Cisco Cisco Firepower Management Center 2000 Entwickleranleitung
2-31
FireSIGHT System Host Input API Guide
Chapter 2 Using the Host Input API
Host Input API Functions
SetInvalidVulns
You can use the
SetInvalidVulns
function to deactivate vulnerabilities on a host or set of hosts. For the
function call to be effective, the vulnerability must exist on the host and be set to valid. When you use
SetInvalidVulns
to deactivate a third-party vulnerability for a host, it deletes the vulnerability from the
host.
Use this syntax:
SetInvalidVulns($source_type, $source_id, $addr_string, $attrib_list, $vulns,
$vuln_type)
Table 2-26
SetInvalidVulns Fields
Field
Description
Required
Allowed Values
$source_type_id
Indicates the type of the
host input source.
host input source.
Yes
“Application” or “Scanner”
Note you should set the
$source_type_id
variable to
contain a value before invoking the
SetInvalidVulns
function, and then reference
$source_type
_id in
your function call. For more information, see
.
$source_id
Indicates the source ID
for the source adding the
host input.
for the source adding the
host input.
Yes
“source_id”
Note you should set the
$source_id
variable to
contain the source ID before invoking the
SetInvalidVulns
function, and then reference
$source_id
in your function call. For more
information, see
.
$addr_string
Indicates the string
containing the IP
address or addresses for
the affected hosts.
containing the IP
address or addresses for
the affected hosts.
Yes (unless
attribute lists are
provided)
attribute lists are
provided)
A comma-separated list of IP addresses, CIDR
blocks, and ranges of IP addresses, with each address,
block, or range enclosed in double quotes.
blocks, and ranges of IP addresses, with each address,
block, or range enclosed in double quotes.
$attrib_list
Indicates the host
attribute or attributes
specifying the hosts
affected by the host
input.
attribute or attributes
specifying the hosts
affected by the host
input.
Yes (unless IP
addresses are
provided)
addresses are
provided)
A list of attribute value hash pairs of the format:
{attribute => “Department”,
value => “Development”},
Note that
$attrib_list
must be an array or reference
an array.
$vulns
Supplies information
about the vulnerability
to be set to invalid.
about the vulnerability
to be set to invalid.
Yes
Uses a hash of vulnerability keys to set vulnerability
information. For more information, see
information. For more information, see
.
$vuln_type
Indicates the type of the
vulnerability.
vulnerability.
Yes
Any of the following:
•
rna
•
name of custom third-party vulnerability map set
For more information on mapping third-party
vulnerabilities, see the FireSIGHT System User
Guide or see
vulnerabilities, see the FireSIGHT System User
Guide or see
.