Cisco Cisco Firepower Management Center 2000 Guía Del Desarrollador
2-37
FireSIGHT System Host Input API Guide
Chapter 2 Using the Host Input API
Host Input API Functions
DeleteScanResult
This function deletes scan results from a third-party vulnerability scanner and maps each vulnerability
to a BugTraq or CVE ID.
to a BugTraq or CVE ID.
For examples of how to use
DeleteScanResult
in a script, see
and
Use this syntax:
DeleteScanResult($ipaddr,$scanner_id,$mapping_vuln_list, $generic_item_list,$flag)
$generic_item_list
Indicates scan results
without vulnerability
IDs for the affected
hosts.
without vulnerability
IDs for the affected
hosts.
Yes
A list of vulnerability hash values of the format:
{
'
port
'
=> 107,
'
proto
'
=> 17,
'
name
'
=>
'
Using NetBIOS to retrieve info from a Windows
host
'
,
'
desc
'
=>
'
The following 2 NetBIOS names have been
gathered...
'
,
}
Note that
$generic_item_list
must be an array or reference
an array.
Uses a hash of vulnerability keys to set vulnerability
information. For more information, see
information. For more information, see
$flag
Indicates how the scan
result should be
processed.
result should be
processed.
Yes
The number for the action to be performed:
•
1 -
update scan result: send this flag to append the scan
result to existing scan results on the host
•
2 -
delete scan result: send this flag to delete the specific
scan result indicated by the values you supply
•
3 -
delete all vulnerability scan results: send this flag to
delete all scan results with vulnerability IDs on the
specified hosts (The
specified hosts (The
$mapping_vuln_list
field should be
empty when using this flag.)
•
4 -
delete all generic scan results: send this flag to delete
all scan results without vulnerability IDs on the specified
hosts (The $generic_item_list field should be empty when
using this flag.)
hosts (The $generic_item_list field should be empty when
using this flag.)
•
5 -
delete all scan results: send this flag to delete all scan
results on the specified hosts (The
$mapping_vuln_list
and $generic_item_list field should be empty when using
this flag.)
this flag.)
Table 2-31
AddScanResult Fields (continued)
Field
Description
Required
Allowed Values