Cisco Cisco Firepower Management Center 4000

For more information on searching, including how to load and delete saved searches, see 

Admin 

Select 

.

The Remediation Status search page appears.

To search the database for a different kind of event, select it from the 

 drop-down list.

Optionally, if you want to save the search, enter a name for the search in the 

 field.

If you do not enter a name, one is automatically created when you save the search.

Enter your search criteria in the appropriate fields, as described in the 

 table. If you enter multiple criteria, the search returns only the records that match all the criteria.

Result Message

Enter the exact name of the result message (a message that describes what happened when the 
remediation was launched) you want to match. Valid status messages are:

Successful completion of remediation

Error in the input provided to the remediation module

Error in the remediation module configuration 

Error logging into the remote device or server

Unable to gain required privileges on remote device or server

Timeout logging into remote device or server

Timeout executing remote commands or servers

The remote device or server was unreachable

The remediation was attempted but failed

Failed to execute remediation program

Unknown/unexpected error

If you installed custom remediation modules, you may be able to enter additional status 
messages implemented by the custom module.

Time

Specify the date and time the Defense Center launched the remediation. See 

 for the syntax for entering time.

Remediation Name

Enter the exact name of the remediation that was launched. This is the name you specified when you 
created the remediation.

Policy

Enter the name of the correlation policy that triggered the remediation.

Rule

Enter the name of the correlation rule that triggered the remediation.