recog 2.3.17 → 2.3.21

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (51) hide show
  1. checksums.yaml +4 -4
  2. data/.github/workflows/ci.yml +26 -0
  3. data/bin/recog_standardize +6 -0
  4. data/cpe-remap.yaml +342 -200
  5. data/identifiers/README.md +24 -10
  6. data/identifiers/fields.txt +104 -0
  7. data/identifiers/hw_device.txt +2 -0
  8. data/identifiers/hw_family.txt +11 -0
  9. data/identifiers/hw_product.txt +71 -0
  10. data/identifiers/os_device.txt +2 -1
  11. data/identifiers/os_family.txt +2 -0
  12. data/identifiers/os_product.txt +36 -8
  13. data/identifiers/service_family.txt +10 -1
  14. data/identifiers/service_product.txt +78 -2
  15. data/identifiers/vendor.txt +55 -0
  16. data/lib/recog/nizer.rb +1 -82
  17. data/lib/recog/version.rb +1 -1
  18. data/requirements.txt +1 -1
  19. data/update_cpes.py +18 -5
  20. data/xml/apache_modules.xml +60 -0
  21. data/xml/apache_os.xml +1 -1
  22. data/xml/dns_versionbind.xml +11 -1
  23. data/xml/favicons.xml +122 -3
  24. data/xml/ftp_banners.xml +62 -51
  25. data/xml/html_title.xml +553 -41
  26. data/xml/http_cookies.xml +262 -61
  27. data/xml/http_servers.xml +478 -108
  28. data/xml/http_wwwauth.xml +36 -9
  29. data/xml/imap_banners.xml +5 -5
  30. data/xml/ldap_searchresult.xml +1 -0
  31. data/xml/mdns_device-info_txt.xml +340 -10
  32. data/xml/mysql_banners.xml +2 -1
  33. data/xml/nntp_banners.xml +1 -1
  34. data/xml/ntp_banners.xml +16 -2
  35. data/xml/operating_system.xml +4 -4
  36. data/xml/pop_banners.xml +4 -4
  37. data/xml/rtsp_servers.xml +7 -0
  38. data/xml/sip_banners.xml +347 -9
  39. data/xml/sip_user_agents.xml +323 -4
  40. data/xml/smb_native_lm.xml +32 -1
  41. data/xml/smb_native_os.xml +160 -33
  42. data/xml/smtp_banners.xml +167 -128
  43. data/xml/smtp_expn.xml +1 -0
  44. data/xml/smtp_vrfy.xml +1 -0
  45. data/xml/snmp_sysdescr.xml +205 -36
  46. data/xml/ssh_banners.xml +139 -25
  47. data/xml/telnet_banners.xml +92 -48
  48. data/xml/tls_jarm.xml +140 -0
  49. data/xml/x509_issuers.xml +201 -2
  50. data/xml/x509_subjects.xml +251 -32
  51. metadata +5 -2
data/xml/smtp_expn.xml CHANGED
@@ -78,6 +78,7 @@
78
78
  <param pos="0" name="service.vendor" value="Lotus"/>
79
79
  <param pos="0" name="service.family" value="Lotus Domino"/>
80
80
  <param pos="0" name="service.product" value="Lotus Domino"/>
81
+ <param pos="0" name="service.cpe23" value="cpe:/a:ibm:lotus_domino:-"/>
81
82
  </fingerprint>
82
83
 
83
84
  <fingerprint pattern="^550[ -]Unable to find list '.*'\.$">
data/xml/smtp_vrfy.xml CHANGED
@@ -95,6 +95,7 @@
95
95
  <param pos="0" name="service.vendor" value="Lotus"/>
96
96
  <param pos="0" name="service.family" value="Lotus Domino"/>
97
97
  <param pos="0" name="service.product" value="Lotus Domino"/>
98
+ <param pos="0" name="service.cpe23" value="cpe:/a:ibm:lotus_domino:-"/>
98
99
  </fingerprint>
99
100
 
100
101
  </fingerprints>
data/xml/snmp_sysdescr.xml CHANGED
@@ -1039,7 +1039,9 @@
1039
1039
  <param pos="0" name="os.vendor" value="Brocade"/>
1040
1040
  <param pos="0" name="os.product" value="Fabric OS"/>
1041
1041
  <param pos="0" name="os.device" value="Switch"/>
1042
- <param pos="0" name="os.cpe23" value="cpe:/o:brocade:fabric_os:-"/>
1042
+ <param pos="0" name="os.cpe23" value="cpe:/o:broadcom:fabric_operating_system:-"/>
1043
+ <param pos="0" name="hw.vendor" value="Brocade"/>
1044
+ <param pos="0" name="hw.device" value="Switch"/>
1043
1045
  </fingerprint>
1044
1046
 
1045
1047
  <fingerprint pattern="^Brocade ((?:\S+ )?SAN Switch) Module for IBM eServer BladeCenter$">
@@ -1050,6 +1052,7 @@
1050
1052
  <param pos="0" name="os.vendor" value="Brocade"/>
1051
1053
  <param pos="0" name="os.device" value="Switch"/>
1052
1054
  <param pos="1" name="os.product"/>
1055
+ <param pos="0" name="hw.vendor" value="Brocade"/>
1053
1056
  </fingerprint>
1054
1057
 
1055
1058
  <fingerprint pattern="^Brocade (?:Communications? Systems, Inc\. )?([^,\(]+)(?: \([^\)]+\))?,(?: Extended route scalability,)? IronWare Version V?(\S+) .*$">
@@ -1079,6 +1082,47 @@
1079
1082
  <param pos="2" name="os.version"/>
1080
1083
  </fingerprint>
1081
1084
 
