Cisco Cisco Firepower Management Center 4000

From any page on a workflow, click 

.

Select 

, then select the type of events you want to search for.

The Search page appears.

From the list of saved searches on the left of the page, select the search you want to load and click 

.

Settings from the saved search populates the search constraints fields.

Optionally, change the search constraints.

Click 

.

The events that match your search constraints appear.

Any

If you have saved searches, you can delete them from the Search page.

Admin/Any Security Analyst

You have two options:

From any page on a workflow, click 

.

Select 

, then select the event type for the search that you want to delete.

The Search page appears.

From the list of saved searches, select the search you want to delete and click 

.

The search is deleted.

Any

Many text fields on search pages allow you to use an asterisk (*) to match characters in a string. For 
example, specifying 

net*

 matches 

network

, 

netware

, 

netscape

, and so on.

If you want to search for non-alphanumeric characters (including the asterisk character), enclose the 
search string in quotation marks. For example, to search for the string:

Find an asterisk (*)

enter:

“Find an asterisk (*)”

Note that in text fields that allow a wildcard, you must use the wildcard if you want to match a partial 
string. For example, if you are searching the audit log for all audit records that involve page views (that 
is, the message is Page View), searching for 

Page

 returns no results. Instead, specify 

Page*

.