Cisco Cisco Firepower Management Center 4000

The Custom Tables page appears.

Click 

.

The Create Custom Table page appears.

In the 

 field, type a name for the custom table, such as 

Correlation Events with Host 

Information (Src IP)

.

From the 

 drop-down list, select 

.

The fields in the Correlation Events table appear in the 

 list.

Under 

, select 

 and click 

 to add the date and time when a correlation event was generated.

Repeat step 

 and 

 fields.

You can use Ctrl or Shift while clicking to select multiple fields. You can also click and drag to select 
multiple adjacent values. However, if you want to specify the order the fields appear in the table view of 
events associated with the table, add the fields one at a time.

From the 

 drop-down list, select 

.

The fields in the Hosts table appear in the 

 list. For more information on these fields, see 

.

Add the 

, 

, 

, 

, and 

 fields to the custom table.

Under 

, next to 

, select 

.

Your custom table is configured to display the host information you chose in step 

initiating, hosts involved in correlation events.

You could create a custom table that displays detailed host information for the destination, or 
responding, hosts involved in a correlation event by following this procedure but selecting 

 

instead of 

.

Click 

.

The custom table is saved.

FireSIGHT

You can add or delete fields in a custom table as your needs change.

Any/Admin 

Select 

.

The Custom Tables page appears.

Click the edit icon (

) next to the table you want to edit.