1085
+ <fingerprint pattern="^Brocade VDX Switch, BR-(\S+), Network Operating System Software Version (\S+)\.$">
1086
+ <description>Brocade VDX Switch</description>
1087
+ <example hw.product="VDX6740" os.version="7.0.2b">Brocade VDX Switch, BR-VDX6740, Network Operating System Software Version 7.0.2b.</example>
1088
+ <param pos="0" name="os.vendor" value="Brocade"/>
1089
+ <param pos="0" name="os.device" value="Switch"/>
1090
+ <param pos="0" name="os.family" value="NetworkOS"/>
1091
+ <param pos="2" name="os.version"/>
1092
+ <param pos="0" name="hw.vendor" value="Brocade"/>
1093
+ <param pos="0" name="hw.family" value="VDX"/>
1094
+ <param pos="1" name="hw.product"/>
1095
+ <param pos="0" name="hw.device" value="Switch"/>
1096
+ </fingerprint>
1097
+
1098
+ <fingerprint pattern="^([^,]{1,512}), (VDX\S+), Network Operating System Software Version (\S+)\.$">
1099
+ <description>Brocade VDX Switch w/Hostname</description>
1100
+ <example host.name="core02" hw.product="VDX6740T-1G" os.version="7.0.1b">core02, VDX6740T-1G, Network Operating System Software Version 7.0.1b.</example>
1101
+ <param pos="0" name="os.vendor" value="Brocade"/>
1102
+ <param pos="0" name="os.device" value="Switch"/>
1103
+ <param pos="0" name="os.family" value="NetworkOS"/>
1104
+ <param pos="3" name="os.version"/>
1105
+ <param pos="0" name="hw.vendor" value="Brocade"/>
1106
+ <param pos="0" name="hw.family" value="VDX"/>
1107
+ <param pos="2" name="hw.product"/>
1108
+ <param pos="0" name="hw.device" value="Switch"/>
1109
+ <param pos="1" name="host.name"/>
1110
+ </fingerprint>
1111
+
1112
+ <fingerprint pattern="^([^,]{1,512}), BR-(\S+), Network Operating System Software Version (\S+)\.$">
1113
+ <description>Brocade VDX Switch w/Hostname and BR prefix</description>
1114
+ <example host.name="core01" hw.product="VDX6740" os.version="7.0.2b">core01, BR-VDX6740, Network Operating System Software Version 7.0.2b.</example>
1115
+ <param pos="0" name="os.vendor" value="Brocade"/>
1116
+ <param pos="0" name="os.device" value="Switch"/>
1117
+ <param pos="0" name="os.family" value="NetworkOS"/>
1118
+ <param pos="3" name="os.version"/>
1119
+ <param pos="0" name="hw.vendor" value="Brocade"/>
1120
+ <param pos="0" name="hw.family" value="VDX"/>
1121
+ <param pos="2" name="hw.product"/>
1122
+ <param pos="0" name="hw.device" value="Switch"/>
1123
+ <param pos="1" name="host.name"/>
1124
+ </fingerprint>
1125
+
1082
1126
  <!--======================================================================
1083
1127
  BROTHER
1084
1128
  =======================================================================-->
@@ -1352,7 +1396,7 @@
1352
1396
  Computer Associates
1353
1397
  =======================================================================-->
1354
1398
 
1355
- <fingerprint pattern="^(?:Linux )?\s*SystemEDGE.*$">
1399
+ <fingerprint pattern="^(?:Linux )?\s{0,256}SystemEDGE.*$">
1356
1400
  <description>CA SystemEDGE Management Agent</description>
1357
1401
  <example>Linux SystemEDGE Management Agent, Concord Communications, Inc.</example>
1358
1402
  <example>SystemEDGE Management Agent, CA, Inc.</example>
@@ -1409,7 +1453,7 @@
1409
1453
  <param pos="0" name="os.product" value="Switch"/>
1410
1454
  </fingerprint>
1411
1455
 
1412
- <fingerprint pattern="^(\S+) OPTICAL SW:(\S+) .* Ciena \(R\) Corporation$">
1456
+ <fingerprint pattern="^(\S{1,32}) OPTICAL SW:(\S+) .* Ciena \(R\) Corporation$">
1413
1457
  <description>Ciena Optical - software version variant</description>
1414
1458
  <example>6500 OPTICAL SW:0810 BN:HD (c) Ciena (R) Corporation</example>
1415
1459
  <param pos="0" name="os.vendor" value="Ciena"/>
@@ -1539,7 +1583,7 @@
1539
1583
  <param pos="0" name="os.product" value="Adaptive Security Appliance"/>
1540
1584
  <param pos="0" name="os.device" value="Firewall"/>
1541
1585
  <param pos="1" name="os.version"/>
1542
- <param pos="0" name="os.cpe23" value="cpe:/o:cisco:adaptive_security_appliance:{os.version}"/>
1586
+ <param pos="0" name="os.cpe23" value="cpe:/o:cisco:adaptive_security_appliance_software:{os.version}"/>
1543
1587
  <param pos="0" name="hw.vendor" value="Cisco"/>
1544
1588
  <param pos="0" name="hw.family" value="Adaptive Security Appliance"/>
1545
1589
  <param pos="0" name="hw.product" value="Adaptive Security Appliance"/>
@@ -1568,7 +1612,7 @@
1568
1612
  <param pos="0" name="os.product" value="VPN 3000 Concentrator"/>
1569
1613
  <param pos="0" name="os.device" value="VPN"/>
1570
1614
  <param pos="1" name="os.version"/>
1571
- <param pos="0" name="os.cpe23" value="cpe:/o:cisco:vpn_3000_concentrator:{os.version}"/>
1615
+ <param pos="0" name="os.cpe23" value="cpe:/o:cisco:vpn_3000_concentrator_series_software:{os.version}"/>
1572
1616
  </fingerprint>
1573
1617
 
1574
1618
  <fingerprint pattern="^(?:Cisco )?Network Analysis Module \(WS-[^\)]+\), Version ([^, ]+)[,\s]?">
@@ -1587,6 +1631,11 @@ Copyright (c) 1999-2004 by cisco Systems, Inc.</example>
1587
1631
  <param pos="0" name="os.product" value="NAM"/>
1588
1632
  <param pos="0" name="os.device" value="Network Management Device"/>
1589
1633
  <param pos="1" name="os.version"/>
1634
+ <param pos="0" name="os.cpe23" value="cpe:/o:cisco:network_analysis_module_software:{os.version}"/>
1635
+ <param pos="0" name="hw.vendor" value="Cisco"/>
1636
+ <param pos="0" name="hw.product" value="NAM"/>
1637
+ <param pos="0" name="hw.device" value="Network Management Device"/>
1638
+ <param pos="0" name="hw.cpe23" value="cpe:/h:cisco:network_analysis_module:-"/>
1590
1639
  </fingerprint>
1591
1640
 
