Cisco Cisco Firepower Management Center 2000 开发者指南

See 

 for an example of this function used 

in a script.

Use this syntax:

SetCurrent3rdPartyMap($map_name)

where 

$map_name

 is the name of the third-party product map, enclosed in double quotes, that you created 

using the Defense Center web interface.

This function unsets the current active third-party map.

Use this syntax:

UnsetCurrent3rdPartyMap()

This function adds scan results from a third-party vulnerability scanner and maps each vulnerability to 
a BugTraq or CVE ID.

If you import a scan result with a vulnerability for a server on a host, but do not use 

AddService

 to import 

the server to the host, the application protocol for the server will show a value of 

unknown

 in the host 

profile. If you import scan results using this function, be sure to edit the source definition for the input 
source in your network discovery policy to set the identity source type to Scanner. 

For examples of how to use 

AddScanResult

, 

, and 

.

Use this syntax:

AddScanResult($scanner_id,$ipaddr,$mapping_vuln_list,$generic_item_list,$flag)

$scanner_id

Indicates the scanner 
ID for the scanner that 
obtained the scan 
results.

Yes

where 

scanner_id

 is a string indicating the name of the scanner 

that is the source of the vulnerability data you add.

To add scan results from a previously used scanner, indicate the 
specific scanner name listed in system policies on the Defense 
Center where you added the results. 

Adding results from a new scanner ID adds that scanner to the 
system policy. New scanners are added as the lowest priority by 
default. If you want to change the priority of the scanner, you 
can do so in the system policy. For more information, see the 
FireSIGHT System User Guide.

$ipaddr

Indicates the IP 
address of the scanned 
hosts. 

Yes

A comma-separated list of IP addresses, CIDR blocks, and 
ranges of IP addresses, with each address, block, or range 
enclosed in double quotes.