Cisco Cisco Firepower Management Center 4000 Entwickleranleitung

# Add a third-party vulnerability (from third-party vulnerability map "Other 

Vulnerabilities Map Set") to the host

#

SetValidVuln, 1.2.3.4,,, Other Vulnerabilities Map Set, Vuln0003

The next command in the import file uses the 

SetAttributeValue

 command to set the criticality for the 

1.2.3.4

 host to High. 

# Set the criticality of the host to "High"

#

SetAttributeValue, 1.2.3.4,criticality,high

Note that the attribute name is set to c

riticality

 and the attribute value is set to 

“high”

. 

The next set of commands in the import file uses the AddHost command to add a host and then the 
AddScanResult command to add data for that host from a third-party scanner. 

# Add IP host for scan results to follow

#

AddHost,1.2.3.5

#

# Add the scan result from a Qualys scanner to the network map 

#

AddScanResult,1.2.3.5,"Qualys",82003,,,"ICMP Timestamp Request","ICMP (Internet 

Control and Error Message Protocol) is a protocol encapsulated in IP packets. Its 

principal purpose is to provide a protocol layer able to inform gateways of the 

inter-connectivity and accessibility of other gateways or hosts. ping is a well-known 

program for determining if a host is up or down. It uses ICMP echo packets. ICMP 

timestamp packets are used to synchronize clocks between hosts.","cve_ids: 

CVE-1999-0524","bugtraq_ids:"

The 

ScanFlush

 command indicates to the Defense Center that it can run the queued commands above 

the ScanFlush line.

ScanFlush

The import file then uses the 

AddClientApp

 command to add a client application named 

BMC Remedy

 to 

the 

1.2.3.4

 host. 

# Add a Client App

#

AddClientApp, 1.2.3.4, “BMC Remedy”, "Asset Manager", "0.0"

Note that the client application ID is set to 

BMC Remedy

, the client application type is set to 

Asset 

Manager

, and the version is set to 

0.0

.