Cisco Firepower Management Center (FMC) 2.0.0
App Vendor: Cisco
App Category: Network Security
Connector Version: 2.0.0
API Version: 1.0.0
About App
Cisco Firepower Management Center (FMC) is the administrative nerve center for Cisco security products running on a number of different platforms. The Cisco FMC provides complete and unified management of firewalls, application control, intrusion prevention, URL filtering, and advanced malware protection. The Cisco FMC app enables security teams to integrate with the enterprise version of the Cisco FMC to get details about incidents and indicators.
The Cisco Firepower Management Center (FMC) app is configured with the Orchestrate application to perform the following actions:
Action Name | Description |
|---|---|
Get Incident Details | This action retrieves the details of an incident. |
Get a List of Incidents | This action retrieves a list of incidents. |
Get Indicator Details | This action retrieves the details of an indicator. |
Get a List of Indicators | This action retrieves a list of indicators. |
Generic Action | This is a generic action to perform any additional use case on Cisco Firepower Management Center (FMC). |
Configuration Parameters
The following configuration parameters are required for the Cisco FMC app to communicate with the Cisco FMC enterprise application. The parameters can be configured by creating instances in the app.
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Base URL | Enter the base URL. | Text | Required | Base URL format: https://<management_center_ip_or_name>:<port> |
Username | Enter the username to authenticate the client. | Text | Required | |
Password | Enter the password to authenticate the client. | Password | Required | |
Verify Requests | Optional preference to either verify or skip the TLS certificate verification. Example: false | Boolean | Optional | Allowed values:
Default value: false |
Action: Get a List of Incidents
This action retrieves a list of incidents.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Domain UUID | Enter the domain UUID. | Text | Required | |
Query Parameters | Enter the query parameters in key-value pairs to filter the data. | Key Value | Optional |
Action: Get a List of Indicators
This action retrieves a list of indicators.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Domain UUID | Enter the domain UUID. | Text | Required | |
Query Parameters | Enter the query parameters in key-value pairs to filter the data. | Key Value | Optional |
Action: Get Incident Details
This action retrieves the details of an incident.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Incident ID | Enter the incident ID. Example: "<Sample Incident ID>" | Text | Required | You can retrieve the incident ID using Get a list of incidents action. |
Domain UUID | Enter the domain UUID. Example: "<Sample Domain UUID>" | Text | Required | |
Query Parameters | Enter the query parameters to filter the data in key-value pairs. Example: { "<Sample Key>": "<Sample value>" } | Key Value | Optional |
Example Request
[
{
"inc_id": "<Sample Incident ID>",
"domain_uuid": "<Sample Domain UUID>",
"query_params":
{
"<Sample Key>": "<Sample value>"
}
}
]Action: Get Indicator Details
This action retrieves the details of an indicator.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Indicator ID | Enter the indicator ID. | Text | Required | You can retrieve the indicator ID using the Get a list of indicators action. |
Domain UUID | Enter the domain UUID. | Text | Required | |
Query Parameters | Enter the query parameters in key-value pairs to filter the data. | Key Value | Optional |
Action: Generic Action
This is a generic action to perform any additional use case on Cisco Firepower Management Center (FMC).
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
Endpoint | Enter the endpoint to make the API request. Example: "/fmc_config/v1/domain/{domain_UUID}/devices/devicerecords" | Text | Required | |
HTTP Method | Enter the HTTP endpoint method. Examples:
| Text | Required | |
Request Body | Enter the request body in JSON format. Example: {"data": [{"reason": "security_test"}]} | Any | Optional | |
Query Params | Enter the query parameters in JSON format. Example: {"limit": "10"} | Any | Optional |