Skip to main content

Cyware Orchestrate

Cisco Firepower Management Center (FMC) 2.0.0

App Vendor: Cisco

App Category: Network Security

Connector Version: 2.0.0

API Version: 1.0.0

About App

Cisco Firepower Management Center (FMC) is the administrative nerve center for Cisco security products running on a number of different platforms. The Cisco FMC provides complete and unified management of firewalls, application control, intrusion prevention, URL filtering, and advanced malware protection. The Cisco FMC app enables security teams to integrate with the enterprise version of the Cisco FMC to get details about incidents and indicators.

The Cisco Firepower Management Center (FMC) app is configured with the Orchestrate application to perform the following actions:

Action Name

Description

Get Incident Details

This action retrieves the details of an incident.

Get a List of Incidents

This action retrieves a list of incidents.

Get Indicator Details

This action retrieves the details of an indicator.

Get a List of Indicators

This action retrieves a list of indicators.

Generic Action

This is a generic action to perform any additional use case on Cisco Firepower Management Center (FMC).

Configuration Parameters

The following configuration parameters are required for the Cisco FMC app to communicate with the Cisco FMC enterprise application. The parameters can be configured by creating instances in the app.

Parameter

Description

Field Type

Required/Optional

Comments

Base URL

Enter the base URL.

Text

Required

Base URL format:

https://<management_center_ip_or_name>:<port>

Username

Enter the username to authenticate the client.

Text

Required

Password

Enter the password to authenticate the client.

Password

Required

Verify Requests

Optional preference to either verify or skip the TLS certificate verification.

Example:

false

Boolean

Optional

Allowed values:

  • true

  • false

Default value:

false

Action: Get a List of Incidents

This action retrieves a list of incidents.

Action Input Parameters

Parameter

Description

Field Type

Required/Optional

Comments

Domain UUID

Enter the domain UUID.

Text

Required

Query Parameters

Enter the query parameters in key-value pairs to filter the data.

Key Value

Optional

Action: Get a List of Indicators

This action retrieves a list of indicators.

Action Input Parameters

Parameter

Description

Field Type

Required/Optional

Comments

Domain UUID

Enter the domain UUID.

Text

Required

Query Parameters

Enter the query parameters in key-value pairs to filter the data.

Key Value

Optional

Action: Get Incident Details

This action retrieves the details of an incident.

Action Input Parameters

Parameter

Description

Field Type

Required/Optional

Comments

Incident ID

Enter the incident ID.

Example:

"<Sample Incident ID>"

Text

Required

You can retrieve the incident ID using Get a list of incidents action.

Domain UUID

Enter the domain UUID.

Example:

"<Sample Domain UUID>"

Text

Required

Query Parameters

Enter the query parameters to filter the data in key-value pairs.

Example:

{ "<Sample Key>": "<Sample value>" }

Key Value

Optional

Example Request

[
  {
    "inc_id": "<Sample Incident ID>",
    "domain_uuid": "<Sample Domain UUID>",
    "query_params":
    {
      "<Sample Key>": "<Sample value>"
    }
  }
]
Action: Get Indicator Details

This action retrieves the details of an indicator.

Action Input Parameters

Parameter

Description

Field Type

Required/Optional

Comments

Indicator ID

Enter the indicator ID.

Text

Required

You can retrieve the indicator ID using the Get a list of indicators action.

Domain UUID

Enter the domain UUID.

Text

Required

Query Parameters

Enter the query parameters in key-value pairs to filter the data.

Key Value

Optional

Action: Generic Action

This is a generic action to perform any additional use case on Cisco Firepower Management Center (FMC).

Action Input Parameters

Parameter

Description

Field Type

Required/Optional

Comments

Endpoint

Enter the endpoint to make the API request.

Example: "/fmc_config/v1/domain/{domain_UUID}/devices/devicerecords"

Text

Required

HTTP Method

Enter the HTTP endpoint method.

Examples:

  • POST

  • GET

  • PUT

  • DELETE

Text

Required

Request Body

Enter the request body in JSON format.

Example:

{"data": [{"reason": "security_test"}]}

Any

Optional

Query Params

Enter the query parameters in JSON format.

Example:

{"limit": "10"}

Any

Optional