1592
1641
  <fingerprint pattern="^(?:Cisco )?Network Analysis Module \(WS-([^\-]+)-NAM\)$">
@@ -1596,6 +1645,9 @@ Copyright (c) 1999-2004 by cisco Systems, Inc.</example>
1596
1645
  <param pos="0" name="os.vendor" value="Cisco"/>
1597
1646
  <param pos="0" name="os.product" value="NAM"/>
1598
1647
  <param pos="0" name="os.device" value="Network Management Device"/>
1648
+ <param pos="0" name="os.cpe23" value="cpe:/o:cisco:network_analysis_module_software:-"/>
1649
+ <param pos="0" name="hw.vendor" value="Cisco"/>
1650
+ <param pos="0" name="hw.device" value="Network Management Device"/>
1599
1651
  <param pos="1" name="hw.product"/>
1600
1652
  </fingerprint>
1601
1653
 
@@ -1796,6 +1848,21 @@ Copyright (c) 1995-2005 by Cisco Systems
1796
1848
  <param pos="1" name="os.version"/>
1797
1849
  </fingerprint>
1798
1850
 
1851
+ <!--======================================================================
1852
+ Cumulus
1853
+ =======================================================================-->
1854
+
1855
+ <fingerprint pattern="^Cumulus Linux (\S+) \(Linux Kernel ([^\)]+)\)">
1856
+ <description>Cumulus Linux</description>
1857
+ <example os.version="3.7.2" os.version.version="4.1.33-1+cl3u17">Cumulus Linux 3.7.2 (Linux Kernel 4.1.33-1+cl3u17)</example>
1858
+ <param pos="0" name="os.vendor" value="Cumulus"/>
1859
+ <param pos="0" name="os.device" value="Switch"/>
1860
+ <param pos="0" name="os.product" value="Cumulus Linux"/>
1861
+ <param pos="1" name="os.version"/>
1862
+ <param pos="2" name="os.version.version"/>
1863
+ <param pos="0" name="os.cpe23" value="cpe:/o:cumulusnetworks:cumulus_linux:{os.version}"/>
1864
+ </fingerprint>
1865
+
1799
1866
  <!--======================================================================
1800
1867
  DATA DOMAIN
1801
1868
  =======================================================================-->
@@ -2383,9 +2450,9 @@ Copyright (c) 1995-2005 by Cisco Systems
2383
2450
  <param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:{os.version}"/>
2384
2451
  </fingerprint>
2385
2452
 
2386
- <fingerprint pattern="^(\S+) .*OpenVMS V(\S+) .*$">
2453
+ <fingerprint pattern="^(\S{1,512}) .*OpenVMS V(\S+) .*$">
2387
2454
  <description>OpenVMS</description>
2388
- <example>hostname VAX 4000-200 OpenVMS V7.2 Compaq TCP/IP Services for OpenVMS</example>
2455
+ <example host.name="hostname">hostname VAX 4000-200 OpenVMS V7.2 Compaq TCP/IP Services for OpenVMS</example>
2389
2456
  <param pos="0" name="os.vendor" value="HP"/>
2390
2457
  <param pos="0" name="os.family" value="OpenVMS"/>
2391
2458
  <param pos="0" name="os.product" value="OpenVMS"/>
@@ -2394,7 +2461,7 @@ Copyright (c) 1995-2005 by Cisco Systems
2394
2461
  <param pos="0" name="os.cpe23" value="cpe:/o:hp:openvms:{os.version}"/>
2395
2462
  </fingerprint>
2396
2463
 
2397
- <fingerprint pattern="^(\S+) (.*?) (?:HP|Compaq) Tru64 UNIX V(\S+) \(Rev\. ([^\)]+)\).*TCP/IP$">
2464
+ <fingerprint pattern="^(\S{1,512}) (.*?) (?:HP|Compaq) Tru64 UNIX V(\S+) \(Rev\. ([^\)]+)\).*TCP\/IP$">
2398
2465
  <description>Digital/Compaq/HP Tru64 Unix</description>
2399
2466
  <example host.name="was1" hw.product="AlphaServer DS10 466 MHz" os.version="5.1B" os.version.version="2650">was1 AlphaServer DS10 466 MHz Compaq Tru64 UNIX V5.1B (Rev. 2650); Wed Feb 25 13:29:07 KST 2004 TCP/IP</example>
2400
2467
  <param pos="0" name="os.vendor" value="HP"/>
@@ -2407,7 +2474,7 @@ Copyright (c) 1995-2005 by Cisco Systems
2407
2474
  <param pos="0" name="os.cpe23" value="cpe:/o:hp:tru64_unix:{os.version}"/>
2408
2475
  </fingerprint>
2409
2476
 
2410
- <fingerprint pattern="^(\S+) (.*?) Digital UNIX V(\S+)\s+\(Rev\. ([^\)]+)\).*TCP/IP$">
2477
+ <fingerprint pattern="^(\S{1,512}) (.*?) Digital UNIX V(\S+)\s+\(Rev\. ([^\)]+)\).*TCP/IP$">
2411
2478
  <description>Digital/Compaq/HP Tru64 Unix - Digital branding variant</description>
2412
2479
  <example host.name="example.com" hw.product="COMPAQ AlphaServer DS10 617 MHz" os.version="4.0F" os.version.version="1229">example.com COMPAQ AlphaServer DS10 617 MHz Digital UNIX V4.0F (Rev. 1229); Wed May 22 13:55:58 CST 2002 TCP/IP</example>
2413
2480
  <example host.name="example.com" hw.product="COMPAQ Professional Workstation XP1000" os.version="4.0F" os.version.version="1229">example.com COMPAQ Professional Workstation XP1000 Digital UNIX V4.0F (Rev. 1229); Wed Jun 30 14:32:53 MET DST 2004 . TCP/IP</example>
@@ -3015,6 +3082,7 @@ Copyright (c) 1995-2005 by Cisco Systems
3015
3082
  <param pos="0" name="os.product" value="iLO"/>
3016
3083
  <param pos="0" name="os.device" value="Lights Out Management"/>
3017
3084
  <param pos="1" name="os.version"/>
3085
+ <param pos="0" name="os.cpe23" value="cpe:/o:hp:integrated_lights-out_firmware:{os.version}"/>
3018
3086
  </fingerprint>
3019
3087
 
