Cisco Cisco Firepower Management Center 4000 Entwickleranleitung

Finally, the import file uses the 

AddHost

 command to add a MAC-only host:

# Add a MAC-only host

#

AddHost,,01:02:03:04:05:06

Note that the 

ip_address

 field is left blank and the MAC address is provided instead.

In addition, note that although there is no 

ScanFlush

 command at the end of the file, the remaining data 

from the script is sent to the network map when the import file finishes because the session disconnects.

The full import file explained in the sections above looks like this: 

# Example import file for Host Input Import Tool

#

# Set the current SOURCE_ID and Product Map to "Asset Management App"

#

SetSource, Asset Management App

SetMap, Asset Management App

#

# Add an IP host with no Primary MAC

#

AddHost,1.2.3.4

#

# Add the ospf protocol to the host

#

AddProtocol, 1.2.3.4,,ospf,xport

#

# Add a server for the host

#

AddService,1.2.3.4, 22, tcp, ssh, OpenSSH, 4.1

#

# Set the OS. Because the Map is set to "Asset Management App" these values resolve to 

the Windows 2000 SP3 definition

#

SetOS, 1.2.3.4, Microsoft, Win2k

#

# Add a third-party vulnerability (from third-party map "Other Vulnerabilities Set") 

to the host

#

SetValidVuln, 1.2.3.4,,, Other Vulnerabilities Set, Vuln0003

#

# Set the criticality of the host to "High"

#

SetAttributeValue, 1.2.3.4,criticality,high

#

# Add IP host for scan results to follow

#

AddHost,1.2.3.5

#

# Add the scan result from a Qualys scanner to the network map 

#

AddScanResult,1.2.3.5,"Qualys",82003,,,"ICMP Timestamp Request","ICMP (Internet 

Control and Error Message Protocol) is a protocol encapsulated in IP packets. Its 

principal purpose is to provide a protocol layer able to inform gateways of the 

inter-connectivity and accessibility of other gateways or hosts. ping is a well-known