Cisco Cisco Firepower Management Center 4000
3-19
FireSIGHT System User Guide
Chapter 3 Using Dashboards
Understanding the Predefined Widgets
Files Stored over Time
Displays a graph of the total number of files
stored on managed devices, over the dashboard
time range.
stored on managed devices, over the dashboard
time range.
Files Dashboard
Malware
Hosts Receiving Files
Displays the number of files received
(downloaded) by host IP addresses on your
network, grouped by IP address.
(downloaded) by host IP addresses on your
network, grouped by IP address.
Files Dashboard
Protection
Hosts Receiving Malware
Displays the number of malware files received
by host IP addresses on your network, grouped
by IP address.
by host IP addresses on your network, grouped
by IP address.
Files Dashboard
Malware license
or FireAMP
subscription
or FireAMP
subscription
Hosts Sending Files
Displays the number of files sent (uploaded)
from host IP addresses on your network,
grouped by IP address.
from host IP addresses on your network,
grouped by IP address.
Files Dashboard
Protection
Hosts Sending Malware
Displays the number of malware files sent from
host IP addresses on your network, grouped by
IP address.
host IP addresses on your network, grouped by
IP address.
Files Dashboard
Malware
Impact
X
Events by
Application
Displays number of events of estimated impact
level
level
X
(where
X
is a number 0-4), grouped by
application.
Application Statistics
Protection +
FireSIGHT
FireSIGHT
Impact Level
X
Events by
Application Protocol
Displays number of events of estimated impact
level
level
X
(where
X
is a number 1-2), grouped by
application protocol.
Summary Dashboard
Protection +
FireSIGHT
FireSIGHT
Impact Level
X
Events by
User
Displays number of events of estimated impact
level
level
X
(where
X
is a number 0-4), grouped by
user.
User Statistics
Protection +
FireSIGHT
FireSIGHT
Indications of Compromise
by Host
by Host
Displays number of triggered indications of
compromise, grouped by associated host IP
address.
compromise, grouped by associated host IP
address.
Summary Dashboard
FireSIGHT
Intrusion Events Requiring
Analysis
Analysis
Displays a count of intrusion events requiring
analysis, based on event classification.
analysis, based on event classification.
Detailed Dashboard
Protection +
FireSIGHT
FireSIGHT
Intrusion Events by
Destination Continent
Destination Continent
Displays continents targeted by intrusion
events, based on the number of events
associated with each continent.
events, based on the number of events
associated with each continent.
Summary Dashboard
FireSIGHT
Intrusion Events by
Destination Country
Destination Country
Displays countries targeted by intrusion
events, based on the number of events
associated with each country.
events, based on the number of events
associated with each country.
Summary Dashboard
FireSIGHT
Intrusion Events by Source
Continent
Continent
Displays continents where intrusion events
originated, based on the number of events
originated from each continent.
originated, based on the number of events
originated from each continent.
Summary Dashboard
FireSIGHT
Intrusion Events by Source
Country
Country
Displays countries where intrusion events
originated, based on the number of events
originated from each country.
originated, based on the number of events
originated from each country.
Summary Dashboard
FireSIGHT
Intrusion Events to High
Criticality Hosts
Criticality Hosts
Displays intrusion events, based on the number
of intrusion events occurring on high criticality
hosts.
of intrusion events occurring on high criticality
hosts.
Detailed Dashboard
Protection +
FireSIGHT
FireSIGHT
Table 3-5
Custom Analysis Widget Presets (continued)
Preset
Description
Predefined Dashboards
Licenses