Cisco Cisco Firepower Management Center 2000

When you view any of the kinds of data described in the above table, events appear on the first page of 
the default workflow for that data.

Also note that workflow access depends on your user role (see 

), as 

follows:

Administrator users can access any workflow, and are the only users who can access the audit log, 
scan results, and the rule update import log.

Maintenance Users can access health events.

Security Analyst and Security Analyst (Read Only) users can access intrusion, malware, file, 
connection, discovery, vulnerability, correlation, and health workflows.

Admin/Any Security Analyst

Select the appropriate menu path and option as described in the 

 table.

The first page of the default workflow for that data type appears. For information on specifying a 
different default workflow, see 

Optionally, use a different workflow. Click 

 next to the workflow title, then select the 

workflow you want to use.

The first page of your selected workflow appears.

Any

Each page in a workflow includes a toolbar that offers quick access to related features. The following 
table describes each of the links on the toolbar.

Vulnerability events

Analysis > Vulnerabilities

Vulnerabilities

Third-Party Vulnerabilities

Correlation events

Analysis > Correlation 

Correlation Events

White List Events

White List Violations

Status

Audit events

System > Monitoring

Audit

Health events

Health > Health Events

n/a

Rule Update Import Log

System > Updates

n/a

Scan Results

Policies > Actions > Scanners

n/a