Руководство Разработчика для Cisco Cisco Firepower Management Center 2000
3-24
FireSIGHT System Host Input API Guide
Chapter 3 Using the Host Input Import Tool
Example Host Input Import File
Example Host Input Import File
The following sections illustrate how you might construct an import file to import data using the host
input import tool.
input import tool.
The following sections, in sequential order, show each portion of the file:
•
•
•
•
•
•
•
•
•
Table 3-20
DeleteScanResult Fields
Field
Description
Required
Allowed Values
ipaddr
Indicates the IP address of
the scanned host or hosts.
the scanned host or hosts.
Yes
A single IP address.
scanner_id Indicates the scanner ID for
the scanner that obtained the
scan results.
scan results.
No
'scanner_id'
where
scanner_id
is a string indicating the name of the
scanner that is the source of the vulnerability data you add.
To add scan results from a previously used scanner, indicate
the specific scanner name listed in system policies on the
Defense Center where you added the results.
the specific scanner name listed in system policies on the
Defense Center where you added the results.
Adding results from a new scanner ID adds that scanner to the
system policy. New scanners are added as the lowest priority
by default. If you want to change the priority of the scanner,
you can do so in the system policy. For more information, see
the FireSIGHT System User Guide.
system policy. New scanners are added as the lowest priority
by default. If you want to change the priority of the scanner,
you can do so in the system policy. For more information, see
the FireSIGHT System User Guide.
vuln_id
Indicates the vulnerability
ID for the vulnerability.
ID for the vulnerability.
No
A valid third-party vulnerability ID.
port
With the
proto
field,
identifies the server affected
by the vulnerability on the
host where the import
occurs.
by the vulnerability on the
host where the import
occurs.
No
Integers in the range of 1-65535.
proto
With the
port
field,
identifies the server affected
by the vulnerability on the
host where the import
occurs.
by the vulnerability on the
host where the import
occurs.
No
Either the strings
tcp
or
udp
or the appropriate protocol IDs
6
(tcp) or
17
(udp).