sudo cp /home/witfooadmin/estreamer.pkcs12 /data/ie/estreamer.pkcs12
    • Run the following command replacing IPADDRESS_OF_FMC with the actual IP address of the FMC. This will download the server’s certificate for trust.

      sudo bash -c ‘echo “” | openssl s_client -connect IPADDRESS_OF_FMC:8302 -showcerts 2>/dev/null | openssl x509 -out certfile.txt && openssl x509 -in certfile.txt -outform der -out /data/ie/estreamer-server.der’

    • Run ./start

    In the WitFoo Precinct web interface

    • At Reports -> Tool Effieciency Firepower should be displayed in less than 10 minutes.
    • This topic was modified 2 years, 2 months ago by Mike RiforgiateMike Riforgiate.
    • This topic was modified 2 years, 2 months ago by Mike RiforgiateMike Riforgiate.
    • This topic was modified 1 year, 5 months ago by Charles HerringCharles Herring. Reason: Incorrect filename on cert
    • This topic was modified 8 months, 2 weeks ago by Ryan SelfRyan Self. Reason: Correcting openssl command
    • This topic was modified 8 months, 2 weeks ago by Ryan SelfRyan Self. Reason: Use bash instead of sh
    • This topic was modified 6 months, 3 weeks ago by Mike RiforgiateMike Riforgiate.
    • This topic was modified 6 months, 3 weeks ago by Ryan SelfRyan Self. Reason: Add /data/ie setup instructions
Viewing 1 post (of 1 total)
  • You must be logged in to reply to this topic.