Cisco Cisco Firepower Management Center 4000 開発者ガイド
2-9
FireSIGHT System Host Input API Guide
Chapter 2 Using the Host Input API
Host Input API Functions
You need only specify the vendor, product, and version strings for this function. Otherwise, the system
assigns the most focused set of vulnerabilities it can using each piece of Cisco product definition detail
you provide. For example, you could set the
assigns the most focused set of vulnerabilities it can using each piece of Cisco product definition detail
you provide. For example, you could set the
vendor_str
,
product_str
, and
version_str
keys to
Microsoft
,
Windows
, and
3.x
, respectively, then only set the
vendor_id
,
product_id
, and
major
keys to
the identification numbers for the vendor, product, and version for
Microsoft
,
Windows
, and
3
,
respectively. All hosts where you set the operating system to Microsoft Windows 3.x would have all
vulnerabilities for both Microsoft Windows 3.1 and Microsoft Windows 3.11.
vulnerabilities for both Microsoft Windows 3.1 and Microsoft Windows 3.11.
For more information, see
.
For more information on individual keys, see the tables that follow.
Table 2-4
Keys for Rendering
Key
Data Type
Definition
vendor_str
string
Use this key to supply the operating system vendor display name
used by the third-party application.
used by the third-party application.
product_str
string
Use this key to supply the operating system product display name
used by the third-party application.
used by the third-party application.
version_str
string
Use this key to supply the operating system version display name
used by the third-party application.
used by the third-party application.
device_string
string
Use this key to supply the detected mobile device hardware
information.
information.
mobile
uint8
Use this key to indicate whether the operating system is running
on a mobile device.
on a mobile device.
jailbroken
uint8
Use this key to indicate whether the mobile device operating
system is jailbroken.
system is jailbroken.
Table 2-5
Keys for Vulnerability Mapping
Key
Data Type
Definition
vendor_id
uint32
Use this key to supply the Cisco vendor definition.
product_id
uint32
Use this key to supply the Cisco product definition.
major
uint32
Use this key to supply the Cisco major version definition to map
to.
to.
minor
uint32
Use this key to supply the Cisco minor version definition to map
to.
to.
revision
uint32
Use this key to supply the Cisco revision string to map to.
to_major
uint32
Use this key to set the last version number of the Cisco major
version range to map to.
version range to map to.
to_minor
uint32
Use this key to set the last version number of the Cisco minor
version range to map to.
version range to map to.
to_revision
uint32
Use this key to set the last revision number of the Cisco revision
range to map to.
range to map to.
build
string
Use this key to supply the Cisco build definition to map to.
patch
string
Use this key to supply the Cisco patch definition to map to.