3020
3088
  <fingerprint pattern="^Integrated Lights-Out (\d) \(iLO \d\) for Integrity$">
@@ -3025,6 +3093,7 @@ Copyright (c) 1995-2005 by Cisco Systems
3025
3093
  <param pos="0" name="os.product" value="iLO"/>
3026
3094
  <param pos="0" name="os.device" value="Lights Out Management"/>
3027
3095
  <param pos="1" name="os.version"/>
3096
+ <param pos="0" name="os.cpe23" value="cpe:/o:hp:integrated_lights-out_firmware:{os.version}"/>
3028
3097
  </fingerprint>
3029
3098
 
3030
3099
  <!--======================================================================
@@ -3103,7 +3172,7 @@ Copyright (c) 1995-2005 by Cisco Systems
3103
3172
  <param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:4.3"/>
3104
3173
  </fingerprint>
3105
3174
 
3106
- <fingerprint pattern="^(?:\S+ )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime AIX [^:]+: 04\.02\..*$">
3175
+ <fingerprint pattern="^(?:\S{1,1024} )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime AIX [^:]+: 04\.02\..*$">
3107
3176
  <description>IBM AIX 4.2 on PowerPC</description>
3108
3177
  <example>IBM PowerPC CHRP Computer Machine Type: 0x0800004c Processor id: 0040906A4C00 Base Operating System Runtime AIX version: 04.02.0001.0000 TCP/IP Client Support version: 04.02.0001.0000</example>
3109
3178
  <example>IBM PowerPC CHRP Computer Machine Type: 0x0800004c Processor id: 0044B47A4C00 Base Operating System Runtime AIX version: 04.02.0001.0000 TCP/IP Client Support version: 04.02.0001.0000</example>
@@ -3118,7 +3187,7 @@ Copyright (c) 1995-2005 by Cisco Systems
3118
3187
  <param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:4.2"/>
3119
3188
  </fingerprint>
3120
3189
 
3121
- <fingerprint pattern="^(?:\S+ )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime AIX [^:]+: 04\.03\..*$">
3190
+ <fingerprint pattern="^(?:\S{1,1024} )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime AIX [^:]+: 04\.03\..*$">
3122
3191
  <description>IBM AIX 4.3 on PowerPC</description>
3123
3192
  <example>IBM PowerPC CHRP Computer Machine Type: 0x0800004c Processor id: 0056BD5A4C00 Base Operating System Runtime AIX version: 04.03.0003.0075 TCP/IP Client Support version: 04.03.0003.0075</example>
3124
3193
  <example>IBM PowerPC CHRP Computer Machine Type: 0x0800004c Processor id: 005A269A4C00 Base Operating System Runtime AIX version: 04.03.0003.0075 TCP/IP Client Support version: 04.03.0003.0075</example>
@@ -3135,7 +3204,7 @@ Copyright (c) 1995-2005 by Cisco Systems
3135
3204
  <param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:4.3"/>
3136
3205
  </fingerprint>
3137
3206
 
3138
- <fingerprint pattern="^(?:\S+ )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime AIX [^:]+: 05\.01\..*$">
3207
+ <fingerprint pattern="^(?:\S{1,1024} )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime AIX [^:]+: 05\.01\..*$">
3139
3208
  <description>IBM AIX 5.1 on PowerPC</description>
3140
3209
  <example>IBM PowerPC CHRP Computer Machine Type: 0x0800004c Processor id: 0059B7BA4C00 Base Operating System Runtime AIX version: 05.01.0000.0051 TCP/IP Client Support version: 05.01.0000.0070</example>
3141
3210
  <example>IBM PowerPC CHRP Computer Machine Type: 0x0800004c Processor id: 009F12264C00 Base Operating System Runtime AIX version: 05.01.0000.0050 TCP/IP Client Support version: 05.01.0000.0050</example>
@@ -3158,7 +3227,7 @@ Copyright (c) 1995-2005 by Cisco Systems
3158
3227
  <param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:5.1"/>
3159
3228
  </fingerprint>
3160
3229
 
3161
- <fingerprint pattern="^(?:\S+ )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Operating System Software: AIX version: 5\.1 Networking Software:.*$">
3230
+ <fingerprint pattern="^(?:\S{1,1024} )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Operating System Software: AIX version: 5\.1 Networking Software:.*$">
3162
3231
  <description>IBM AIX 5.1 on PowerPC - network software variant</description>
3163
3232
  <example>IBM PowerPC CHRP Computer Machine Type: 0x0800004c Processor id: 0008FB8A4C00 Operating System Software: AIX version: 5.1 Networking Software: not available!</example>
3164
3233
  <example>IBM PowerPC CHRP Computer Machine Type: 0x0800004c Processor id: 000BD57F4C00 Operating System Software: AIX version: 5.1 Networking Software: not available!</example>
@@ -3170,7 +3239,7 @@ Copyright (c) 1995-2005 by Cisco Systems
3170
3239
  <param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:5.1"/>
3171
3240
  </fingerprint>
3172
3241
 
3173
- <fingerprint pattern="^(?:\S+ )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime AIX [^:]+: 05\.02\..*$">
3242
+ <fingerprint pattern="^(?:\S{1,1024} )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime AIX [^:]+: 05\.02\..*$">
3174
3243
  <description>IBM AIX 5.2 on PowerPC</description>
3175
3244
  <example>IBM PowerPC CHRP Computer.Machine Type: 0x0800004c Processor id: 00C0E53F4C00.Base Operating System Runtime AIX version: 05.02.0000.0105.TCP/IP Client Support version: 05.02.0000.0107</example>
3176
3245
  <example>IBM PowerPC CHRP Computer Machine Type: 0x0800004c Processor id: 00CBEEFA4C00 Base Operating System Runtime AIX version: 05.02.0000.0075 TCP/IP Client Support version: 05.02.0000.0075</example>
@@ -3197,7 +3266,7 @@ Copyright (c) 1995-2005 by Cisco Systems
3197
3266
  <param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:5.2"/>
3198
3267
  </fingerprint>
3199
3268
 
