Cisco Cisco Firepower Management Center 2000 Guia Do Programador
2-8
FireSIGHT System Host Input API Guide
Chapter 2 Using the Host Input API
Host Input API Functions
If you define a custom operating system for a host, the FireSIGHT System web interface indicates the
source for the change in the Source Type field of the event view or the basic host information of the host
profile.
source for the change in the Source Type field of the event view or the basic host information of the host
profile.
for an example of this function used
in a script.
Use this syntax:
SetOS($source_type_id, $source_id, $addr_string, $attrib_list, $os)
Keys for the $os Variable
The
$os
variable is an OS definition hash that supports several keys. If you call the
SetCurrent3rdPartyMap
function before calling the
SetOS
function, note the third-party product name
details and Cisco product definition when creating the third-party mapping. See
for more information.
Table 2-3
SetOS Fields
Field
Description
Required
Allowed Values
$source_type_id
Indicates the type of the host
input source.
input source.
Yes
“Application”
or
“Scanner”
Note you should set the
$source_type_id
variable to contain the appropriate value
before invoking the
before invoking the
SetOS
function, and
then reference
$source_type_id
in your
function call. For more information, see
$source_id
Indicates the source ID for the
source adding the host input.
source adding the host input.
Yes
“source_id”
Note you should set the
$source_id
variable to contain the source ID before
invoking the
invoking the
SetOS
function, and then
reference
$source_id
in your function
call. For more information, see
$addr_string
Indicates the string containing
the IP address or addresses for
the affected hosts.
the IP address or addresses for
the affected hosts.
Yes (unless attribute
lists are provided)
lists are provided)
A comma-separated list of IP addresses,
CIDR blocks, and ranges of IP addresses,
enclosed in double quotes.
CIDR blocks, and ranges of IP addresses,
enclosed in double quotes.
$attrib_list
Indicates the host attribute or
attributes specifying the hosts
affected by the host input.
attributes specifying the hosts
affected by the host input.
Yes (unless IP
addresses are
provided)
addresses are
provided)
A list of attribute value hash pairs of the
format:
format:
{attribute => “Department”,
value => “Development”},
Note that
$attrib_list
must be an array
or reference an array.
$os
Contains a hash with keys
describing the details of an
operating system definition.
describing the details of an
operating system definition.
If you set a current
third-party map
before calling
third-party map
before calling
SetOS
,
only the rendering
keys are required.
keys are required.
The
$os
variable is an OS definition hash
that supports several keys. For more
information, see
information, see