Adding a Positive Technologies MaxPatrol Scanner
Ensure that the following prerequisites are met:
The Positive Technologies MaxPatrol system is configured to export JSA compatible XML vulnerability reports.
An SFTP or SMB share is set up and contains the exported XML vulnerability reports.
Add a Positive Technologies MaxPatrol scanner to your JSA deployment.
The following table describes Positive Technologies MaxPatrol scanner parameters when you select SFTP as the import method:
Parameter |
Description |
---|---|
Remote Hostname |
The IP address or host name of the server that has the scan results file. |
Login Username |
The user name that JSA uses to log in to the server. |
Enable Key Authentication |
Specifies that JSA authenticates with a key-based authentication file. |
Remote directory |
The location of the scan result files. |
Private Key File |
The full path to the file that contains the private key. If a key file does not exist, you must create the vis.ssh.key file. Note:
The For example: # ls -al /opt/qradar/conf/vis.ssh.key -rw------- 1 vis qradar 1679 Aug 7 06:24 /opt/qradar/conf/vis.ssh.key |
File Name Pattern |
The regular expression (regex) required to filter the list of files in the Remote Directory. The .*\.xml pattern imports all XML files in the remote directory. |
The following table describes Positive Technologies MaxPatrol scanner parameters when you select SMB Share as the import method:
Parameter |
Description |
---|---|
Hostname |
The IP address or host name of the SMB Share. |
Login Username |
The user name that JSA uses to log in to SMB Share. |
Domain |
The domain that is used to connect to the SMB Share. |
SMB Folder Path |
The full path to the share from the root of the SMB host. Use forward slashes, for example, /share/logs/. |
File Name Pattern |
The regular expression (regex) required to filter the list of files in the Remote Directory. The .*\.xml pattern imports all xml files in the remote directory. |
- Click the Admin tab.
- Click the VA Scanners icon.
- Click Add.
- In the Scanner Name field, type a name to identify the Positive Technologies MaxPatrol scanner.
- From the Managed Host list, select the managed host that manages the scanner import.
- From the Type list, select Positive Technologies MaxPatrol Scanner.
- Configure the parameters.
- Configure a CIDR range for the scanner.
- Click Save.
- On the Admin tab, click Deploy Changes.
For more information about how to create a scan schedule, see Scheduling a Vulnerability Scan.