Cisco Cisco Firepower Management Center 2000

Admin/Intrusion Admin

Under 

, click 

.

Select the suppression setting to filter by: 

To find rules where a dynamic state is configured for packets inspected by that rule, select 

, and 

click 

. 

To find rules where a dynamic state is configured for packets based on the source of the traffic, select 

, and click 

. 

To find rules where a dynamic state is configured based on the destination of the traffic, select 

, and click 

. 

To find rules where a dynamic state of 

Generate Events

 is configured, select 

, and 

click 

. 

To find rules where a dynamic state of 

Drop and Generate Events

 is configured, select 

, and click 

. 

To find where a dynamic state of 

Disabled

 is configured, select 

, and click 

. 

To find any rule with suppression set, select 

, and click 

. 

The Rules page updates to display rules where the dynamic rule state indicated in the filter has been 
applied to the rule.

Admin/Intrusion Admin

Under 

, click 

.

Type the string of comment text to filter by. 

The Rules page updates to display rules where comments applied to the rule contain the string indicated 
in the filter.

Protection

You can filter the rules listed in the Rules page by several rule content items. For example, you can 
quickly retrieve a rule by searching for the rule SID. You can also find all rules that inspect traffic going 
to a specific destination port. 

When you select a keyword by clicking on a node in the criteria list, a pop-up window appears, where 
you supply the argument you want to filter by. 

If that keyword is already used in the filter, the argument you supply replaces the existing argument for 
that keyword.

For example, if you click 

 under 

 in the filter panel, a pop-up window appears, prompting 

you to supply a SID. If you type 

1045

, then 

SID:”1045”

is added to the filter text box. If you then click 

 again and change the SID filter to 

1044

, the filter changes to 

SID:”1044”

.