Contents x
    Web Server Information - Enrich Asset Data
    • 28 Aug 2024
    • 2 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Web Server Information - Enrich Asset Data

    • Updated on 28 Aug 2024
    • 2 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Article summary

    Web Server Information - Enrich Asset Data (Enrich Device Data with Web Server Information) action enriches the web servers that are the results of the query with information about the web server including the server type, its version and operating system, the content management system (CMS) name and its version, the installed CMS plugins and versions and more.

    See Creating Enforcement Sets to learn more about adding Enforcement Actions to Enforcement Sets.

    General Settings

    • Enforcement Set name (required) - The name of the Enforcement Set. A default value is added by Axonius. You can change the name according to your needs.
    • Add description - Add a description of the Enforcement Set. It is recommended to describe what the Enforcement Set does.
    • Run action on assets matching following query (required) - Select an asset category and a query. The Enforcement Action will be run on the assets that match the query parameters.
    • Action name (required) - The name of the Main action. A default value is added by Axonius. You can change the name according to your needs.
    • Configure Dynamic Values - Toggle on to enter a Dynamic Value statement. See Creating Enforcement Action Dynamic Value Statements to learn more about Dynamic Value statement syntax.

    Required Fields

    These fields must be configured to run the Enforcement Set.

    1. Web server port (Default value: 443) - Specify the ports to use in order to fetch the web server information. You can specify more than one port in a comma-delimited list.
    2. Number of Parallel Connections - specify the number of connections to be opened to control the performance of the scan. The default value for this field is 10.
    3. Compute Node Name - The Axonius node to use when connecting to the specified host. For more details, see Connecting Additional Axonius Nodes.

    Additional Fields

    These fields are optional.

    1. HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.

    2. Fetch data from SSL scanner (required, default: False) - Check this option to fetch data from Qualys SSL Labs.

      • When this is enabled this will enrich device data with SSL Labs data, that includes information about the server host, its endpoints and indications on exposure to known SSL vulnerabilities, such as Heartbleed and POODLE.
        • To enrich device with data from Qualys SSL Labs:
          • Host name is required. If the device data does not include a host name, one of the following can be used:
            • Device IP address, that must be a public IP address.
            • Domain, if fetched as part of the SSL Certificate data.
          • Port 443 must be opened for Axonius to use the SSL Labs API.

    3. Qualys SSL Labs API v4 registered email (optional) - This field is available only when Fetch data from SSL scanner is enabled. Enter a Qualys SSL Labs API v4 registered email. To register a valid email address via CLI, run the following command:

    curl --location 'https://api.ssllabs.com/api/v4/register'  --header 'Content-Type: application/json' --data '{ "firstName":"John", "lastName":"Doe", "email":"john.doe@company.com", "organization":"Company"}'
    Note

    The Qualys SSL Labs API v4 registered email field is mandatory if you want to perform an SSL scan using Qualys.

    • Gateway Name - Select the gateway through which to connect to perform the action.

    For more details about other Enforcement Actions available, see Action Library.


    Was this article helpful?
    What's Next