3200
- <fingerprint pattern="^(?:\S+ )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime AIX [^:]+: 05\.03\..*$">
3269
+ <fingerprint pattern="^(?:\S{1,1024} )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime AIX [^:]+: 05\.03\..*$">
3201
3270
  <description>IBM AIX 5.3 on PowerPC</description>
3202
3271
  <example>IBM PowerPC CHRP Computer.Machine Type: 0x0800004c Processor id: 000A3CD8D600.Base Operating System Runtime AIX version: 05.03.0000.0060.TCP/IP Client Support version: 05.03.0000.0063</example>
3203
3272
  <example>IBM PowerPC CHRP Computer Machine Type: 0x0800004c Processor id: 00F7BF9F4C00 Base Operating System Runtime AIX version: 05.03.0012.0001 TCP/IP Client Support version: 05.03.0012.0005</example>
@@ -3220,7 +3289,7 @@ Copyright (c) 1995-2005 by Cisco Systems
3220
3289
  <param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:5.3"/>
3221
3290
  </fingerprint>
3222
3291
 
3223
- <fingerprint pattern="^(?:\S+ )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime VIOS [^:]+: 05\.03\..*$">
3292
+ <fingerprint pattern="^(?:\S{1,1024} )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime VIOS [^:]+: 05\.03\..*$">
3224
3293
  <description>IBM VIOS 5.3 on PowerPC</description>
3225
3294
  <example>IBM PowerPC CHRP Computer Machine Type: 0x0800004c Processor id: 00018C4AD400 Base Operating System Runtime VIOS version: 05.03.0008.0000 TCP/IP Client Support version: 05.03.0008.0000</example>
3226
3295
  <example>IBM PowerPC CHRP Computer Machine Type: 0x0800004c Processor id: 0002EBDAD700 Base Operating System Runtime VIOS version: 05.03.0008.0000 TCP/IP Client Support version: 05.03.0008.0001</example>
@@ -3237,7 +3306,7 @@ Copyright (c) 1995-2005 by Cisco Systems
3237
3306
  <param pos="0" name="os.cpe23" value="cpe:/o:ibm:vios:5.3"/>
3238
3307
  </fingerprint>
3239
3308
 
3240
- <fingerprint pattern="^(?:\S+ )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime AIX [^:]+: 06\.01\..*$">
3309
+ <fingerprint pattern="^(?:\S{1,1024} )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime AIX [^:]+: 06\.01\..*$">
3241
3310
  <description>IBM AIX 6.1 on PowerPC</description>
3242
3311
  <example>IBM PowerPC CHRP Computer Machine Type: 0x0800004c Processor id: 00F77AEE4C00 Base Operating System Runtime AIX version: 06.01.0006.0015 TCP/IP Client Support version: 06.01.0006.0015</example>
3243
3312
  <example>IBM PowerPC CHRP Computer Machine Type: 0x0800004c Processor id: 00F77C9A4C00 Base Operating System Runtime AIX version: 06.01.0006.0015 TCP/IP Client Support version: 06.01.0006.0015</example>
@@ -3251,7 +3320,7 @@ Copyright (c) 1995-2005 by Cisco Systems
3251
3320
  <param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:6.1"/>
3252
3321
  </fingerprint>
3253
3322
 
3254
- <fingerprint pattern="^(?:\S+ )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime VIOS [^:]+: 06\.01\..*$">
3323
+ <fingerprint pattern="^(?:\S{1,1024} )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime VIOS [^:]+: 06\.01\..*$">
3255
3324
  <description>IBM VIOS 6.1 on PowerPC</description>
3256
3325
  <example>IBM PowerPC CHRP Computer Machine Type: 0x0800004c Processor id: 00055539D600 Base Operating System Runtime VIOS version: 06.01.0007.0000 TCP/IP Client Support version: 06.01.0005.0000</example>
3257
3326
  <param pos="0" name="os.vendor" value="IBM"/>
@@ -3261,7 +3330,7 @@ Copyright (c) 1995-2005 by Cisco Systems
3261
3330
  <param pos="0" name="os.cpe23" value="cpe:/o:ibm:vios:6.1"/>
3262
3331
  </fingerprint>
3263
3332
 
3264
- <fingerprint pattern="^(?:\S+ )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime AIX [^:]+: 07\.01\..*$">
3333
+ <fingerprint pattern="^(?:\S{1,1024} )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime AIX [^:]+: 07\.01\..*$">
3265
3334
  <description>IBM AIX 7.1 on PowerPC</description>
3266
3335
  <example>IBM PowerPC CHRP Computer Machine Type: 0x0800004c Processor id: 000B0148D700 Base Operating System Runtime AIX version: 07.01.0000.0015 TCP/IP Client Support version: 07.01.0000.0015</example>
3267
3336
  <example>IBM PowerPC CHRP Computer Machine Type: 0x0800004c Processor id: 00C5433C4C00 Base Operating System Runtime AIX version: 07.01.0001.0000 TCP/IP Client Support version: 07.01.0001.0003</example>
@@ -3274,7 +3343,7 @@ Copyright (c) 1995-2005 by Cisco Systems
3274
3343
  <param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:7.1"/>
3275
3344
  </fingerprint>
3276
3345
 
3277
- <fingerprint pattern="^(?:\S+ )?UNIX System Machine Type: not available.*Base Operating System Runtime AIX [^:]+: 05\.01\..*$">
3346
+ <fingerprint pattern="^(?:\S{1,1024} )?UNIX System Machine Type: not available.*Base Operating System Runtime AIX [^:]+: 05\.01\..*$">
3278
3347
  <description>IBM AIX 5.1 - unknown machine type variant</description>
3279
3348
  <example>UNIX System Machine Type: not available! Processor id: 0001FDAF4C00 Base Operating System Runtime AIX version: 05.01.0000.0051 TCP/IP Client Support version: 05.01.0000.0070</example>
3280
3349
  <param pos="0" name="os.vendor" value="IBM"/>
@@ -3284,7 +3353,7 @@ Copyright (c) 1995-2005 by Cisco Systems
3284
3353
  <param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:5.1"/>
3285
3354
  </fingerprint>
3286
3355
 
