Cisco Cisco FirePOWER Appliance 8360
34-35
FireSIGHT System User Guide
Chapter 34 Analyzing Malware and File Activity
Working with Network File Trajectory
•
if another IP address was involved, any endpoint-based malware events involving the other IP
address
address
The following screenshot shows the path highlighted after clicking an event icon:
All IP addresses and timestamps associated with any highlighted data point are also highlighted. The
corresponding event in the Events table is also highlighted. If a path includes truncated events, the path
itself is highlighted with a dotted line. Truncated events might intersect the path, but are not displayed
in the map.
corresponding event in the Events table is also highlighted. If a path includes truncated events, the path
itself is highlighted with a dotted line. Truncated events might intersect the path, but are not displayed
in the map.
Events Table
License:
Malware or Any
Supported Devices:
feature dependent
Supported Defense Centers:
feature dependent
The Events table lists event information for each data point in the map. You can sort events in ascending
or descending order by clicking the column headers. You can highlight a data point in the map by
selecting the table row. The map scrolls to display the selected file event if not currently visible. For more
information on the fields, see
or descending order by clicking the column headers. You can highlight a data point in the map by
selecting the table row. The map scrolls to display the selected file event if not currently visible. For more
information on the fields, see