Cisco Cisco Firepower Management Center 4000 Entwickleranleitung
2-23
FireSIGHT System Host Input API Guide
Chapter 2 Using the Host Input API
Host Input API Functions
Package Fix Functions
You can use the Package Fix functions to apply or remove fixes for hosts in your network map.
For more information, see the following sections:
•
•
AddFix
You can use the
AddFix
function to map a fix to a specified host or server. You can map a fix using a fix
ID or a fix name from the Cisco vulnerability database (VDB), or using a third-party fix that you map to
a fix in the VDB using the Defense Center web interface.
a fix in the VDB using the Defense Center web interface.
Note
You can also specify fixes with the
SetOS
and
SetService
functions. If a fix list is supplied using one of
these functions the supplied fix list replaces the existing fix list for the host or server.
When you apply a fix to a host or server, the vulnerability mappings for the system are adjusted and the
fixed vulnerabilities are marked as Invalid in the web interface and are not used for impact assessment.
However, note that if the applied fix is not applicable to the operating system or server identity the fix
has no effect.
fixed vulnerabilities are marked as Invalid in the web interface and are not used for impact assessment.
However, note that if the applied fix is not applicable to the operating system or server identity the fix
has no effect.
Use the following syntax:
AddFix($source_type_id, $source_id, $addr_string, $attrib_list, $port, $proto, $fix)
$attrib_list
Indicates the host attribute
or attributes specifying the
hosts affected by the host
input.
or attributes specifying the
hosts affected by the host
input.
Yes (unless IP
addresses or
MAC addresses
are provided)
addresses or
MAC addresses
are provided)
A list of attribute value hash pairs of the format:
{attribute => “Department”,
value => “Development”},
Note that
$attrib_list
must be an array or
reference an array.
$mac_list
Indicates the list of MAC
addresses for the affected
hosts.
addresses for the affected
hosts.
Yes (unless IP
addresses or
attribute lists are
provided)
addresses or
attribute lists are
provided)
A list of MAC address strings, with or without
separating colons.
separating colons.
Note that
$mac_list
must be an array or reference
an array.
$proto
Indicates the identification
string or name of the
protocol to be added.
string or name of the
protocol to be added.
Yes
Valid protocol names consisting of alphanumeric
characters or spaces, enclosed in double quotes.
For transport protocols (“
characters or spaces, enclosed in double quotes.
For transport protocols (“
xport
”), protocols listed
in the /etc/protocols file are acceptable. For
network protocols (“
network protocols (“
net
”), see
$type
Indicates the type of
protocol to be added.
protocol to be added.
Yes
“xport”
or
“net”
Table 2-18
AddProtocol Fields (continued)
Field
Description
Required
Allowed Values