Cisco Cisco Firepower Management Center 4000
4-5
FireSIGHT System User Guide
Chapter 4 Using the Context Explorer
Understanding the Context Explorer
Hover your pointer over any part of the graph to view more detailed information. Click any part of the
graph to filter or drill down on that information.
graph to filter or drill down on that information.
This graph draws data primarily from the Hosts and Indications of Compromise tables.
Viewing the Indications by Host Graph
License:
FireSIGHT
The Indications by Host graph, in bar form, displays counts of unique Indications of Compromise (IOC)
triggered by the 15 most IOC-active hosts on your monitored network.
triggered by the 15 most IOC-active hosts on your monitored network.
Hover your pointer over any part of the graph to view more detailed information. Click any part of the
graph to filter or drill down on that information.
graph to filter or drill down on that information.
This graph draws data primarily from the Hosts and Indications of Compromise tables.
Understanding the Network Information Section
License:
FireSIGHT
The Network Information section of the Context Explorer contains six interactive graphs that display an
overall picture of connection traffic on your monitored network: sources, destinations, users, and
security zones associated with traffic, a breakdown of operating systems used by hosts on the network,
as well as a proportional view of access control actions your FireSIGHT System has performed on
network traffic.
overall picture of connection traffic on your monitored network: sources, destinations, users, and
security zones associated with traffic, a breakdown of operating systems used by hosts on the network,
as well as a proportional view of access control actions your FireSIGHT System has performed on
network traffic.
For more information on the graphs in the Network Information section, see the following topics:
•
•
•
•
•
•