Cisco Cisco Firepower Management Center 4000
4-25
FireSIGHT System User Guide
Chapter 4 Using the Context Explorer
Understanding the Context Explorer
Hover your pointer over any part of the graph to view more detailed information. Click any part of the
graph to filter or drill down on that information.
graph to filter or drill down on that information.
Tip
To constrain the graph so it displays only hosts receiving malware, hover your pointer over the graph,
then click
then click
Malware
on the toggle button that appears. Click
Files
to return to the default files view. Note
that navigating away from the Context Explorer also returns the graph to the default files view.
Note that you must have a Malware license and enable malware detection for this graph to include
network-based malware data. Note also that neither the DC500 Defense Center nor Series 2 devices
support advanced malware detection, so the DC500 Defense Center cannot display this data and Series 2
devices do not detect it. See
network-based malware data. Note also that neither the DC500 Defense Center nor Series 2 devices
support advanced malware detection, so the DC500 Defense Center cannot display this data and Series 2
devices do not detect it. See
.
This graph draws data primarily from the File Events table.
Viewing the Top Malware Detections Graph
License:
Protection or Malware
Supported Devices:
feature dependent
Supported Defense Centers:
feature dependent
The Top Malware Detections graph, in bar form, displays counts of the top malware threats detected on
your network and, if you have a FireAMP subscription, on the endpoints where your users installed
FireAMP Connectors.
your network and, if you have a FireAMP subscription, on the endpoints where your users installed
FireAMP Connectors.