3287
- <fingerprint pattern="^(?:\S+ )?UNIX System Machine Type: not available.*Base Operating System Runtime AIX [^:]+: 05\.02\..*$">
3356
+ <fingerprint pattern="^(?:\S{1,1024} )?UNIX System Machine Type: not available.*Base Operating System Runtime AIX [^:]+: 05\.02\..*$">
3288
3357
  <description>IBM AIX 5.2 - unknown machine type variant</description>
3289
3358
  <example>UNIX System Machine Type: not available! Processor id: 0001FDAF4C00 Base Operating System Runtime AIX version: 05.02.0000.0105 TCP/IP Client Support version: 05.02.0000.0107</example>
3290
3359
  <param pos="0" name="os.vendor" value="IBM"/>
@@ -3294,7 +3363,7 @@ Copyright (c) 1995-2005 by Cisco Systems
3294
3363
  <param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:5.2"/>
3295
3364
  </fingerprint>
3296
3365
 
3297
- <fingerprint pattern="^(?:\S+ )?UNIX System Machine Type: not available.*Base Operating System Runtime AIX [^:]+: 05\.03\..*$">
3366
+ <fingerprint pattern="^(?:\S{1,1024} )?UNIX System Machine Type: not available.*Base Operating System Runtime AIX [^:]+: 05\.03\..*$">
3298
3367
  <description>IBM AIX 5.3 - unknown machine type variant</description>
3299
3368
  <example>UNIX System Machine Type: not available! Processor id: 0001FDAF4C00 Base Operating System Runtime AIX version: 05.03.0000.0050 TCP/IP Client Support version: 05.03.0000.0053</example>
3300
3369
  <param pos="0" name="os.vendor" value="IBM"/>
@@ -3304,7 +3373,7 @@ Copyright (c) 1995-2005 by Cisco Systems
3304
3373
  <param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:5.3"/>
3305
3374
  </fingerprint>
3306
3375
 
3307
- <fingerprint pattern="^(?:\S+ )?UNIX System Machine Type: not available.*Base Operating System Runtime AIX [^:]+: 06\.01\..*$">
3376
+ <fingerprint pattern="^(?:\S{1,1024} )?UNIX System Machine Type: not available.*Base Operating System Runtime AIX [^:]+: 06\.01\..*$">
3308
3377
  <description>IBM AIX 6.1 - unknown machine type variant</description>
3309
3378
  <example>UNIX System Machine Type: not available! Processor id: 0001FDAF4C00 Base Operating System Runtime AIX version: 06.01.0007.0000 TCP/IP Client Support version: 06.01.0005.0000</example>
3310
3379
  <param pos="0" name="os.vendor" value="IBM"/>
@@ -3314,7 +3383,7 @@ Copyright (c) 1995-2005 by Cisco Systems
3314
3383
  <param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:6.1"/>
3315
3384
  </fingerprint>
3316
3385
 
3317
- <fingerprint pattern="^(?:\S+ )?UNIX System Machine Type: not available.*Base Operating System Runtime AIX [^:]+: 07\.01\..*$">
3386
+ <fingerprint pattern="^(?:\S{1,1024} )?UNIX System Machine Type: not available.*Base Operating System Runtime AIX [^:]+: 07\.01\..*$">
3318
3387
  <description>IBM AIX 7.1 - unknown machine type variant</description>
3319
3388
  <example>UNIX System Machine Type: not available! Processor id: 0001FDAF4C00 Base Operating System Runtime AIX version: 07.01.0001.0000 TCP/IP Client Support version: 07.01.0001.0002</example>
3320
3389
  <param pos="0" name="os.vendor" value="IBM"/>
@@ -4785,7 +4854,7 @@ Copyright (c) 1995-2005 by Cisco Systems
4785
4854
  <param pos="0" name="os.vendor" value="NetApp"/>
4786
4855
  <param pos="0" name="os.family" value="Data ONTAP"/>
4787
4856
  <param pos="0" name="os.product" value="Data ONTAP"/>
4788
- <param pos="0" name="os.device" value="File Server"/>
4857
+ <param pos="0" name="os.device" value="NAS"/>
4789
4858
  <param pos="1" name="os.version"/>
4790
4859
  <param pos="0" name="os.cpe23" value="cpe:/o:netapp:data_ontap:{os.version}"/>
4791
4860
  </fingerprint>
@@ -4853,6 +4922,7 @@ Copyright (c) 1995-2005 by Cisco Systems
4853
4922
  <param pos="0" name="os.product" value="NetScaler"/>
4854
4923
  <param pos="1" name="os.version"/>
4855
4924
  <param pos="2" name="os.version.version"/>
4925
+ <param pos="0" name="os.cpe23" value="cpe:/o:citrix:netscaler_firmware:{os.version}"/>
4856
4926
  </fingerprint>
4857
4927
 
4858
4928
  <!--======================================================================
@@ -5496,14 +5566,28 @@ Copyright (c) 1995-2005 by Cisco Systems
5496
5566
  <example>Palo Alto Networks PA-4000 series firewall</example>
5497
5567
  <param pos="0" name="os.vendor" value="Palo Alto Networks"/>
5498
5568
  <param pos="0" name="os.device" value="Firewall"/>
5499
- <param pos="1" name="os.product"/>
5569
+ <param pos="0" name="os.product" value="PAN-OS"/>
5570
+ <param pos="0" name="os.family" value="PAN-OS"/>
5571
+ <param pos="0" name="os.cpe23" value="cpe:/o:paloaltonetworks:pan-os:-"/>
5572
+ <param pos="0" name="service.vendor" value="Palo Alto Networks"/>
5573
+ <param pos="0" name="service.device" value="Firewall"/>
5574
+ <param pos="0" name="hw.vendor" value="Palo Alto Networks"/>
5575
+ <param pos="0" name="hw.device" value="Firewall"/>
5576
+ <param pos="1" name="hw.product"/>
5500
5577
  </fingerprint>
5501
5578
 
5502
5579
  <fingerprint pattern="^Palo Alto Networks Panorama server$">
5503
5580
  <description>Palo Alto Panorama</description>
5504
5581
  <example>Palo Alto Networks Panorama server</example>
5505
5582
  <param pos="0" name="os.vendor" value="Palo Alto Networks"/>
5506
- <param pos="0" name="os.product" value="Panorama Server"/>
5583
+ <param pos="0" name="os.product" value="PAN-OS"/>
5584
+ <param pos="0" name="os.family" value="PAN-OS"/>
5585
+ <param pos="0" name="os.device" value="Firewall"/>
5586
+ <param pos="0" name="os.cpe23" value="cpe:/o:paloaltonetworks:pan-os:-"/>
5587
+ <param pos="0" name="service.vendor" value="Palo Alto Networks"/>
5588
+ <param pos="0" name="service.product" value="Panorama Server"/>
5589
+ <param pos="0" name="service.device" value="Firewall"/>
5590
+ <param pos="0" name="hw.vendor" value="Palo Alto Networks"/>
5507
5591
  </fingerprint>
5508
5592
 
