Cisco Cisco Firepower Management Center 4000 Guía Del Desarrollador
2-9
FireSIGHT System Remediation API Guide
Chapter 2 Planning and Packaging Your Remediation Module
Data Available from the Remediation Subsystem
Instance Configuration Data
When a user configures a new instance of your module, they provide data requested in your
module.template
document. The values provided by the user are then written into the
instance.conf
document for use by your remediation program.
For each configured instance of a remediation, the remediation subsystem places an
instance.conf
document in a directory with the same name as the instance. This directory is created in the directory
where your module was uploaded and installed. For example, if your module is called Firewall, it is
uploaded into a directory called
where your module was uploaded and installed. For example, if your module is called Firewall, it is
uploaded into a directory called
firewall
. If you then configure an instance called
block_tokyo
, the
remediation subsystem creates a directory called
block_tokyo
in your
firewall
directory and places the
instance.conf
there. The directory path appears as follows:
/var/sf/remediation/firewall/block_tokyo/instance.config
for more information on the directories where your module files
reside.
Your module must be able to open, read, parse, and close the
instance.conf
file.
Each
instance.conf
document contains a top level element called
instance
. The
instance
element has
two child elements:
config
and
remediation
. The following table describes the attributes and elements
available to the instance element.
For more information about the data provided in the
config
and
remediation
elements, see the
following:
•
•
The config Element
The
config
element contains the data entered into the fields rendered on the web interface in response
to the
config_template
element in that remediation module’s
module.template
document. These fields
are translated back into the elements used to specify them in the
module.template
document, and further
specified using the name provided as an attribute of the element rather than a child element. They can
include the following types of fields:
include the following types of fields:
•
boolean
•
string
•
integer
•
password
Table 2-9
instance Attributes and Child Elements
Name
Type
Description
name
attribute
Ties the data in the document to the named, configured instance and
reflects the name of the instance specified by the configuring user.
reflects the name of the instance specified by the configuring user.
config
element
Contains the data entered into the instance configuration fields on the
web interface at configuration.
web interface at configuration.
remediation
element
Contains the data entered into the web interface when configuring the
remediation for an instance.
remediation for an instance.