Cisco Cisco Firepower Management Center 4000

For more information on the related FireSIGHT System dashboard, see 

.

FireSIGHT

The Context Explorer comprises several distinct sections that together offer a complete overview of 
FireSIGHT data on your monitored network. The first section, a line chart of traffic and event counts 
over time, provides an at-a-glance picture of recent trends in your network’s activity. 

The other sections are sets of interactive graphs and lists that provide greater detail for indications of 
compromise, network, application, Security Intelligence, intrusion, file, geolocation, and URL data. 
Except for the traffic and events time graph, you can view or hide any section. You can also apply filters 
to constrain the data that appears in all sections; see 

 for more information.

For in-depth information on the content and function of Context Explorer sections, see the following 
topics:

Displayable data

Anything monitored by the FireSIGHT System Applications, application statistics, 

geolocation, indications of compromise, 
intrusion events, files (including malware 
files), hosts, Security Intelligence events, 
servers, users, and URLs

Customizability

Selection of widgets for a dashboard is 
customizable

Individual widgets can be customized to 
varying degrees

Cannot change base layout

Applied filters appear in explorer URL and 
can be bookmarked for later use

Data update frequency

Automatic (default); user-configured

Manual

Data filtering

Possible for some widgets (must edit widget 
preferences)

Possible for all parts of the explorer, with 
support for multiple filters

Graphical context

Some widgets (particularly Custom Analysis) 
can display data in graph form

Extensive graphical context for all data, 
including uniquely detailed donut graphs

Links to relevant web 
interface pages

In some widgets

In every section

Time range of displayed 
data

User-configured

User-configured