5509
5593
  <!--======================================================================
@@ -6094,6 +6178,7 @@ Copyright (c) 1995-2005 by Cisco Systems
6094
6178
  <param pos="0" name="os.vendor" value="SonicWall"/>
6095
6179
  <param pos="0" name="os.device" value="Firewall"/>
6096
6180
  <param pos="0" name="os.product" value="SonicOS"/>
6181
+ <param pos="0" name="hw.vendor" value="SonicWall"/>
6097
6182
  <param pos="1" name="hw.product"/>
6098
6183
  <param pos="2" name="hw.model"/>
6099
6184
  <param pos="3" name="os.version"/>
@@ -6107,6 +6192,7 @@ Copyright (c) 1995-2005 by Cisco Systems
6107
6192
  <param pos="0" name="os.vendor" value="SonicWall"/>
6108
6193
  <param pos="0" name="os.device" value="Firewall"/>
6109
6194
  <param pos="0" name="os.product" value="SonicOS"/>
6195
+ <param pos="0" name="hw.vendor" value="SonicWall"/>
6110
6196
  <param pos="1" name="hw.product"/>
6111
6197
  <param pos="2" name="os.version"/>
6112
6198
  <param pos="0" name="os.cpe23" value="cpe:/o:sonicwall:sonicos:{os.version}"/>
@@ -6126,6 +6212,7 @@ Copyright (c) 1995-2005 by Cisco Systems
6126
6212
  <param pos="0" name="os.device" value="Firewall"/>
6127
6213
  <param pos="0" name="os.product" value="SonicOS"/>
6128
6214
  <param pos="0" name="os.cpe23" value="cpe:/o:sonicwall:sonicos:-"/>
6215
+ <param pos="0" name="hw.vendor" value="SonicWall"/>
6129
6216
  <param pos="1" name="hw.family"/>
6130
6217
  <param pos="2" name="hw.product"/>
6131
6218
  </fingerprint>
@@ -6178,7 +6265,7 @@ Copyright (c) 1995-2005 by Cisco Systems
6178
6265
  SGI
6179
6266
  =======================================================================-->
6180
6267
 
6181
- <fingerprint pattern="^.* IRIX (?:version )?(\d+\S+).*$">
6268
+ <fingerprint pattern="^.{0,256} IRIX (?:version )?(\d+\S+).*$">
6182
6269
  <description>SGI IRIX</description>
6183
6270
  <example os.version="6.5">Silicon Graphics IRIS Indigo2 running IRIX version 6.5</example>
6184
6271
  <example os.version="5.3">Silicon Graphics IRIS Indigo2 Elan running IRIX 5.3</example>
@@ -6193,7 +6280,7 @@ Copyright (c) 1995-2005 by Cisco Systems
6193
6280
  <param pos="0" name="os.cpe23" value="cpe:/o:sgi:irix:{os.version}"/>
6194
6281
  </fingerprint>
6195
6282
 
6196
- <fingerprint pattern="^.* IRIX64 (?:version )?(\d+\S+).*$">
6283
+ <fingerprint pattern="^.{0,256} IRIX64 (?:version )?(\d+\S+).*$">
6197
6284
  <description>SGI IRIX64</description>
6198
6285
  <example os.version="6.5">Silicon Graphics Challenge/1 running IRIX64 6.5</example>
6199
6286
  <example os.version="6.5">Silicon Graphics Fuel running IRIX64 version 6.5</example>
@@ -6923,6 +7010,73 @@ Copyright (c) 1995-2005 by Cisco Systems
6923
7010
  <param pos="0" name="os.device" value="Multifunction Device"/>
6924
7011
  </fingerprint>
6925
7012
 
