Cisco Cisco Firepower Management Center 4000

Protection

You can filter the rules you display on the Rules page by a single criteria, or a combination of one or 
more criteria. 

The filter you construct is shown in the Filter text box. You can click keywords and keyword arguments 
in the filter panel to construct a filter. When you select multiple keywords, the system combines them 
using AND logic to create a compound search filter. For example, if you select 

 under 

 and then select 

 and enter 

116

, you get a filter of 

Category: “preprocessor” 

GID:”116”

 which retrieves all rules that are preprocessor rules and have a GID of 116.

The Category, Microsoft Vulnerabilities, Microsoft Worms, Platform Specific, Preprocessor, and 
Priority filter groups allow you to submit more than one argument for a keyword, separated by commas. 
For example, you can press Shift and then select 

 and 

 from 

 to produce the 

filter 

Category:"os-windows,os-linux"

, which retrieves any rules in the 

os-linux

 category or in the 

os-windows

 category.

To show the filter panel, click the show icon (

).

To hide the filter panel, click the hide icon (

).

For more information, see the following topics:

Protection

Rule filter keywords help you find the rules for which you want to apply rule settings, such as rule states 
or event filters. You can filter by a keyword and simultaneously select the argument for the keyword by 
selecting the argument you want from the Rules page filter panel.

For more information, see the following sections:

Protection

In most cases, when you are building a filter, you can use the filter panel to the left of the Rules page in 
the intrusion policy to select the keywords/arguments you want to use. 

Rule filters are grouped into rule filter groups in the filter panel. Many rule filter groups contain 
sub-criteria so that you can more easily find the specific rules you are looking for. Some of the rule filters 
have multiple levels that you expand to drill down to individual rules.