Cisco Cisco Firepower Management Center 2000 Entwickleranleitung
3-23
FireSIGHT System Host Input API Guide
Chapter 3 Using the Host Input Import Tool
Host Input Import Syntax
ScanFlush Function
After you add scan results to a Defense Center using
AddScanResult
, you must use either the
ScanUpdate
or
ScanFlush
function to cause the
AddScanResult
commands to run on the Defense Center so the scan
results upload to the database.
The
ScanFlush
function does not require any arguments, and can be used at whatever point in the import
file that you want to upload data to the database.
If you use the
ScanFlush
function, any existing scan results are removed from the host and only the new
results are added.
ScanUpdate Function
After you add scan results to a Defense Center using
AddScanResult
, you must use either the
ScanUpdate
or
ScanFlush
function to cause the
AddScanResult
commands to run on the Defense Center so the scan
results upload to the database.
The
ScanUpdate
function does not require any arguments, and can be used at whatever point in the
import file that you want to upload data to the database.
If you use the
ScanUpdate
function, the existing scan results are not removed from the host. The new
scan results are merged with the existing scan results.
If you use the
ScanUpdate
function with the
DeleteScanResult
function, the specific results are deleted.
Note that a
ScanUpdate
automatically occurs when an import finishes even if it is not explicitly included
in the import file, because the client connection closes.
DeleteScanResult Function
You can use the
DeleteScanResult
function with the
ScanUpdate
function to remove specific scan
results from a specific host.
If you supply values for the optional parameters, this restricts results to those matching the parameters.
If you do not supply values for the optional parameters, all results on the specified IP address are deleted.
If you do not supply values for the optional parameters, all results on the specified IP address are deleted.
Use this syntax:
DeleteScanResult, ipaddr, 'scanner_id', vuln_id, port, protocol