7013
+ <!--======================================================================
7014
+ UBIQUITI
7015
+ =======================================================================-->
7016
+
7017
+ <fingerprint pattern="^(UAP-[^\s]+) ([0-9][.a-zA-Z0-9\-]+)$">
7018
+ <description>Ubiquiti Wireless UAP</description>
7019
+ <example hw.product="UAP-AC-Mesh-Pro" hw.version="4.3.20.11298">UAP-AC-Mesh-Pro 4.3.20.11298</example>
7020
+ <param pos="0" name="hw.vendor" value="Ubiquiti"/>
7021
+ <param pos="0" name="hw.device" value="WAP"/>
7022
+ <param pos="1" name="hw.product"/>
7023
+ <param pos="2" name="hw.version"/>
7024
+ <param pos="0" name="os.vendor" value="Ubiquiti"/>
7025
+ <param pos="0" name="os.family" value="Linux"/>
7026
+ <param pos="0" name="os.device" value="WAP"/>
7027
+ </fingerprint>
7028
+
7029
+ <fingerprint pattern="^(EdgeSwitch [^,]+), ([0-9][.a-zA-Z0-9\-]+), Linux ([0-9][.a-zA-Z0-9\-]+)">
7030
+ <description>Ubiquiti EdgeSwitch w/Version and Linux version</description>
7031
+ <example hw.product="EdgeSwitch 48-Port Lite" hw.version="1.8.1.5145168" os.version="3.6.5-1b505fb7">EdgeSwitch 48-Port Lite, 1.8.1.5145168, Linux 3.6.5-1b505fb7, 1.1.0.5102011</example>
7032
+ <param pos="0" name="hw.vendor" value="Ubiquiti"/>
7033
+ <param pos="0" name="hw.device" value="Switch"/>
7034
+ <param pos="1" name="hw.product"/>
7035
+ <param pos="2" name="hw.version"/>
7036
+ <param pos="0" name="os.vendor" value="Ubiquiti"/>
7037
+ <param pos="0" name="os.family" value="Linux"/>
7038
+ <param pos="0" name="os.device" value="Switch"/>
7039
+ <param pos="3" name="os.version"/>
7040
+ </fingerprint>
7041
+
7042
+ <fingerprint pattern="^(USW GigaBit Ethernet Switch), firmware v?([0-9][.a-zA-Z0-9\-]+)$">
7043
+ <description>Ubiquiti GigaBit Ethernet Switch w/Version</description>
7044
+ <example hw.product="USW GigaBit Ethernet Switch" hw.version="5.34.0.12180">USW GigaBit Ethernet Switch, firmware 5.34.0.12180</example>
7045
+ <example hw.product="USW GigaBit Ethernet Switch" hw.version="4.3.20.1129">USW GigaBit Ethernet Switch, firmware v4.3.20.1129</example>
7046
+ <param pos="0" name="hw.vendor" value="Ubiquiti"/>
7047
+ <param pos="0" name="hw.device" value="Switch"/>
7048
+ <param pos="1" name="hw.product"/>
7049
+ <param pos="2" name="hw.version"/>
7050
+ <param pos="0" name="os.vendor" value="Ubiquiti"/>
7051
+ <param pos="0" name="os.family" value="Linux"/>
7052
+ <param pos="0" name="os.device" value="Switch"/>
7053
+ </fingerprint>
7054
+
7055
+ <fingerprint pattern="^(USW-[^\s]+), ([0-9][.a-zA-Z0-9\-]+), Linux ([0-9][.a-zA-Z0-9\-]+)$">
7056
+ <description>Ubiquiti Switch w/Version and Linux version</description>
7057
+ <example hw.product="USW-8P-60" hw.version="4.3.20.11298" os.version="3.6.5">USW-8P-60, 4.3.20.11298, Linux 3.6.5</example>
7058
+ <param pos="0" name="hw.vendor" value="Ubiquiti"/>
7059
+ <param pos="0" name="hw.device" value="Switch"/>
7060
+ <param pos="1" name="hw.product"/>
7061
+ <param pos="2" name="hw.version"/>
7062
+ <param pos="0" name="os.vendor" value="Ubiquiti"/>
7063
+ <param pos="0" name="os.family" value="Linux"/>
7064
+ <param pos="0" name="os.device" value="Switch"/>
7065
+ <param pos="3" name="os.version"/>
7066
+ </fingerprint>
7067
+
7068
+ <fingerprint pattern="^(USW-[^\s]+), ([0-9][.a-zA-Z0-9\-]+)$">
7069
+ <description>Ubiquiti Switch w/Version (no Linux version)</description>
7070
+ <example hw.product="USW-5-Flex" hw.version="4.0.80.10875">USW-5-Flex, 4.0.80.10875</example>
7071
+ <param pos="0" name="hw.vendor" value="Ubiquiti"/>
7072
+ <param pos="0" name="hw.device" value="Switch"/>
7073
+ <param pos="1" name="hw.product"/>
7074
+ <param pos="2" name="hw.version"/>
7075
+ <param pos="0" name="os.vendor" value="Ubiquiti"/>
7076
+ <param pos="0" name="os.family" value="Linux"/>
7077
+ <param pos="0" name="os.device" value="Switch"/>
7078
+ </fingerprint>
7079
+
6926
7080
  <!--======================================================================
6927
7081
  UNISYS
6928
7082
  =======================================================================-->
@@ -6948,15 +7102,30 @@ Copyright (c) 1995-2005 by Cisco Systems
6948
7102
  VMware
6949
7103
  =======================================================================-->
6950
7104
 
6951
- <fingerprint pattern="^(VMware ESXi?) (\d\.\d+\.\d+) build-\d+ VMware, Inc\. (\S+)$">
6952
- <description>VMware ESX/ESXi</description>
6953
- <example os.product="VMware ESXi" os.version="5.1.0" os.arch="x86_64">VMware ESXi 5.1.0 build-1157734 VMware, Inc. x86_64</example>
6954
- <example os.product="VMware ESX" os.version="5.0.0" os.arch="x86_64">VMware ESX 5.0.0 build-623860 VMware, Inc. x86_64</example>
7105
+ <fingerprint pattern="^VMware ESXi (\d\.\d+\.\d+) build-\d+ VMware, Inc\. (\S+)$">
7106
+ <description>VMware ESXi</description>
7107
+ <example os.version="5.1.0" os.arch="x86_64">VMware ESXi 5.1.0 build-1157734 VMware, Inc. x86_64</example>
6955
7108
  <param pos="0" name="os.vendor" value="VMware"/>
6956
7109
  <param pos="0" name="os.family" value="VMware ESX/ESXi"/>
6957
- <param pos="1" name="os.product"/>
6958
- <param pos="2" name="os.version"/>
6959
- <param pos="3" name="os.arch"/>
7110
+ <param pos="0" name="os.product" value="VMware ESXi Server"/>
7111
+ <param pos="1" name="os.version"/>
7112
+ <param pos="2" name="os.arch"/>
7113
+ <param pos="0" name="os.device" value="Hypervisor"/>
7114
+ <param pos="0" name="os.cpe23" value="cpe:/o:vmware:esxi:{os.version}"/>
7115
+ <param pos="0" name="hw.device" value="Hypervisor"/>
7116
+ </fingerprint>
7117
+
7118
+ <fingerprint pattern="^VMware ESX (\d\.\d+\.\d+) build-\d+ VMware, Inc\. (\S+)$">
7119
+ <description>VMware ESX</description>
7120
+ <example os.version="5.0.0" os.arch="x86_64">VMware ESX 5.0.0 build-623860 VMware, Inc. x86_64</example>
7121
+ <param pos="0" name="os.vendor" value="VMware"/>
7122
+ <param pos="0" name="os.family" value="VMware ESX/ESXi"/>
7123
+ <param pos="0" name="os.product" value="VMware ESX Server"/>
7124
+ <param pos="1" name="os.version"/>
7125
+ <param pos="2" name="os.arch"/>
7126
+ <param pos="0" name="os.device" value="Hypervisor"/>
7127
+ <param pos="0" name="os.cpe23" value="cpe:/o:vmware:esx:{os.version}"/>
7128
+ <param pos="0" name="hw.device" value="Hypervisor"/>
6960
7129
  </fingerprint>
6961
7130
 
6962
7131
  <fingerprint pattern="^&quot;vSphere Management Assistant ([\d\.]+)&quot;$">