Cisco Cisco Firepower Management Center 4000

Each table view or graph contains information about the connections or connection summaries you are 
viewing, including timestamps, IP addresses, applications, and so on. The information available for any 
individual connection detected by the FireSIGHT System depends on several factors, including detection 
method and logging options. For more information, see 

 and 

The Connection Summary dashboard can provide you with an at-a-glance view of the connections 
logged by the system, and the Summary Dashboard displays Security Intelligence event data. For more 
information, see 

.

Admin/Any Security Analyst

You have two options:

To view connection events, select 

.

To view Security Intelligence events, select 

.

The first page of the default connection or Security Intelligence workflow appears. For connection 
events, there are two possibilities:

The workflow page displays a graph. See 

 for 

information on the actions you can perform.

The workflow page displays a table. See 

 for information on the actions you can perform.

For Security Intelligence events, the workflow page displays a table.

To use a different workflow, including a custom workflow, click 

 by the workflow title. 

For information on specifying a different default workflow, see 

. If no events appear, you may need to adjust the time range; see 

.

Any

One of the ways the system can present connection data is graphically. There are three different types of 
connection graphs: line graphs, bar graphs, and pie charts. Bar graphs and line graphs can display 
multiple datasets; that is, they can display several values on the y-axis for each x-axis data point.

You can manipulate connection graphs in various ways, including:

changing the type of data that the graph displays

switching between graph types

constraining the graph so it shows data for specific time ranges, hosts, applications, ports, and 
devices