Cisco Cisco Firepower Management Center 4000 Developer's Guide
C H A P T E R
3-1
FireSIGHT System Host Input API Guide
3
Using the Host Input Import Tool
You can import data to the network map by creating an import file and processing it with the host input
import tool.
import tool.
See the following sections for more information:
•
•
•
Preparing to Run Host Input Imports
The host input import tool depends on product mapping information you supply using the Defense
Center web interface to map third-party product, fix, and vulnerability names and IDs to definitions in
the Cisco database. Depending on the data you plan to import, you may need to perform the
configuration steps described in the following sections before you run your import:
Center web interface to map third-party product, fix, and vulnerability names and IDs to definitions in
the Cisco database. Depending on the data you plan to import, you may need to perform the
configuration steps described in the following sections before you run your import:
•
•
Creating a Third-Party Vulnerability Map
If you want to import data including third-party vulnerabilities and use that data for impact correlation,
you must create a third-party vulnerability map set before importing the data. The third-party map set
allows the system to translate the third-party vulnerability ID to the corresponding Cisco vulnerability
ID. If you do not map a third-party vulnerability before import, the vulnerability does not map to a Cisco
vulnerability ID and cannot be used for impact correlation. You can create a map set in two ways: using
the Defense Center web interface or using the AddScanResult function. If you import scan results using
this function, be sure to edit the source definition for the input source in your network discovery policy
to set the identity source type to Scanner.
you must create a third-party vulnerability map set before importing the data. The third-party map set
allows the system to translate the third-party vulnerability ID to the corresponding Cisco vulnerability
ID. If you do not map a third-party vulnerability before import, the vulnerability does not map to a Cisco
vulnerability ID and cannot be used for impact correlation. You can create a map set in two ways: using
the Defense Center web interface or using the AddScanResult function. If you import scan results using
this function, be sure to edit the source definition for the input source in your network discovery policy
to set the identity source type to Scanner.
For more information on mapping third-party vulnerabilities through the web interface, see the
FireSIGHT System User Guide. For more information on the AddScanResult function, see
FireSIGHT System User Guide. For more information on the AddScanResult function, see