Cisco Cisco Firepower Management Center 4000
5-25
FireSIGHT System User Guide
Chapter 5 Managing Reusable Objects
Working with Variable Sets
When you specify whether you want to add a network or port variable type, the page refreshes to list
available items. A search field above the list allows you to constrain the list, which updates as you type.
available items. A search field above the list allows you to constrain the list, which updates as you type.
You can select and drag available items the list of items to include or exclude. You can also select items
and click the
and click the
Include
or
Exclude
button. Use the Ctrl and Shift keys to select multiple items. You can use
the configuration field below the list of included or excluded items to specify literal IP addresses and
address blocks for network variables, and ports and port ranges for port variables.
address blocks for network variables, and ports and port ranges for port variables.
A list of items to include or exclude can be comprised of any combination of literal strings and existing
variables, objects, and network object groups in the case of network variables.
variables, objects, and network object groups in the case of network variables.
The following table summarizes the actions you can take to create or edit your variables.
Table 5-5
Variable Edit Actions
To...
You can...
display the variables page
on the variable sets page, click
Add
to add a new variable, or click the edit icon (
)
next to an existing variable.
name your variable
in the
Name
field, type a unique, case-sensitive alphanumeric string that includes no
special characters other than the underscore character (_).
Note that variable names are case-sensitive; for example,
va
r and
Var
are each unique.
specify a network or port variable
select
Network
or
Port
from the
Type
drop-down list.
See
for detailed information on how you can use and configure network and port
variables.
add an individual network object so
you can then select it from the list of
available networks
you can then select it from the list of
available networks
select
Network
from the
Type
drop-down list, then click the add icon (
). See
for information on adding network objects using the
object manager.
add an individual port object so you
can then select it from the list of
available ports
can then select it from the list of
available ports
select
Port
from the
Type
drop-down list, then click the add icon (
).
Although you can add any port type, only TCP and UDP ports, including the value
any
for either type, are valid variable values, and the list of available ports only displays
variables that use these value types. See
variables that use these value types. See
for
information on adding port objects using the object manager.
search for available port or network
items by name
items by name
begin typing a name in the search field above the list of available items; as you type,
the page refreshes to display matching names.
the page refreshes to display matching names.
clear name searching
click the reload icon (
) above the search field or the clear icon (
) in the search
field.
differentiate between available items look for items next to the variables icon (
), network object icon (
), port icon
(
), and object group icon (
).
Note that only network groups, not port groups, are available.
select objects to include or exclude in
the variable definition
the variable definition
click the object in the list of available networks or ports; use the Ctrl and Shift keys to
select multiple objects.
select multiple objects.
add selected items to the list of
included or excluded networks or
ports
included or excluded networks or
ports
drag and drop selected items. Alternately, click
Include
or
Exclude
.
You can add network and port variables and objects from the list of available items.
You can also add network object groups.
You can also add network object groups.