Cisco Cisco Firepower Management Center 4000 Entwickleranleitung
2-24
FireSIGHT System Host Input API Guide
Chapter 2 Using the Host Input API
Host Input API Functions
RemoveFix
You can use the
RemoveFix
function to remove a fix mapping from the specified host or server. When
you remove a fix, vulnerability mappings are updated accordingly.
Table 2-19
AddFix Fields
Field
Description
Required
Allowed Values
$source_type_id
Indicates the type of the
host input source.
host input source.
Yes
“Application”
or
“Scanner”
Note you should set the
$source_type_id
variable to
contain a value before invoking the
AddFix
function,
and then reference
$source_type_id
in your function
call. For more information, see
.
$source_id
Indicates the source ID
for the source adding the
host input.
for the source adding the
host input.
Yes
“source_id”
Note you should set the
$source_id
variable to
contain the source ID before invoking the
AddFix
function, and then reference
$source_id
in your
function call. For more information, see
$addr_string
Indicates the string
containing the IP
address or addresses for
the affected hosts.
containing the IP
address or addresses for
the affected hosts.
Yes (unless
attribute lists or
MAC addresses
are provided)
attribute lists or
MAC addresses
are provided)
A comma-separated list of IP addresses, CIDR blocks,
and ranges of IP addresses, with each address, block,
or range enclosed in double quotes.
and ranges of IP addresses, with each address, block,
or range enclosed in double quotes.
$attrib_list
Indicates the host
attribute or attributes
specifying the hosts
affected by the host
input.
attribute or attributes
specifying the hosts
affected by the host
input.
Yes (unless IP
addresses or
MAC addresses
are provided)
addresses or
MAC addresses
are provided)
A list of attribute value hash pairs of the format:
{attribute => “Department”,
value => “Development”},
Note that
$attrib_list
must be an array or reference
an array.
$mac_list
Indicates the list of
MAC addresses for the
affected hosts.
MAC addresses for the
affected hosts.
Yes (unless IP
addresses or
attribute lists are
provided)
addresses or
attribute lists are
provided)
A list of MAC address strings, with or without
separating colons.
separating colons.
Note that
$mac_list
must be an array or reference an
array.
$port
With the
$proto
field,
indicates the server
affected by the fix.
affected by the fix.
Yes, if the fix
applies to a server
applies to a server
Integers in the range of 1-65535, enclosed in double
quotes.
quotes.
$proto
With the
$port
field,
indicates the server
affected by the fix.
affected by the fix.
No
Either the strings
tcp
or
udp
or the appropriate
protocol IDs
6
(tcp) or
17
(udp).
$fix
Indicates the
identification string for
the fix.
identification string for
the fix.
Yes
A Cisco fix identification number or a third-party fix
name, enclosed in double quotes, defined in a
third-party product map that you use by calling the
name, enclosed in double quotes, defined in a
third-party product map that you use by calling the
SetCurrent3rdPartyMap
function before invoking the
AddFix
function. For more information, see