Host Input API

The Firepower System provides two tools for importing data from other sources on your network to augment your network map: the host input API and the host input import tool.

If your organization has the expertise to create Perl scripts, the host input API allows you to script direct data transfer between a third-party application and the network map. For example, you might have a patch management application on your network that contains information about the current patch levels for the hosts on your network. You could import the third-party fix information for each host into the network map. If you set up a map of the names that the third-party application uses for each patch and invoke it before adding the fixes, the system can use that information to update the vulnerability list on each host to deactivate vulnerabilities addressed by the fix. The host input API allows you to create a script that maps third-party data structures to Cisco data structures, so you can re-run the script to import new data as needed, as long as the names of data elements do not change on either side.

If you do not have a programmer available to you, or if you want to import a set of data and do not need to re-run similar imports in the future, you can create a text file containing the data and use the host input import tool to perform the import on the Firepower Management Center using the nmimport.pl script.

For example, if you are setting up a new installation of Firepower, you might want to make sure that all the computers listed in your asset management software exist in the network map. You could export the host data from the asset management application, format the results into an appropriately formatted text file, and import the host data using the host input import tool. If the asset management system includes operating system information for each host, you could set up a third-party product map for the asset management system and map each third-party operating system label to the corresponding Cisco label. You can set that map before you run the import, and the system will associate the appropriate Cisco operating system definition with each host.