Kenna Item - DON'T EDIT THESE VALUES,Associated Source File Column,Required,Description,Object Type
date_format,"%b %d, %Y %H.%M %Z",yes if dates in data,Script Only - used to format dates google ruby strftime for more info on format syntax,
locator,external_id,yes,Script only - field used to deduplication prior to upload - should match kenna locator syntax,Asset
file,,one value per Asset is required,column name in CSV pointing to (string) path of affected file,Asset
ip_address,,one value per Asset is required,column name in CSV pointing to (string) IP of internal facing asset,Asset
mac_address,,one value per Asset is required,column name in CSV pointing to (mac format-regex) MAC address asset,Asset
hostname,Resource Name,one value per Asset is required,column name in CSV pointing to (string) host name/domain name of affected asset,Asset
ec2,,one value per Asset is required,column name in CSV pointing to (string) Amazon EC2 instance id or name,Asset
netbios,,one value per Asset is required,column name in CSV pointing to(string) netbios name,Asset
url,,one value per Asset is required,column name in CSV pointing to (string) URL pointing to asset,Asset
fqdn,,one value per Asset is required,column name in CSV pointing to (string) fqdn of asset,Asset
external_id,Resource ID,one value per Asset is required,column name in CSV pointing to (string) ExtID of asset,Asset
database,,one value per Asset is required,column name in CSV pointing to (string) Name of db,Asset
application,,no,column name in CSV pointing to (string) ID/app Name - label assigned to asset,Asset
tags,"Region,Policy Labels,Cloud Type,Cloud Account Id",no,(string) comma separated list of columns with strings that correspond to tags on an asset - no spaces,Asset Meta
tag_prefix,"Cloud Region:,Prisma Policy Label:,Cloud Type:,Cloud Account ID:",no,comma separated list of prefixes which corresponds to list in tag. Number and order of elements should match tags exactly.,
owner,Cloud Account Name,no,column name in CSV pointing to (string) Some string that identifies an owner of an asset,Asset Meta
os,,no,column name in CSV pointing to (string) Operating system of asset,Asset Meta
os_version,,no,column name in CSV pointing to (string) OS version,Asset Meta
priority,,no,column name in CSV pointing to (Integer) Priority of asset (int 1 to 10).Adjusts asset score. nil for default to 10,Asset Meta
scanner_source,static,yes,declares scanner_type data as static (listed in this file) or column (pulled from the csv source file),
scanner_type,Prisma,yes,(string) - official name of scan type - should be the same across files where appropriate can be static or pulled from column as directed in scanner_source,Vulnerability & Vuln Def
scanner_id,Alert ID,yes,column name in CSV pointing to (string) - Vuln ID as defined by the scanner,Vulnerability & Vuln Def
details,,no,column name in CSV pointing to (string) - Details about vuln specific to single host,Vulnerability
created,,no,column name in CSV pointing to (string) - Date vuln created,Vulnerability
scanner_score,Policy Severity,no,column name in CSV pointing to (Integer) - scanner score used for scoring appsec vulns - informational for network vulns - translate to int 1-10 using score_map if needed,Vulnerability
score_map,"{""high"":""10"",""medium"":""8"",""low"":""6""}",no,hash of translation scanner score values to kenna range of 1-10 if needed based on column in scanner_score,
last_fixed,,no,column name in CSV pointing to (string) - Last fixed date,Vulnerability
last_seen,Alert Time,yes,column name in CSV pointing to (string) Date it was closed,Vulnerability
status,Alert Status,yes,"column name in CSV pointing to (string) default to ""open"" if inbound reports will only include open vulns",Vulnerability
status_map,,no,Script Only - hash of translation... scanner status to Kenna status mappings if needed,
closed,,required if status is closed,column name in CSV pointing to (string) Date it was closed,Vulnerability
port,,no,column name in CSV pointing to (Integer) Port if associated with vuln,Vulnerability
cve_id,,no,column name in CSV pointing to (string) CVEs - note that this can be a comma-delimited list format CVE-000-0000,Vuln Def
wasc_id,,no,column name in CSV pointing to (string) WASC - note that this can be a comma-delimited list - format WASC-00,Vuln Def
cwe_id,,no,column name in CSV pointing to (string) CWE - note that this can be a comma-delimited list - format CWE-000,Vuln Def
name,Policy Name,no,"column name in CSV pointing to (string) Name/title of Vuln will be displayed as vuln name if no cve, cwe or wasc",Vuln Def
description,Description,no,column name in CSV pointing to (string) Description,Vuln Def
solution,Recommendation,no,column name in CSV pointing to (string) Solution,Vuln Def