- 28 Aug 2024
- 2 Minutes to read
- Print
- DarkLight
- PDF
Web Server Information - Enrich Asset Data
- Updated on 28 Aug 2024
- 2 Minutes to read
- Print
- DarkLight
- PDF
Web Server Information - Enrich Asset Data (Enrich Device Data with Web Server Information) action enriches the web servers that are the results of the query with information about the web server including the server type, its version and operating system, the content management system (CMS) name and its version, the installed CMS plugins and versions and more.
- Not all asset categories are supported for all Enforcement Actions.
- See Actions supported for Activity Logs, Adapters Fetch History, and Asset Investigation modules.
- See Actions supported for Vulnerabilities.
- See Actions supported for Software.
General Settings
- Action name - The name of this Enforcement Action. The system sets a default name. You can change the name.
- Configure Dynamic Values - Toggle on to enter a Dynamic Value statement. See Creating Enforcement Action Dynamic Value Statements to learn more about Dynamic Value statement syntax.
Required Fields
These fields must be configured to run the Enforcement Set.
- Web server port (Default value: 443) - Specify the ports to use in order to fetch the web server information. You can specify more than one port in a comma-delimited list.
- Number of Parallel Connections - specify the number of connections to be opened to control the performance of the scan. The default value for this field is 10.
- Compute Node Name - The Axonius node to use when connecting to the specified host. For more details, see Connecting Additional Axonius Nodes.
Additional Fields
These fields are optional.
- HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.
Fetch data from SSL scanner (required, default: False) - Check this option to fetch data from Qualys SSL Labs.
- When this is enabled this will enrich device data with SSL Labs data, that includes information about the server host, its endpoints and indications on exposure to known SSL vulnerabilities, such as Heartbleed and POODLE.
- To enrich device with data from Qualys SSL Labs:
- Host name is required. If the device data does not include a host name, one of the following can be used:
- Device IP address, that must be a public IP address.
- Domain, if fetched as part of the SSL Certificate data.
- Port 443 must be opened for Axonius to use the SSL Labs API.
- Host name is required. If the device data does not include a host name, one of the following can be used:
- To enrich device with data from Qualys SSL Labs:
- When this is enabled this will enrich device data with SSL Labs data, that includes information about the server host, its endpoints and indications on exposure to known SSL vulnerabilities, such as Heartbleed and POODLE.
Qualys SSL Labs API v4 registered email (optional) - This field is available only when Fetch data from SSL scanner is enabled. Enter a Qualys SSL Labs API v4 registered email. To register a valid email address via CLI, run the following command:
curl --location 'https://api.ssllabs.com/api/v4/register' --header 'Content-Type: application/json' --data '{ "firstName":"John", "lastName":"Doe", "email":"john.doe@company.com", "organization":"Company"}'
The Qualys SSL Labs API v4 registered email field is mandatory if you want to perform an SSL scan using Qualys.
- Gateway Name - Select the Gateway through which to connect to perform the action.
For more details about other Enforcement Actions available, see Action Library.