Cisco Cisco Firepower Management Center 4000

These statistics include the following:

 shows the number of events in the intrusion event database.

 shows the currently selected time range as well as the number and percentage of 

events from the database that fall within the time range.

 shows the event message for the first event in the event database.

 shows the event message for the last event in the event database.

On the Defense Center, note that if you selected a managed device, the Event Overview section for that 
device appears instead.

Protection

The Event Statistics section of the Intrusion Event Statistics page provides more specific information 
about of the information in the intrusion event database.

This information includes details on:

the top 10 event types

the top 10 source IP addressees

the top 10 destination IP addresses

the top 10 destination ports

the protocols, ingress and egress security zones, and devices with the greatest number of events

Protection

The intrusion event performance page allows you to generate graphs that depict performance statistics 
for intrusion events over a specific period of time. Graphs can be generated to reflect number of intrusion 
events per second, number of megabits per second, average number of bytes per packet, the percent of 
packets uninspected by Snort, and the number of packets blocked as the result of TCP normalization. 
These graphs can show statistics for the last hour, last day, last week, or last month of operation.

See 

 for more information.

Admin/Maint

Select 

.

The Intrusion Event Performance page appears.