Cisco Cisco FirePOWER Appliance 7020
4-24
FireSIGHT System User Guide
Chapter 4 Using the Context Explorer
Understanding the Context Explorer
Hover your pointer over any part of the graph to view more detailed information. Click any part of the
graph to filter or drill down on that information.
graph to filter or drill down on that information.
Tip
To constrain the graph so it displays only hosts sending malware, hover your pointer over the graph, then
click
click
Malware
on the toggle button that appears. Click
Files
to return to the default files view. Note that
navigating away from the Context Explorer also returns the graph to the default files view.
Note that you must have a Malware license and enable malware detection for this graph to include
network-based malware data. Note also that neither the DC500 Defense Center nor Series 2 devices
support advanced malware detection, so the DC500 Defense Center cannot display this data and Series 2
devices do not detect it. See
network-based malware data. Note also that neither the DC500 Defense Center nor Series 2 devices
support advanced malware detection, so the DC500 Defense Center cannot display this data and Series 2
devices do not detect it. See
This graph draws data primarily from the File Events table.
Viewing the Top Hosts Receiving Files Graph
License:
Protection or Malware
Supported Devices:
feature dependent
Supported Defense Centers:
feature dependent
The Top Hosts Receiving Files graph, in bar form, displays counts of the number of files detected in
network traffic for the top file-receiving host IP addresses.
network traffic for the top file-receiving host IP addresses.